Model Checking the IKEv2 Protocol Using Spin

Previous analyses of IKEv2 concluded that the protocol was suffering from two authentication vulnerabilities: the penultimate authentication flaw and a vulnerability that leads to a reflection attack. In this paper, we analyze the IKEv2 protocol specification using the Spin model checker. To do so, we extend and improve an existing modeling method that allows analyzing security protocols using Spin. For completeness, we indicate each abstraction we make when writing the model. As a result, we confirm the penultimate authentication flaw and show that the reflection attack is actually not applicable.