Modeling and Verifying Physical Properties of Security Protocols for Wireless Networks

We present a formal model for modeling and reasoning about security protocols. Our model extends standard, inductive, trace-based, symbolic approaches with a formalization of physical properties of the environment, namely communication, location, and time. In particular, communication is subject to physical constraints, for example, message transmission takes time determined by the communication medium used and the distance traveled. All agents, including intruders, are subject to these constraints and this results in a distributed intruder with restricted, but more realistic, communication capabilities than those of the standard Dolev-Yao intruder. We have formalized our model in Isabelle/HOL and used it to verify protocols for authenticated ranging, distance bounding, and broadcast authentication based on delayed key disclosure.

[1]  Radha Poovendran,et al.  Distance Bounding Protocols: Authentication Logic Analysis and Collusion Attacks , 2007, Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks.

[2]  David A. Wagner,et al.  Secure verification of location claims , 2003, WiSe '03.

[3]  Pieter H. Hartel,et al.  Timed analysis of security protocols , 2005, J. Comput. Secur..

[4]  Clemens Ballarin,et al.  Interpretation of Locales in Isabelle: Theories and Proof Contexts , 2006, MKM.

[5]  Srdjan Capkun,et al.  SecNav: secure broadcast localization and time synchronization in wireless networks , 2007, MobiCom '07.

[6]  Gavin Lowe,et al.  Analysing a stream authentication protocol using model checking , 2002, International Journal of Information Security.

[7]  Panagiotis Papadimitratos,et al.  Secure neighbor discovery in wireless networks: formal investigation of possibility , 2008, ASIACCS '08.

[8]  Markus G. Kuhn,et al.  An RFID Distance Bounding Protocol , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[9]  Roberto Gorrieri,et al.  Formal Anaylsis of Some Timed Security Properties in Wireless Protocols , 2003, FMOODS.

[10]  Sebastian Mödersheim,et al.  The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications , 2005, CAV.

[11]  Markus G. Kuhn,et al.  An Asymmetric Security Mechanism for Navigation Signals , 2004, Information Hiding.

[12]  John S. Baras,et al.  Modeling vulnerabilities of ad hoc routing protocols , 2003, SASN '03.

[13]  Srdjan Capkun,et al.  Secure neighborhood discovery: a fundamental element for mobile ad hoc networking , 2008, IEEE Communications Magazine.

[14]  Chris Hankin,et al.  A framework for security analysis of mobile wireless networks , 2006, Theor. Comput. Sci..

[15]  Neil Evans,et al.  Analysing Time Dependent Security Properties in CSP Using PVS , 2000, ESORICS.

[16]  Michael R. Hansen,et al.  Timed Traces and Strand Spaces , 2007, CSR.

[17]  Bruno Blanchet,et al.  An efficient cryptographic protocol verifier based on prolog rules , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[18]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..

[19]  Srdjan Capkun,et al.  BAP: Broadcast Authentication Using Cryptographic Puzzles , 2007, ACNS.

[20]  Srdjan Capkun,et al.  ROPE: robust position estimation in wireless sensor networks , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[21]  Srdjan Capkun,et al.  Secure positioning in wireless networks , 2006, IEEE Journal on Selected Areas in Communications.

[22]  Tor Helleseth,et al.  Workshop on the theory and application of cryptographic techniques on Advances in cryptology , 1994 .

[23]  Juan Manuel González Nieto,et al.  Detecting relay attacks with timing-based protocols , 2007, ASIACCS '07.

[24]  S. Shankar Sastry,et al.  Time synchronization attacks in sensor networks , 2005, SASN '05.

[25]  Ghassan O. Karame,et al.  Integrity Regions: Authentication through Presence in Wireless Networks , 2006, IEEE Transactions on Mobile Computing.

[26]  Nils Ole Tippenhauer,et al.  UWB-based Secure Ranging and Localization , 2008 .

[27]  Lawrence C. Paulson,et al.  The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..

[28]  Levente Buttyán,et al.  Provably Secure On-Demand Source Routing in Mobile Ad Hoc Networks , 2006, IEEE Transactions on Mobile Computing.

[29]  Dawn Song,et al.  The TESLA Broadcast Authentication Protocol , 2002 .

[30]  Tobias Nipkow,et al.  A Proof Assistant for Higher-Order Logic , 2002 .

[31]  Benjamin Porter Cauchy's Mean Theorem and the Cauchy-Schwarz Inequality , 2006, Arch. Formal Proofs.

[32]  Giorgio Delzanno,et al.  Automatic Verification of Time Sensitive Cryptographic Protocols , 2004, TACAS.

[33]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[34]  Lawrence Charles Paulson,et al.  Isabelle/HOL: A Proof Assistant for Higher-Order Logic , 2002 .

[35]  Srdjan Capkun,et al.  Secure time synchronization service for sensor networks , 2005, WiSe '05.

[36]  Steven J. Murdoch,et al.  Keep Your Enemies Close: Distance Bounding Against Smartcard Relay Attacks , 2007, USENIX Security Symposium.

[37]  Adrian Perrig,et al.  Secure broadcast communication in wired and wireless networks , 2002 .

[38]  Srdjan Capkun,et al.  SECTOR: secure tracking of node encounters in multi-hop wireless networks , 2003, SASN '03.

[39]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[40]  Steve Sims,et al.  TAME: A PVS Interface to Simplify Proofs for Automata Models , 1998 .

[41]  Giampaolo Bella,et al.  Formal Correctness of Security Protocols (Information Security and Cryptography) , 2007 .

[42]  Vitaly Shmatikov,et al.  Secure Verification of Location Claims with Simultaneous Distance Modification , 2007, ASIAN.

[43]  Cédric Lauradoux,et al.  Distance Bounding Protocols on TH-UWB Radios , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[44]  Markus G. Kuhn,et al.  So Near and Yet So Far: Distance-Bounding Attacks in Wireless Networks , 2006, ESAS.

[45]  Peng Ning,et al.  TinySeRSync: secure and resilient time synchronization in wireless sensor networks , 2006, CCS '06.

[46]  Myla Archer Proving Correctness of the Basic TESLA Multicast Stream Authentication Protocol with TAME , 2002 .