Section: New Software and Platforms


Participants : Bruno Blanchet [correspondant] , Xavier Allamigeon [April–July 2004] , Vincent Cheval [Sept. 2011–Dec. 2014] , Benjamin Smyth [Sept. 2009–Feb. 2010] , Marc Sylvestre [Oct. 2016–] .

ProVerif  (http://proverif.inria.fr) is an automatic security protocol verifier in the symbolic model (so called Dolev-Yao model). In this model, cryptographic primitives are considered as black boxes. This protocol verifier is based on an abstract representation of the protocol by Horn clauses. Its main features are:

  • It can handle many different cryptographic primitives, specified as rewrite rules or as equations.

  • It can handle an unbounded number of sessions of the protocol (even in parallel) and an unbounded message space.

The ProVerif verifier can prove the following properties:

  • secrecy (the adversary cannot obtain the secret);

  • authentication and more generally correspondence properties, of the form “if an event has been executed, then other events have been executed as well”;

  • strong secrecy (the adversary does not see the difference when the value of the secret changes);

  • equivalences between processes that differ only by terms.

ProVerif is widely used by the research community on the verification of security protocols (see http://proverif.inria.fr/proverif-users.html for references).

ProVerif is freely available on the web, at http://proverif.inria.fr/, under the GPL license.