skip to main content
research-article

Formal Reasoning about Physical Properties of Security Protocols

Published:01 September 2011Publication History
Skip Abstract Section

Abstract

Traditional security protocols are mainly concerned with authentication and key establishment and rely on predistributed keys and properties of cryptographic operators. In contrast, new application areas are emerging that establish and rely on properties of the physical world. Examples include protocols for secure localization, distance bounding, and secure time synchronization.

We present a formal model for modeling and reasoning about such physical security protocols. Our model extends standard, inductive, trace-based, symbolic approaches with a formalization of physical properties of the environment, namely communication, location, and time. In particular, communication is subject to physical constraints, for example, message transmission takes time determined by the communication medium used and the distance between nodes. All agents, including intruders, are subject to these constraints and this results in a distributed intruder with restricted, but more realistic, communication capabilities than those of the standard Dolev-Yao intruder. We have formalized our model in Isabelle/HOL and have used it to verify protocols for authenticated ranging, distance bounding, broadcast authentication based on delayed key disclosure, and time synchronization.

References

  1. Acs, G., Buttyan, L., and Vajda, I. 2006. Provably secure on-demand source routing in mobile ad hoc networks. IEEE Trans. Mobile Comput. 5, 11, 1533--1546. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Alur, R. and Dill, D. 1994. A theory of timed automata. Theor. Comput. Sci. 126, 2, 183--235. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Archer, M. 2000. Tame: Using pvs strategies for special-purpose theorem proving. Ann. Math. Artif. Intell. 29, 1--4, 139--181. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Archer, M. 2002. Proving correctness of the basic TESLA multicast stream authentication protocol with TAME. In Proceedings of the Workshop on Issues in the Theory of Security. 14--15.Google ScholarGoogle ScholarCross RefCross Ref
  5. Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., Drielsma, P. H., Heám, P.-C., Kouchnarenko, O., Mantovani, J., Mödersheim, S., von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Viganò, L., and Vigneron, L. 2005. The AVISPA tool for the automated validation of internet security protocols and applications. In Proceedings of CAV’05. Lecture Notes in Computer Science, vol. 3576. Springer-Verlag, 281--285. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Arnaud, M., Cortier, V., and Delaune, S. 2010. Modeling and verifying ad hoc routing protocols. In Proceedings of the Computer Security Foundations Symposium, IEEE 0, 59--74. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Avoine, G., Bingöl, M. A., Kardaş, S., Lauradoux, C., and Martin, B. 2010. A framework for analyzing RFID distance bounding protocols. J. Comput. Secur. (Special Issue on RFID System Security). Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Basin, D., Capkun, S., Schaller, P., and Schmidt, B. 2009. Let’s get physical: Models and methods for real-world security protocols. In Proceedings of the 22nd International Conference on Theorem Proving in Higher Order Logics (TPHOLs’09). Springer-Verlag, Berlin, 1--22. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Brands, S. and Chaum, D. 1994. Distance-bounding protocols. In Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques on Advances in Cryptology (EUROCRYPT’93). Springer-Verlag, Berlin, 344--359. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Capkun, S. and Cagalj, M. 2006. Integrity regions: Authentication through presence in wireless networks. In Proceedings of the 5th ACM Workshop on Wireless Security (WiSe’06). ACM Press, New York, NY, 1--10. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Capkun, S. and Hubaux, J. 2006. Secure positioning in wireless networks. IEEE J. Select. Areas Comm. 24, 2, 221--232. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Capkun, S., Buttyan, L., and Hubaux, J.-P. 2003. SECTOR: Secure tracking of node encounters in multi-hop wireless networks. In Proceedings of the 1st ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN’03). ACM Press, New York, NY, 21--32. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Clulow, J., Hancke, G. P., Kuhn, M. G., and Moore, T. 2006. So near and yet so far: Distance-bounding attacks in wireless networks. In Security and Privacy in Ad-hoc and Sensor Networks. Springer, 83--97. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Corin, R., Etalle, S., Hartel, P., and Mader, A. 2007. Timed analysis of security protocols. J. Comput. Sec. 15, 6, 619--645. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Delzanno, G. and Ganty, P. 2004. Automatic verification of time sensitive cryptographic protocols. In Tools and Algorithms for the Construction and Analysis of Systems. 342--356.Google ScholarGoogle Scholar
  16. Dolev, D. and Yao, A. C. 1983. On the security of public key protocols. IEEE Trans. Inform. Theory 2, 29, 198--208.Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Drimer, S. and Murdoch, S. J. 2007. Keep your enemies close: Distance bounding against smartcard relay attacks. In Proceedings of 16th USENIX Security Symposium (Usenix’07). USENIX Association, Berkeley, CA, 1--16. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Evans, N. and Schneider, S. 2000. Analysing time dependent security properties in CSP using PVS. In Proceedings of the 6th European Symposium on Research in Computer Security (ESORICS’00). Springer-Verlag, Berlin, 222--237. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Francillion, A., Danev, B., and Capkun, S. 2010. Relay attacks on passive keyless entry and start systems in modern cars. Cryptology ePrint Archive: Report 2010/332.Google ScholarGoogle Scholar
