论文信息 - Using SPIN to Detect Vulnerabilities in the AACS Drive-Host Authentication Protocol

Using SPIN to Detect Vulnerabilities in the AACS Drive-Host Authentication Protocol

In this paper, we use SPIN, a model checker for LTL, to detect vulnerabilities in the AACS drive-host authentication protocol. Before the detection, we propose a variant of the Dolev-Yao attacker model [4] and incorporate the synthesis and analysis rules [7] to formalize the protocol and the intruder capabilities. During the detection, we check the authenticity of the protocol and identify a few weaknesses. Besides, we propose a novel collusion attack that seriously threaten the security of the protocol, and build a corresponding LTL formula. Based on the formula, SPIN detects a few relevant attack instances in the original scheme of the authentication protocol and a modified scheme advanced in [5].

Wei Wang | Dongyao Ji

[1] Douglas R. Stinson,et al. A Critical Analysis and Improvement of AACS Drive-Host Authentication , 2008, ACISP.

[2] Ramaswamy Ramanujam,et al. A decidable subclass of unbounded security protocols , 2007 .

[3] C PaulsonLawrence. The inductive approach to verifying cryptographic protocols , 1998 .

[4] Madhavan Mukund,et al. Generic Verification of Security Protocols , 2005, SPIN.

[5] Sebastian Mödersheim,et al. An On-the-Fly Model-Checker for Security Protocol Analysis , 2003, ESORICS.

[6] Dieter Gollmann,et al. Computer Security – ESORICS 2003 , 2003, Lecture Notes in Computer Science.

[7] Riccardo Sisto,et al. Using SPIN to Verify Security Properties of Cryptographic Protocols , 2002, SPIN.

[8] Danny Dolev,et al. On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[9] Jiayuan Sui,et al. An Overview of the Advanced Access Content System ( AACS ) , 2007 .

[10] Lawrence C. Paulson,et al. The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..

[11] Ramaswamy Ramanujam,et al. Decidability of context-explicit security protocols , 2005, J. Comput. Secur..

[12] Andreas Podelski,et al. ACSAR: Software Model Checking with Transfinite Refinement , 2007, SPIN.