Abstract
Traditional security protocols are mainly concerned with authentication and key establishment and rely on predistributed keys and properties of cryptographic operators. In contrast, new application areas are emerging that establish and rely on properties of the physical world. Examples include protocols for secure localization, distance bounding, and secure time synchronization.
We present a formal model for modeling and reasoning about such physical security protocols. Our model extends standard, inductive, trace-based, symbolic approaches with a formalization of physical properties of the environment, namely communication, location, and time. In particular, communication is subject to physical constraints, for example, message transmission takes time determined by the communication medium used and the distance between nodes. All agents, including intruders, are subject to these constraints and this results in a distributed intruder with restricted, but more realistic, communication capabilities than those of the standard Dolev-Yao intruder. We have formalized our model in Isabelle/HOL and have used it to verify protocols for authenticated ranging, distance bounding, broadcast authentication based on delayed key disclosure, and time synchronization.
- Acs, G., Buttyan, L., and Vajda, I. 2006. Provably secure on-demand source routing in mobile ad hoc networks. IEEE Trans. Mobile Comput. 5, 11, 1533--1546. Google Scholar
Digital Library
- Alur, R. and Dill, D. 1994. A theory of timed automata. Theor. Comput. Sci. 126, 2, 183--235. Google Scholar
Digital Library
- Archer, M. 2000. Tame: Using pvs strategies for special-purpose theorem proving. Ann. Math. Artif. Intell. 29, 1--4, 139--181. Google Scholar
Digital Library
- Archer, M. 2002. Proving correctness of the basic TESLA multicast stream authentication protocol with TAME. In Proceedings of the Workshop on Issues in the Theory of Security. 14--15.Google Scholar
Cross Ref
- Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., Drielsma, P. H., Heám, P.-C., Kouchnarenko, O., Mantovani, J., Mödersheim, S., von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Viganò, L., and Vigneron, L. 2005. The AVISPA tool for the automated validation of internet security protocols and applications. In Proceedings of CAV’05. Lecture Notes in Computer Science, vol. 3576. Springer-Verlag, 281--285. Google Scholar
Digital Library
- Arnaud, M., Cortier, V., and Delaune, S. 2010. Modeling and verifying ad hoc routing protocols. In Proceedings of the Computer Security Foundations Symposium, IEEE 0, 59--74. Google Scholar
Digital Library
- Avoine, G., Bingöl, M. A., Kardaş, S., Lauradoux, C., and Martin, B. 2010. A framework for analyzing RFID distance bounding protocols. J. Comput. Secur. (Special Issue on RFID System Security). Google Scholar
Digital Library
- Basin, D., Capkun, S., Schaller, P., and Schmidt, B. 2009. Let’s get physical: Models and methods for real-world security protocols. In Proceedings of the 22nd International Conference on Theorem Proving in Higher Order Logics (TPHOLs’09). Springer-Verlag, Berlin, 1--22. Google Scholar
Digital Library
- Brands, S. and Chaum, D. 1994. Distance-bounding protocols. In Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques on Advances in Cryptology (EUROCRYPT’93). Springer-Verlag, Berlin, 344--359. Google Scholar
Digital Library
- Capkun, S. and Cagalj, M. 2006. Integrity regions: Authentication through presence in wireless networks. In Proceedings of the 5th ACM Workshop on Wireless Security (WiSe’06). ACM Press, New York, NY, 1--10. Google Scholar
Digital Library
- Capkun, S. and Hubaux, J. 2006. Secure positioning in wireless networks. IEEE J. Select. Areas Comm. 24, 2, 221--232. Google Scholar
Digital Library
- Capkun, S., Buttyan, L., and Hubaux, J.-P. 2003. SECTOR: Secure tracking of node encounters in multi-hop wireless networks. In Proceedings of the 1st ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN’03). ACM Press, New York, NY, 21--32. Google Scholar
Digital Library
- Clulow, J., Hancke, G. P., Kuhn, M. G., and Moore, T. 2006. So near and yet so far: Distance-bounding attacks in wireless networks. In Security and Privacy in Ad-hoc and Sensor Networks. Springer, 83--97. Google Scholar
Digital Library
- Corin, R., Etalle, S., Hartel, P., and Mader, A. 2007. Timed analysis of security protocols. J. Comput. Sec. 15, 6, 619--645. Google Scholar
Digital Library
- Delzanno, G. and Ganty, P. 2004. Automatic verification of time sensitive cryptographic protocols. In Tools and Algorithms for the Construction and Analysis of Systems. 342--356.Google Scholar
- Dolev, D. and Yao, A. C. 1983. On the security of public key protocols. IEEE Trans. Inform. Theory 2, 29, 198--208.Google Scholar
Digital Library
- Drimer, S. and Murdoch, S. J. 2007. Keep your enemies close: Distance bounding against smartcard relay attacks. In Proceedings of 16th USENIX Security Symposium (Usenix’07). USENIX Association, Berkeley, CA, 1--16. Google Scholar
Digital Library
- Evans, N. and Schneider, S. 2000. Analysing time dependent security properties in CSP using PVS. In Proceedings of the 6th European Symposium on Research in Computer Security (ESORICS’00). Springer-Verlag, Berlin, 222--237. Google Scholar
Digital Library
- Francillion, A., Danev, B., and Capkun, S. 2010. Relay attacks on passive keyless entry and start systems in modern cars. Cryptology ePrint Archive: Report 2010/332.Google Scholar
- Ganeriwal, S., Pöpper, C., Capkun, S., and Srivastava, M. 2008. Secure time synchronization in sensor networks. ACM Trans. Inform. Syst. Sec. 11, 4, 23. Google Scholar
