Tracking Security Flaws in Cryptographic Protocols Using Witness-Functions

In this paper, we use witness-function to capture attack scenarios in cryptographic protocols. A witness-function is a protocol-dependent metric that attributes a reliable security level to every atomic message. We use these functions to prove the protocol correctness with respect to secrecy by proving that the security level of every atomic message never decreases throughout all consecutive receiving and sending steps of the protocol. In this paper, we analyze the defective variant of the Otway-Rees protocol and we demonstrate that the use of witness-functions can be a key element in tracing a well-known type flaw that this protocol involves.

[1]  Monica Nesi,et al.  Deriving the Type Flaw Attacks in the Otway-Rees Protocol by Rewriting , 2006, Nord. J. Comput..

[2]  Steve A. Schneider Security properties and CSP , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[3]  Mourad Debbabi,et al.  Modeling Security Protocols as Games , 2007 .

[4]  Véronique Cortier,et al.  Safely composing security protocols , 2009, Formal Methods Syst. Des..

[5]  John C. Mitchell,et al.  Automated analysis of cryptographic protocols using Mur/spl phi/ , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[6]  Hamido Fujita,et al.  Secrecy of cryptographic protocols under equational theory , 2009, Knowl. Based Syst..

[7]  Véronique Cortier,et al.  Decidability and Combination Results for Two Notions of Knowledge in Security Protocols , 2012, Journal of Automated Reasoning.

[8]  Mohamed Mejri,et al.  Secrecy by Witness Functions , 2014, FMS @ Petri Nets.

[9]  Luca Viganò,et al.  Automated Security Protocol Analysis With the AVISPA Tool , 2006, MFPS.

[10]  Bruno Blanchet,et al.  An efficient cryptographic protocol verifier based on prolog rules , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[11]  Véronique Cortier,et al.  Protocol Composition for Arbitrary Primitives , 2010, 2010 23rd IEEE Computer Security Foundations Symposium.

[12]  Mourad Debbabi,et al.  rmal Automatic Verification of Authentication . , 1997 .

[13]  Catherine A. Meadows,et al.  Analysis of the Internet Key Exchange protocol using the NRL Protocol Analyzer , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[14]  Véronique Cortier Secure Composition of Protocols , 2011, TOSCA.

[15]  Mohamed Mejri,et al.  Practical and Universal Interpretation Functions for Secrecy , 2007, SECRYPT.

[16]  Mourad Debbabi,et al.  An environment for the specification and analysis of cryptoprotocols , 1998, Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217).

[17]  Mohamed Mejri,et al.  Formal Analysis of SET and NSL Protocols Using the Interpretation Functions-Based Method , 2012, J. Comput. Networks Commun..

[18]  Steve A. Schneider,et al.  A decision procedure for the existence of a rank function , 2005, J. Comput. Secur..

[19]  Nadia Tawbi,et al.  From protocol specifications to flaws and attack scenarios: an automatic and formal algorithm , 1997, Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises.

[20]  Mohamed Mejri,et al.  Ensuring the Correctness of Cryptographic Protocols with Respect to Secrecy , 2008, SECRYPT.

[21]  Steve A. Schneider,et al.  Verifying Security Protocols: An Application of CSP , 2004, 25 Years Communicating Sequential Processes.

[22]  Jonathan K. Millen,et al.  The Interrogator: Protocol Secuity Analysis , 1987, IEEE Transactions on Software Engineering.

[23]  Andrew Beng Jin Teoh,et al.  Fuzzy Key Extraction from Fingerprint Biometrics based on Dynamic Quantization Mechanism , 2007 .

[24]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).