Analysing a stream authentication protocol using model checking

In this paper, we consider how one can analyse a stream authentication protocol using model checking techniques. In particular, we will be focusing on the Timed Efficient Stream Loss-tolerant Authentication Protocol, TESLA. This protocol differs from the standard class of authentication protocols previously analysed using model checking techniques in the following interesting way: an unbounded stream of messages is broadcast by a sender, making use of an unbounded stream of keys; the authentication of the n-th message in the stream is achieved on receipt of the n+1-th message. We show that, despite the infinite nature of the protocol, it is possible to build a finite model that correctly captures its behaviour.

[1]  A. W. Roscoe,et al.  Proving security protocols with model checkers by data independence techniques , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).

[2]  Michael Goldsmith The perfect spy for model−checking crypto−protocols , 1997 .

[3]  Steve A. Schneider,et al.  Equal To The Task? , 2002, ESORICS.

[4]  Andrew William Roscoe,et al.  The Theory and Practice of Concurrency , 1997 .

[5]  Ran Canetti,et al.  Efficient authentication and signing of multicast streams over lossy channels , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[6]  Mei Lin Hui A CSP approach to the analysis of security protocols , 2001 .

[7]  Gavin Lowe Casper: a compiler for the analysis of security protocols , 1998 .

[8]  Michael Goldsmith,et al.  Modelling and analysis of security protocols , 2001 .

[9]  Charalampos Manifavas,et al.  A new family of authentication protocols , 1998, OPSR.

[10]  Gavin Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[11]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[12]  Gavin Lowe,et al.  Fault-Preserving Simplifying Transformations for Security Protocols , 2001, J. Comput. Secur..

[13]  A. W. Roscoe,et al.  Automating Data Independence , 2000, ESORICS.

[14]  A. W. Roscoe,et al.  Using CSP to Detect Errors in the TMN Protocol , 1997, IEEE Trans. Software Eng..

[15]  C. A. R. Hoare,et al.  Communicating Sequential Processes (Reprint) , 1983, Commun. ACM.

[16]  Myla Archer Proving Correctness of the Basic TESLA Multicast Stream Authentication Protocol with TAME , 2002 .