Let's Get Physical: Models and Methods for Real-World Security Protocols

Traditional security protocols are mainly concerned with key establishment and principal authentication and rely on predistributed keys and properties of cryptographic operators. In contrast, new application areas are emerging that establish and rely on properties of the physical world. Examples include protocols for secure localization, distance bounding, and device pairing. We present a formal model that extends inductive, trace-based approaches in two directions. First, we refine the standard Dolev-Yao model to account for network topology, transmission delays, and node positions. This results in a distributed intruder with restricted, but more realistic, communication capabilities. Second, we develop an abstract message theory that formalizes protocol-independent facts about messages, which hold for all instances. When verifying protocols, we instantiate the abstract message theory, modeling the properties of the cryptographic operators under consideration. We have formalized this model in Isabelle/HOL and used it to verify distance bounding protocols where the concrete message theory includes exclusive-or.

[1]  Radha Poovendran,et al.  Distance Bounding Protocols: Authentication Logic Analysis and Collusion Attacks , 2007, Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks.

[2]  Clemens Ballarin,et al.  Interpretation of Locales in Isabelle: Theories and Proof Contexts , 2006, MKM.

[3]  Frank Pfenning,et al.  Logical Frameworks , 2001, Handbook of Automated Reasoning.

[4]  T. Nipkow,et al.  Reflecting Quantifier Elimination for Linear Arithmetic , 2008 .

[5]  Radha Poovendran,et al.  Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks , 2006, Advances in Information Security.

[6]  David A. Wagner,et al.  Secure verification of location claims , 2003, WiSe '03.

[7]  Frédéric Cuppens,et al.  Computer Security - ESORICS 2000 , 2000, Lecture Notes in Computer Science.

[8]  J. Courant,et al.  Defending the Bank with a Proof Assistant , 2006 .

[9]  Srdjan Capkun,et al.  Secure positioning of wireless devices with application to sensor networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[10]  Lawrence Charles Paulson,et al.  Isabelle/HOL: A Proof Assistant for Higher-Order Logic , 2002 .

[11]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.

[12]  Robert L. Constable,et al.  Metalogical frameworks , 1993 .

[13]  Srdjan Capkun,et al.  SECTOR: secure tracking of node encounters in multi-hop wireless networks , 2003, SASN '03.

[14]  Srdjan Capkun,et al.  Modeling and Verifying Physical Properties of Security Protocols for Wireless Networks , 2009, 2009 22nd IEEE Computer Security Foundations Symposium.

[15]  Markus G. Kuhn,et al.  An RFID Distance Bounding Protocol , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[16]  Neil Evans,et al.  Analysing Time Dependent Security Properties in CSP Using PVS , 2000, ESORICS.

[17]  David A. Basin,et al.  Structuring Metatheory on Inductive Definitions , 1996, Inf. Comput..

[18]  Lawrence C. Paulson Defining functions on equivalence classes , 2006, TOCL.

[19]  Adrian Perrig,et al.  Secure broadcast communication in wired and wireless networks , 2002 .

[20]  John S. Baras,et al.  Modeling vulnerabilities of ad hoc routing protocols , 2003, SASN '03.

[21]  Tobias Nipkow,et al.  Formal Logical Methods for System Security and Correctness , 2008 .

[22]  Levente Buttyán,et al.  Provably Secure On-Demand Source Routing in Mobile Ad Hoc Networks , 2006, IEEE Transactions on Mobile Computing.

[23]  Benjamin Porter Cauchy's Mean Theorem and the Cauchy-Schwarz Inequality , 2006, Arch. Formal Proofs.

[24]  Markus G. Kuhn,et al.  So Near and Yet So Far: Distance-Bounding Attacks in Wireless Networks , 2006, ESAS.

[25]  Gene Tsudik,et al.  Security and Privacy in Ad-hoc and Sensor Networks, Second European Workshop, ESAS 2005, Visegrad, Hungary, July 13-14, 2005, Revised Selected Papers , 2005, ESAS.

[26]  Giorgio Delzanno,et al.  Automatic Verification of Time Sensitive Cryptographic Protocols , 2004, TACAS.

[27]  Dov M. Gabbay,et al.  Handbook of Philosophical Logic , 2002 .

[28]  Tor Helleseth,et al.  Advances in Cryptology — EUROCRYPT ’93 , 2001, Lecture Notes in Computer Science.

[29]  Lawrence C. Paulson,et al.  The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..