I will consider the problem of automatically verifying cryptographic protocols. In particular, I will present an algorithm that, given a finite process describing a protocol in a hostile environment, computes a model in which security and authentication properties can be checked. This algorithm, I hope, will serve as the basis for a verification tool.