Formal verification of physical-layer security (PLS) protocols under adversarial attacks remains challenging due to the difficulty in rigorously modeling the tight coupling between authentication and confidentiality—capabilities beyond the scope of existing tools like ProVerif. Method: This paper proposes an interactive formal modeling paradigm based on Isabelle/HOL, enabling animated verification and multi-scenario security analysis. Contribution/Results: We uncover the non-intuitive property that authentication can remain intact even when confidentiality is compromised. Comparative validation against ProVerif confirms and strengthens prior confidentiality guarantees. Our framework successfully verifies session-key security of an enhanced PLS-aware Diffie–Hellman protocol under multiple eavesdropping locations and active attacks. The framework integrates watermarking and jamming mechanisms and provides a web interface for practical deployment and analysis.

Formal verification is crucial for ensuring the robustness of security protocols against adversarial attacks. The Needham-Schroeder protocol, a foundational authentication mechanism, has been extensively studied, including its integration with Physical Layer Security (PLS) techniques such as watermarking and jamming. Recent research has used ProVerif to verify these mechanisms in terms of secrecy. However, the ProVerif-based approach limits the ability to improve understanding of security beyond verification results. To overcome these limitations, we re-model the same protocol using an Isabelle formalism that generates sound animation, enabling interactive and automated formal verification of security protocols. Our modelling and verification framework is generic and highly configurable, supporting both cryptography and PLS. For the same protocol, we have conducted a comprehensive analysis (secrecy and authenticity in four different eavesdropper locations under both passive and active attacks) using our new web interface. Our findings not only successfully reproduce and reinforce previous results on secrecy but also reveal an uncommon but expected outcome: authenticity is preserved across all examined scenarios, even in cases where secrecy is compromised. We have proposed a PLS-based Diffie-Hellman protocol that integrates watermarking and jamming, and our analysis shows that it is secure for deriving a session key with required authentication. These highlight the advantages of our novel approach, demonstrating its robustness in formally verifying security properties beyond conventional methods.