Modeling Human Errors in Security Protocols ( Full Version )

Many security protocols involve humans, not machines, as endpoints. The differences are critical: humans are not only computationally weaker than machines, they are naive, careless, and gullible. In this paper, we provide a model for formalizing and reasoning about these inherent human limitations and their consequences. Specifically, we formalize models of fallible humans in security protocols as multiset rewrite theories. We show how the Tamarin tool can then be used to automatically analyze security protocols involving human errors. We provide case studies of authentication protocols that show how different protocol constructions and features differ in their effectiveness with respect to different kinds of fallible humans. This provides a starting point for a fine-grained classification of security protocols from a usable-security perspective.

[1]  Martín Abadi,et al.  Mobile values, new names, and secure communication , 2001, POPL '01.

[2]  Gavin Lowe,et al.  A hierarchy of authentication specifications , 1997, Proceedings 10th Computer Security Foundations Workshop.

[3]  Ueli Maurer,et al.  A Calculus for Security Bootstrapping in Distributed Systems , 1996, J. Comput. Secur..

[4]  David E. Kieras,et al.  The GOMS family of user interface analysis techniques: comparison and contrast , 1996, TCHI.

[5]  Claudio Soriente,et al.  Sound-Proof: Usable Two-Factor Authentication Based on Ambient Sound , 2015, USENIX Security Symposium.

[6]  Bernhard Beckert,et al.  A Method for Formalizing, Analyzing, and Verifying Secure User Interfaces , 2006, ICFEM.

[7]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[8]  Jean Everson Martina,et al.  A Proposed Framework for Analysing Security Ceremonies , 2012, SECRYPT.

[9]  Paul C. van Oorschot,et al.  Leveraging personal devices for stronger password authentication from untrusted computers , 2011, J. Comput. Secur..

[10]  Adrian Perrig,et al.  Phoolproof Phishing Prevention , 2006, Financial Cryptography.

[11]  Ann Blandford,et al.  Modelling and analysing cognitive causes of security breaches , 2008, Innovations in Systems and Software Engineering.

[12]  Marti A. Hearst,et al.  Why phishing works , 2006, CHI.

[13]  David A. Basin,et al.  The TAMARIN Prover for the Symbolic Analysis of Security Protocols , 2013, CAV.

[14]  Carl M. Ellison,et al.  Ceremony Design and Analysis , 2007, IACR Cryptol. ePrint Arch..

[15]  Angela Sasse,et al.  Humans in the Loop Human – Computer Interaction and Security , 2022 .

[16]  Frank Stajano,et al.  The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes , 2012, 2012 IEEE Symposium on Security and Privacy.

[17]  Lorrie Faith Cranor,et al.  A Framework for Reasoning About the Human in the Loop , 2008, UPSEC.

[18]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[19]  Sonia Chiasson,et al.  Why phishing still works: User strategies for combating phishing attacks , 2015, Int. J. Hum. Comput. Stud..

[20]  Cas J. F. Cremers,et al.  Operational Semantics and Verification of Security Protocols , 2012, Information Security and Cryptography.

[21]  David Basin SaRadomirovi,et al.  A Complete Characterization of Secure Human-Server Communication , 2015 .

[22]  James Reason,et al.  Human Error , 1990 .

[23]  David A. Basin,et al.  Automated Analysis of Diffie-Hellman Protocols and Advanced Security Properties , 2012, 2012 IEEE 25th Computer Security Foundations Symposium.