Digital Library
- Gorrieri, R., Martinelli, F., Petrocchi, M., and Vaccarelli, A. 2003. Formal analysis of some timed security properties in wireless protocols. In Proceedings of the 6th IFIP Workshop on Formal Methods for Open Object-based Distributed Systems (FMOODS’03). 139--154.Google Scholar
- Hancke, G. P. and Kuhn, M. G. 2005. An RFID distance bounding protocol. In Proceedings of the 1st International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM’05). IEEE Computer Society, Los Alamitos, CA, 67--73. Google Scholar
Digital Library
- Hopcroft, P. J. and Lowe, G. 2004. Analysing a stream authentication protocol using model checking. Int. J. Inform. Sec. 3, 1, 2--13.Google Scholar
Digital Library
- Kuhn, M. 2004. An asymmetric security mechanism for navigation signals. In Proceedings of the 6th International Workshop on Information Hiding (IH’04). (Revised Selected Papers), 239--252. Google Scholar
Digital Library
- Lazos, L., Poovendran, R., and Capkun, S. 2005. ROPE: Robust position estimation in wireless sensor networks. In Proceedings of the 4th International Symposium on Information Processing in Sensor Networks (IPSN’05). 324--331. Google Scholar
Digital Library
- Meadows, C., Poovendran, R., Pavlovic, D., Chang, L., and Syverson, P. 2006. Distance bounding protocols: Authentication logic analysis and collusion attacks. In Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks. 279--298.Google Scholar
- Nanz, S. and Hankin, C. 2006. A framework for security analysis of mobile wireless networks. Theor. Comput. Sci. 367, 1, 203--227. Google Scholar
Digital Library
- Nipkow, T., Paulson, L., and Wenzel, M. 2002. Isabelle/HOL: A Proof Assistant for Higher-Order Logic. Springer. Google Scholar
Digital Library
- Papadimitratos, P., Poturalski, M., Schaller, P., Lafourcade, P., Basin, D., Capkun, S., and Hubaux, J. 2008. Secure neighborhood discovery: A fundamental element for mobile ad hoc networking. IEEE Comm. Mag. 46, 2, 132--139. Google Scholar
Digital Library
- Paulson, L. C. 1998. The inductive approach to verifying cryptographic protocols. J. Comput. Secur. 6, 85--128. Google Scholar
Digital Library
- Perrig, A. and Tygar, J. D. 2002. Secure Broadcast Communication in Wired and Wireless Networks. Kluwer Academic Publishers, Norwell, MA. Google Scholar
Digital Library
- Poturalski, M., Papadimitratos, P., and Hubaux, J.-P. 2008. Secure neighbor discovery in wireless networks: formal investigation of possibility. In Proceedings of the 3rd ACM Symposium on Information, Computer, and Communications Security (ASIACCS’08). ACM, 189--200. Google Scholar
Digital Library
- Rasmussen, K. B. and Capkun, S. 2010. Realization of RF distance bounding. In Proceedings of the USENIX Security Symposium. Google Scholar
Digital Library
- Rasmussen, K. B., Castelluccia, C., Heydt-Benjamin, T. S., and Capkun, S. 2009. Proximity-based access control for implantable medical devices. In Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS’09). ACM. Google Scholar
Digital Library
- Reid, J., Nieto, J. M. G., Tang, T., and Senadji, B. 2007. Detecting relay attacks with timing-based protocols. In Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security (ASIACCS’07). ACM, 204--213. Google Scholar
Digital Library
- Sastry, N., Shankar, U., and Wagner, D. 2003. Secure verification of location claims. In Proceedings of the ACM Workshop on Wireless Security (WiSe’03). ACM Press, New York, NY, 1--10. Google Scholar
Digital Library
- Schaller, P., Capkun, S., and Basin, D. 2007. BAP: Broadcast authentication using cryptographic puzzles. In Proceedings of the International Conference on Applied Cryptography and Network Security 4521 (ACNS’07). 401--419. Google Scholar
Digital Library
- Schmidt, B. and Schaller, P. 2010. Isabelle theory files: Formal reasoning about physical properties of security protocols. http://people.inf.ethz.ch/benschmi/ProtoVeriPhy/.Google Scholar
- Sedihpour, S., Capkun, S., Ganeriwal, S., and Srivastava, M. 2005. Implementation of attacks on ultrasonic ranging systems (demo). In Proceedings of the ACM Conference on Networked Sensor Systems (SenSys). Google Scholar
Digital Library
- Sun, K., Ning, P., and Wang, C. 2006. TinySeRSync: Secure and resilient time synchronization in wireless sensor networks. In Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS’06). 264--277. Google Scholar
Digital Library
- Tippenhauer, N. O. and Capkun, S. 2009. Id-based secure distance bounding and localization. In Proceedings of the European Symposium on Research in Computer Security (ESORICS). Google Scholar
Digital Library
- Yang, S. and Baras, J. S. 2003. Modeling vulnerabilities of ad hoc routing protocols. In Proceedings of the 1st ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN’03). ACM, New York, NY, 12--20. Google Scholar
Digital Library
Index Terms
Formal Reasoning about Physical Properties of Security Protocols
Recommendations
Compositional verification of a communication protocol for a remotely operated aircraft
This paper presents the formal specification and verification of a communication protocol between a ground station and a remotely operated aircraft. The protocol can be seen as the vertical composition of protocol layers, where each layer performs input ...
Reasoning about Object-based Calculi in (Co)Inductive Type Theory and the Theory of Contexts
AbstractWe illustrate a methodology for formalizing and reasoning about Abadi and Cardelli’s object-based calculi, in (co)inductive type theory, such as the Calculus of (Co)Inductive Constructions, by taking advantage of natural deduction semantics and ...






Comments