Applying Formal Methods to the Analysis of a Key Management Protocol

In this paper we develop methods for analyzing key management and authentication protocols using techniques developed for the solutions of equations in a term rewriting system. In particular, we describe a model of a class of protocols and possible attacks on those protocols as term rewriting systems, and we also describe a software tool based on a narrowing algorithm that can be used in the analysis of such protocols. We formally model a protocol and describe the results of using these techniques to analyze security properties. We show how a security flaw was found, and we also describe the verification of a corrected scheme using these techniques.