Formal Verification of HMQV Using ASM-SPV

Model checking is widely used in the verification of security protocols. However, difficulties were often encountered when trying to formalize the complex underlying computations in security protocols. Some flaws of the security protocols, especially the ones that caused by the computations weakness, cannot be detected owing to the simple abstractions of its underlying computations. In this paper, we present a method to verify a key establishment protocol HMQV, where we propose a simple formalization of its underlying Diffie-Hellman exponentiation. The formal model of HMQV is verified by our newly released model checker ASM-SPV (Abstract State Machines-Security Protocol Verifier). Experiments show that the attacks (reported by Sarr et al.) can be found under the proposed formal model of HMQV by ASM-SPV.

[1]  Egon Börger,et al.  Abstract State Machines. A Method for High-Level System Design and Analysis , 2003 .

[2]  Jean-Claude Bajard,et al.  A Secure and Efficient Authenticated Diffie-Hellman Protocol , 2009, EuroPKI.

[3]  Aaas News,et al.  Book Reviews , 1893, Buffalo Medical and Surgical Journal.

[4]  Roozbeh Farahbod,et al.  CoreASM: An Extensible ASM Execution Engine , 2007, Fundam. Informaticae.

[5]  Stefan Kowalewski,et al.  Direct Support for Model Checking Abstract State Machines by Utilizing Simulation , 2008, ABZ.

[6]  Alfred Menezes,et al.  An Efficient Protocol for Authenticated Key Agreement , 2003, Des. Codes Cryptogr..

[7]  Hugo Krawczyk,et al.  HMQV: A High-Performance Secure Diffie-Hellman Protocol , 2005, CRYPTO.

[8]  John C. Mitchell,et al.  Automated analysis of cryptographic protocols using Mur/spl phi/ , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[9]  Ross J. Anderson,et al.  Programming Satan's Computer , 1995, Computer Science Today.

[10]  G. Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol using CSP and FDR , 1996 .

[11]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[12]  Yuri Gurevich,et al.  Sequential abstract-state machines capture sequential algorithms , 2000, TOCL.