Modeling and Verifying Time Sensitive Security Protocols with Constraints

This paper researches the characteristic of time sensitive protocols and presents a method with simple operations to verify protocols with time stamps and avoid false attacks. Firstly, an extension of @p calculus is given to model a time sensitive security protocol. And then, by appending linear arithmetic constraints to the Horn logic model, the extended Horn logic model of security protocols and the modified-version verification method with time constraints are represented. All operations and the strategy of verification are defined for our constraints system. Thirdly, a method is given to determine whether the constraints has a solution or not. Finally, as a result of an experiment, Denning-Sacco protocol with time stamps is verified. The experiment shows that our approach is an innovative and effective method on verifying time sensitive security protocols.

[1]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[2]  Bruno Blanchet,et al.  From Secrecy to Authenticity in Security Protocols , 2002, SAS.

[3]  Roberto Gorrieri,et al.  A Simple Language for Real-Time Cryptographic Protocol Analysis , 2003, ESOP.

[4]  Yassine Lakhnech,et al.  A symbolic decision procedure for cryptographic protocols with time stamps , 2005, J. Log. Algebraic Methods Program..

[5]  Clifford Stein,et al.  Introduction to Algorithms, 2nd edition. , 2001 .

[6]  Zhoujun Li,et al.  Constraints Solution for Time Sensitive Security Protocols , 2007, FAW.

[7]  Pieter H. Hartel,et al.  Timed model checking of security protocols , 2004, FMSE '04.

[8]  Neil Evans,et al.  Analysing Time Dependent Security Properties in CSP Using PVS , 2000, ESORICS.

[9]  Gavin Lowe,et al.  Casper: a compiler for the analysis of security protocols , 1997, Proceedings 10th Computer Security Foundations Workshop.

[10]  Giovanni Maria Sacco,et al.  Timestamps in key distribution protocols , 1981, CACM.

[11]  Li Zhou,et al.  Security Protocol's Extended Horn Logic Model and Its Verification Method , 2006 .

[12]  Bruno Blanchet,et al.  An efficient cryptographic protocol verifier based on prolog rules , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[13]  Zhou Ti,et al.  Automatically Constructing Counter-Examples of Security Protocols Based on the Extended Horn Logic Model , 2007 .

[14]  Giampaolo Bella,et al.  Inductive verification of cryptographic protocols , 2000 .

[15]  Alexander Schrijver,et al.  Theory of linear and integer programming , 1986, Wiley-Interscience series in discrete mathematics and optimization.

[16]  Ronald L. Rivest,et al.  Introduction to Algorithms , 1990 .

[17]  Yassine Lakhnech,et al.  A symbolic decision procedure for cryptographic protocols with time stamps , 2004, J. Log. Algebraic Methods Program..

[18]  Danny Dolev,et al.  On the Security of Public Key Protocols (Extended Abstract) , 1981, FOCS.

[19]  Meng-Jun Li SPVT: An Efficient Verification Tool for Security Protocol , 2006 .

[20]  Paul F. Syverson Adding time to a logic of authentication , 1993, CCS '93.

[21]  Giorgio Delzanno,et al.  Automatic Verification of Time Sensitive Cryptographic Protocols , 2004, TACAS.

[22]  Peter Sewell Applied π – a brief tutorial , 2000 .

[23]  Joël Ouaknine,et al.  On Timed Models and Full Abstraction , 2006, MFPS.

[24]  Gavin Lowe,et al.  Fault-Preserving Simplifying Transformations for Security Protocols , 2001, J. Comput. Secur..

[25]  John Zic,et al.  On Modelling Real-Time Mobile Processes , 2002, ACSC.