On the Security of Cryptographic Protocols Using the Little Theorem of Witness Functions

In this paper, we show how practical the little theorem of witness functions is in detecting security flaws in some categories of cryptographic protocols. We convey a formal analysis of the Needham-Schroeder symmetric-key protocol in the theory of witness functions. We show how it helps to warn about a security vulnerability in a given step of this protocol where the value of security of a sensitive ticket in a sent message unexpectedly decreases compared with its value when received. This vulnerability may be exploited by an intruder to mount a replay attack as described by Denning and Sacco.

[1]  Peter Y. A. Ryan,et al.  End-to-End Verifiability in Voting Systems, from Theory to Practice , 2015, IEEE Security & Privacy.

[2]  Steve A. Schneider Verifying Authentication Protocols in CSP , 1998, IEEE Trans. Software Eng..

[3]  Alessandro Armando,et al.  LTL model checking for security protocols , 2009, J. Appl. Non Class. Logics.

[4]  Vincent Cheval,et al.  A Little More Conversation, a Little Less Action, a Lot More Satisfaction: Global States in ProVerif , 2018, 2018 IEEE 31st Computer Security Foundations Symposium (CSF).

[5]  M MarkBuchanan A little more conversation , 2008 .

[6]  Bruno Blanchet,et al.  Composition Theorems for CryptoVerif and Application to TLS 1.3 , 2018, 2018 IEEE 31st Computer Security Foundations Symposium (CSF).

[7]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[8]  Mourad Debbabi,et al.  From type theory to the verification of security protocols , 2001 .

[9]  Catherine A. Meadows,et al.  Formal Verification of Cryptographic Protocols: A Survey , 1994, ASIACRYPT.

[10]  Véronique Cortier,et al.  Deciding security properties for cryptographic protocols. application to key cycles , 2007, TOCL.

[11]  Hubert Comon-Lundh,et al.  Intruder Theories (Ongoing Work) , 2004, FoSSaCS.

[12]  Ilya Sergey,et al.  Programming and proving with distributed protocols , 2017, Proc. ACM Program. Lang..

[13]  Véronique Cortier,et al.  Voting: You Can't Have Privacy without Individual Verifiability , 2018, CCS.

[14]  Giovanni Maria Sacco,et al.  Timestamps in key distribution protocols , 1981, CACM.

[15]  Martín Abadi,et al.  Security Protocols: Principles and Calculi , 2007, FOSAD.

[16]  Hubert Comon-Lundh,et al.  Challenges in the Automated Verification of Security Protocols , 2008, IJCAR.

[17]  Mahesh Viswanathan,et al.  Composing Protocols with Randomized Actions , 2016, POST.

[18]  Mohamed Mejri,et al.  Ensuring the Correctness of Cryptographic Protocols with Respect to Secrecy , 2008, SECRYPT.

[19]  Martín Abadi,et al.  Analyzing security protocols with secrecy types and logic programs , 2002, POPL '02.

[20]  Mohamed Mejri,et al.  Practical and Universal Interpretation Functions for Secrecy , 2007, SECRYPT.

[21]  Jaouhar Fattahi,et al.  Analyse des protocoles cryptographiques par les fonctions témoins , 2016 .

[22]  Somesh Jha,et al.  Model Checking for Security Protocols , 1997 .

[23]  Alessandro Armando,et al.  LTL Model Checking for Security Protocols , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).

[24]  Sebastian Mödersheim,et al.  Stateful Protocol Composition , 2018, ESORICS.

[25]  Véronique Cortier,et al.  A survey of algebraic properties used in cryptographic protocols , 2006, J. Comput. Secur..

[26]  Kevin Barraclough,et al.  I and i , 2001, BMJ : British Medical Journal.

[27]  Jaouhar Fattahi,et al.  The Theory of Witness-Functions , 2016 .

[28]  Mohamed Mejri,et al.  Secrecy by Witness Functions , 2014, FMS @ Petri Nets.

[29]  Mark Buchanan A little more conversation , 2008 .

[30]  Jaouhar Fattahi A Theorem for Secrecy in Tagged Protocols Using the Theory of Witness-Functions , 2018, 2018 IEEE Canadian Conference on Electrical & Computer Engineering (CCECE).