This work addresses the challenge of systematically verifying the security of distributed protocols under channel faults—such as message insertion, deletion, replay, or reordering—by proposing an automated formal analysis method. The approach models protocols using Linear Temporal Logic (LTL) and employs exhaustive state-space exploration to either automatically synthesize attack traces or rigorously prove their non-existence. Notably, it achieves the first complete and sound verification of distributed protocols against arbitrary LTL specifications under a general channel fault model, without relying on manually crafted fault scenarios. Experimental evaluation demonstrates the method’s effectiveness through its successful application to the TCP protocol, where it either generates concrete attack paths or provides formal guarantees of correctness.

Distributed protocols are the linchpin of the modern internet, underpinning every internet service. This has in turn motivated a massive body of research ensuring the security, reliability, and performance of distributed protocols. In these works, a wide-ranging assumption is that distributed protocols operate over faulty or attacker-controlled channels, where messages can be arbitrarily inserted, dropped, replayed, or reordered. Formal verification work targeting distributed protocols typically defines its own notion of faulty or malicious channels, then constructively proves their protocol is correct with respect to it. In this work we take a fundamentally different approach: we develop a rigorous methodology for automatically conducting channel fault analysis on distributed protocols, and we introduce Tofu, a generalizable tool that implements our methodology. Tofu provides sound, complete analysis, synthesizing channel fault-based attack traces on arbitrary linear temporal logic (LTL) protocol specifications or proving the absence of such through an exhaustive state-space search. We demonstrate the applicability of Tofu by employing it to study TCP.