  20. Ganeriwal, S., Pöpper, C., Capkun, S., and Srivastava, M. 2008. Secure time synchronization in sensor networks. ACM Trans. Inform. Syst. Sec. 11, 4, 23. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Gorrieri, R., Martinelli, F., Petrocchi, M., and Vaccarelli, A. 2003. Formal analysis of some timed security properties in wireless protocols. In Proceedings of the 6th IFIP Workshop on Formal Methods for Open Object-based Distributed Systems (FMOODS’03). 139--154.Google ScholarGoogle Scholar
  22. Hancke, G. P. and Kuhn, M. G. 2005. An RFID distance bounding protocol. In Proceedings of the 1st International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM’05). IEEE Computer Society, Los Alamitos, CA, 67--73. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Hopcroft, P. J. and Lowe, G. 2004. Analysing a stream authentication protocol using model checking. Int. J. Inform. Sec. 3, 1, 2--13.Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Kuhn, M. 2004. An asymmetric security mechanism for navigation signals. In Proceedings of the 6th International Workshop on Information Hiding (IH’04). (Revised Selected Papers), 239--252. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Lazos, L., Poovendran, R., and Capkun, S. 2005. ROPE: Robust position estimation in wireless sensor networks. In Proceedings of the 4th International Symposium on Information Processing in Sensor Networks (IPSN’05). 324--331. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Meadows, C., Poovendran, R., Pavlovic, D., Chang, L., and Syverson, P. 2006. Distance bounding protocols: Authentication logic analysis and collusion attacks. In Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks. 279--298.Google ScholarGoogle Scholar
  27. Nanz, S. and Hankin, C. 2006. A framework for security analysis of mobile wireless networks. Theor. Comput. Sci. 367, 1, 203--227. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Nipkow, T., Paulson, L., and Wenzel, M. 2002. Isabelle/HOL: A Proof Assistant for Higher-Order Logic. Springer. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Papadimitratos, P., Poturalski, M., Schaller, P., Lafourcade, P., Basin, D., Capkun, S., and Hubaux, J. 2008. Secure neighborhood discovery: A fundamental element for mobile ad hoc networking. IEEE Comm. Mag. 46, 2, 132--139. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Paulson, L. C. 1998. The inductive approach to verifying cryptographic protocols. J. Comput. Secur. 6, 85--128. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Perrig, A. and Tygar, J. D. 2002. Secure Broadcast Communication in Wired and Wireless Networks. Kluwer Academic Publishers, Norwell, MA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Poturalski, M., Papadimitratos, P., and Hubaux, J.-P. 2008. Secure neighbor discovery in wireless networks: formal investigation of possibility. In Proceedings of the 3rd ACM Symposium on Information, Computer, and Communications Security (ASIACCS’08). ACM, 189--200. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Rasmussen, K. B. and Capkun, S. 2010. Realization of RF distance bounding. In Proceedings of the USENIX Security Symposium. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Rasmussen, K. B., Castelluccia, C., Heydt-Benjamin, T. S., and Capkun, S. 2009. Proximity-based access control for implantable medical devices. In Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS’09). ACM. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Reid, J., Nieto, J. M. G., Tang, T., and Senadji, B. 2007. Detecting relay attacks with timing-based protocols. In Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security (ASIACCS’07). ACM, 204--213. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Sastry, N., Shankar, U., and Wagner, D. 2003. Secure verification of location claims. In Proceedings of the ACM Workshop on Wireless Security (WiSe’03). ACM Press, New York, NY, 1--10. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Schaller, P., Capkun, S., and Basin, D. 2007. BAP: Broadcast authentication using cryptographic puzzles. In Proceedings of the International Conference on Applied Cryptography and Network Security 4521 (ACNS’07). 401--419. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Schmidt, B. and Schaller, P. 2010. Isabelle theory files: Formal reasoning about physical properties of security protocols. http://people.inf.ethz.ch/benschmi/ProtoVeriPhy/.Google ScholarGoogle Scholar
  39. Sedihpour, S., Capkun, S., Ganeriwal, S., and Srivastava, M. 2005. Implementation of attacks on ultrasonic ranging systems (demo). In Proceedings of the ACM Conference on Networked Sensor Systems (SenSys). Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Sun, K., Ning, P., and Wang, C. 2006. TinySeRSync: Secure and resilient time synchronization in wireless sensor networks. In Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS’06). 264--277. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. Tippenhauer, N. O. and Capkun, S. 2009. Id-based secure distance bounding and localization. In Proceedings of the European Symposium on Research in Computer Security (ESORICS). Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Yang, S. and Baras, J. S. 2003. Modeling vulnerabilities of ad hoc routing protocols. In Proceedings of the 1st ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN’03). ACM, New York, NY, 12--20. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Formal Reasoning about Physical Properties of Security Protocols

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    • Published in

      cover image ACM Transactions on Information and System Security
      ACM Transactions on Information and System Security  Volume 14, Issue 2
      September 2011
      199 pages
      ISSN:1094-9224
      EISSN:1557-7406
      DOI:10.1145/2019599
      Issue’s Table of Contents

      Copyright © 2011 ACM

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      • Published: 1 September 2011
      • Accepted: 1 April 2011
      • Revised: 1 March 2011
      • Received: 1 October 2010
      Published in tissec Volume 14, Issue 2

      Permissions

      Request permissions about this article.

      Request Permissions

      Check for updates

      Qualifiers

      • research-article
      • Research
      • Refereed

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!