@article { author = {Pourpouneh, M. and Ramezanian, R.}, title = {A short introduction to two approaches in formal verification of security protocols: model checking and theorem proving}, journal = {The ISC International Journal of Information Security}, volume = {8}, number = {1}, pages = {3-24}, year = {2016}, publisher = {Iranian Society of Cryptology}, issn = {2008-2045}, eissn = {2008-3076}, doi = {10.22042/isecure.2016.8.1.1}, abstract = {In this paper, we shortly review two formal approaches in verification of security protocols; model checking and theorem proving. Model checking is based on studying the behavior of protocols via generating all different behaviors of a protocol and checking whether the desired goals are satisfied in all instances or not. We investigate Scyther operational semantics as n example of this approach and then we model and verify some famous security protocols using Scyther. Theorem proving is based on deriving the desired goals from assumption of protocols via a deduction system. We define a deduction system named Simple Logic for Authentication to formally define the notion of authenticated communication based on the structure of the messages, and then we several famous protocols using our proposed deduction system and compare it with the verification results of Scyther model checking.}, keywords = {Cryptographic Protocols,Formal,Verification,Model Checking,Theorem Proving}, url = {https://www.isecure-journal.com/article_40676.html}, eprint = {https://www.isecure-journal.com/article_40676_b04f81eb888f84ee26045d193b349ee0.pdf} }