Automated Verification of Accountability in Security Protocols
share
Accounting for misbehavior, instead of postulating trustworthiness, has been put forward as a new paradigm in protocol design. Accountability is meant to establish trust in the first place and to recognize and react if this trust is violated. Recently, a protocol-agnostic definition of accountability was proposed, characterizing misbehavior as deviations from the protocol that cause security violations. In this work, we provide the first mechanised method for the verification of accountability and demonstrate its use for verification and attack finding on various examples from the accountability and causality literature, including Kroll's accountable algorithms protocol. We reach a high degree of automation by transferring accountability to the centralized adversary setting in which almost all protocol verification tools operate. We show that accountability can be expressed in terms of trace properties, resulting in a sound and complete verification technique.
READ FULL TEXT
