Verifying Group Authentication Protocols by Scyther
Scyther [1] is a tool designed to formally analyze security protocols, their security requirements and potential vulnerabilities. It is designed under the perfect or unbreakable encryption assumption [2], which means that an adversary learns nothing from an encrypted message unless he knows the decryption key. To our best knowledge, most protocols analyzed using Scyther are widely used standards and their complexity are limited. In this paper, we use Scyther to analyze two complex group authentication protocols [3] and their security properties. Due to the design goals and limitations of Scyther, we have only checked a subset of the security properties, which show that the group authentication protocols provide mutual authentication, implicit key authentication and they are secure against impersonation attack and passive adversaries. To achieve this, we have extended the expressing ability of Scyther based on some reasonable assumptions.