Abstract
Multicast, originally designed as an efficient way of broadcasting content, is being used in security protocols. Multicast security protocols are difficult to verify using model checking because they typically involve a large number of participants. Likewise, the exponential growth of knowledge being distributed during protocol run is a challenge. From a specification point of view, multicast is also a general way of representing message casting in protocol verification, with unicast, anycast and broadcast as special cases. Using the inductive method of protocol verification and Isabelle/HOL, we have devised techniques for specifying multicast protocols and proving many of their essential properties. We show backwards compatibility revisiting a well-known protocol and secrecy proofs for a mixed environment protocol as a case study. Our contributions are twofold: a usable multicast specification using the inductive method and the assertion that protocols should be verified by default using a multicast specification.
Similar content being viewed by others
Notes
This lemma is part of the basic theories of the inductive method and is not shown in here. Its proof is available in the Isabelle/HOL distribution files.
This lemma is part of the basic theories of the inductive method and is not shown in here. Its proof is available in the Isabelle/HOL distribution files.
References
Anastasi, G., Bartoli, A., Francesco, N.D., Santone, A.: Efficient verification of a multicast protocol for mobile computing. Comput. J. 44(1), 21–30 (2001)
Archer, M.: Proving correctness of the basic TESLA multicast stream authentication protocol with TAME*. In: Workshop on Issues in the Theory of Security. Portland, USA (2002)
Arsac, W., Bella, G., Chantry, X., Compagna, L.: Multi-attacker Protocol Validation. JAR 45 (2010)
Bella, G.: Formal Correctness of Security Protocols. Information Security and Cryptography. Springer, Heidelberg (2007)
Bella, G., Paulson, L.C., Massacci, F.: The verification of an industrial payment protocol: the set purchase phase. In: 9th ACM CCCS (2002)
Bogetoft, P., Christensen, D.L., Damgård, I., Geisler, M., Jakobsen, T.P., Krøigaard, M., Nielsen, J.D., Nielsen, J.B., Nielsen, K., Pagter, J., Schwartzbach, M.I., Toft, T.: Secure multiparty computation goes live. In: Financial Cryptography. LNCS, vol. 5628, pp. 325–343. Springer, Berlin (2009)
Brown, I., Perkins, C., Crowcroft, J.: Watercasting: Distributed watermarking of multicast media. In: Rizzo, L., Fdida, S. (eds.) Networked Group Communication. LNCS, vol. 1736, pp. 286–300. Springer, Berlin (1999)
Butin, D., Gray, David, T., Bella, G.: Towards verifying voter privacy through unlinkability. In: ESSoS13, pp. 91–106. LNCS, Springer, Rocquencourt, France (2013)
Chridi, N., Turuani, M., Rusinowitch, M.: Decidable analysis for a class of cryptographic group protocols with unbounded lists. In: CSF, pp. 277–289. IEEE Computer Society (2009)
Cortier, V., Smyth, B.: Attacking and fixing Helios: an analysis of ballot secrecy. . In: Proceedings of the 24th IEEE Computer Security Foundations Symposium (CSF’11), pp. 297–311. IEEE Computer Society Press, Cernay-la-Ville, France (2011)
Franklin, M.K., Reiter, M.K.: The design and implementation of a secure auction service. IEEE Trans. Softw. Eng. 22(5), 302–312 (1996)
Gennaro, R., Rohatgi, P.: How to sign digital streams. Inf. Comput. 165(1), 100–116 (2001)
Gorrieri, R., Martinelli, F., Petrocchi, M.: Formal models and analysis of secure multicast in wired and wireless networks. J. Autom. Reas. 41, 325–364 (2008)
Hardjono, T., Weis, B.: The Multicast Group Security Architecture. RFC 3740 (2004)
Harney, H., Muckenhirn, C.: RFC 2094: Group Key Management Protocol (GKMP) Architecture (1997)
Huang, D., Medhi, D.: A byzantine resilient multi-path key establishment scheme and its robustness analysis for sensor networks. In: 19th IPDPS (2005)
Kreibich, J.A.: The MBONE: the internet’s other backbone. Crossroads 2(1), 5–7 (1995)
Lamport, L., Shostak, R., Pease, M.: The Byzantine Generals Problem. ACM TPLS 4 (1982)
Meadows, C., Syverson, P., Cervesato, I.: Formal specification and analysis of the group domain of intrepretation protocol using NPATRL and the NRL protocol analyzer. J. Comput. Secur. 12 (2004)
Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Commun. ACM 21(12), 993–999 (1978)
Nipkow, T., Paulson, L.C., Wenzel, M.: Isabelle/HOL: A Proof Assistant for Higher-Order Logic. Springer, Berlin (2002)
Paiola, M., Blanchet, B.: Verification of security protocols with lists: from length one to unbounded length. In: POST, vol. 2012, pp. 69–88 (2012)
Paulson, L.C.: The inductive approach to verifying cryptographic protocols. J. Comput. Secur. 6, 85–128 (1998)
Pinto, A., Ricardo, M.: SMIz: secure multicast IPTV with efficient support for video channel zapping. In: Proceedings of the NAEC 2008 (2008)
Quinn, B., Almeroth, K.: IP Multicast Applications: Challenges and Solutions. RFC 3170 (2001)
Steel, G., Bundy, A.: Attacking group multicast key management protocols using CORAL. Electr. Notes Theor. Comput. Sci 125(1), 125–144 (2005)
Author information
Authors and Affiliations
Corresponding author
Additional information
Supported by CAPES/Brazil on Grant #4226-05-4.
Rights and permissions
About this article
Cite this article
Martina, J.E., Paulson, L.C. Verifying multicast-based security protocols using the inductive method. Int. J. Inf. Secur. 14, 187–204 (2015). https://doi.org/10.1007/s10207-014-0251-z
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-014-0251-z