Skip to main content
SpringerLink
Log in

Formal Models and Analysis of Secure Multicast in Wired and Wireless Networks

  • Published:
Journal of Automated Reasoning Aims and scope Submit manuscript

Abstract

The spreading of multicast technology enables the development of group communication and so dealing with digital streams becomes more and more common over the Internet. Given the flourishing of security threats, the distribution of streamed data must be equipped with sufficient security guarantees. To this aim, some architectures have been proposed, to supply the distribution of the stream with guarantees of, e.g., authenticity, integrity, and confidentiality of the digital contents. This paper shows a formal capability of capturing some features of secure multicast protocols. In particular, both the modeling and the analysis of some case studies are shown, starting from basic schemes for signing digital streams, passing through protocols dealing with packet loss and time-synchronization requirements, concluding with a secure distribution of a secret key. A process-algebraic framework will be exploited, equipped with schemata for analysing security properties and compositional principles for evaluating if a property is satisfied over a system with more than two components.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Datta, A., Derek, A., Mitchell, J.C., Pavlovic, D.: A derivation system and compositional logic for security protocols. J. Comput. Secur. 13(3), 423–482 (2005)

    Google Scholar 

  2. Archer, M.: Proving correctness of the basic TESLA multicast stream authentication protocol with TAME. In: Proc. WITS’02, Informal Proceedings, Barcelona, January 2002

  3. AVISPA: AVISPA website. http://www.avispa-project.org/ (2006)

  4. Bell, B., La Padula L.: Secure computer systems—unified exposition and multics interpretation. Technical report tech. rep. ESD-TR-75-306, MITRE MTR-2997 (1976)

  5. Broadfoot, P., Lowe, G.: Analysing a stream authentication protocol using model checking. In: Proc. ESORICS’02. LNCS, vol. 2502, pp. 146–161. Springer, New York (2002)

    Google Scholar 

  6. Canetti, R., Garay, J.A., Itkis, G., Micciancio, D., Naor, M., Pinkas, B.: Multicast security: A taxonomy and some efficient constructions. In: Proc. of INFOCOM 1999, pp. 708–716. IEEE, Piscataway (1999)

    Google Scholar 

  7. Ellis, C.: Team automata for groupware systems. In: GROUP ’97: Proceedings of the International ACM SIGGROUP Conference on Supporting Group Work, ISBN 0-89791-897-5, pp. 415–424, doi:10.1145/266838.267363. ACM, New York (1997)

    Chapter  Google Scholar 

  8. Focardi, R., Gorrieri, R.: A taxonomy of security properties for process algebras. J. Comput. Secur. 3(1), 5–34 (1995)

    Google Scholar 

  9. Focardi, R., Gorrieri, R., Martinelli, F.: Non interference for the analysis of cryptographic protocols. In: Proc. ICALP’00. LNCS, vol. 1853, pp. 354–372. Springer, New York (2000)

    Google Scholar 

  10. Focardi, R., Gorrieri, R., Martinelli, F.: Secrecy in security protocols as non interference. In: ENTCS 32 (2000)

  11. Focardi, R., Gorrieri, R., Martinelli, F.: Classification of security properties—part II: network security. In: Proc. FOSAD 2001/2002—Tutorial Lectures. LNCS, vol. 2946, pp. 139–185. Springer, New York (2004)

    Google Scholar 

  12. Focardi, R., Martinelli, F.: A uniform approach for the definition of security properties. In: Proc. FM’99. LNCS, vol. 1708, pp. 794–813. Springer, New York (1999)

    Google Scholar 

  13. Gennaro, R., Rohatgi, P.: How to sign digital streams. Inf. Comput. 165(1), 100–116 (2001)

    Article  MATH  MathSciNet  Google Scholar 

  14. Goguen, J.A., Meseguer, J.: Security policy and security models. In: Proc. S&P’82, pp. 11–20. IEEE, Piscataway (1982)

    Google Scholar 

  15. Golle, P., Modadugu, N.: Authenticating streamed data in the presence of random packet loss. In: Proc. NDSS’01. The Internet Society, Geneva (2001)

    Google Scholar 

  16. Gorrieri, R., Martinelli, F.: A simple framework for real-time cryptographic protocol analysis with compositional proof rules. Sci. Comput. Program. 50(1–3), 23–49 (2004)

    Article  MATH  MathSciNet  Google Scholar 

  17. Gorrieri, R., Martinelli, F., Petrocchi, M., Vaccarelli, A.: Compositional verification of integrity for digital stream signature protocols. In: Proc. ACSD’03, pp. 142–149. IEEE, Piscataway (2003)

    Google Scholar 

  18. Gorrieri, R., Martinelli, F., Petrocchi, M., Vaccarelli, A.: Formal analysis of some timed security properties in wireless protocols. In: Proc. FMOODS’03. LNCS, vol. 2884, pp. 139–154. Springer, New York (2003)

    Google Scholar 

  19. Gupta, P., Shmatikov, V.: Security analysis of voice-over-ip protocols. In: CSF, pp. 49–63 (2007)

  20. Hennessy, M., Regan, T.: A temporal process algebra. Inf. Comput. 117, 222–239 (1995)

    Article  MathSciNet  Google Scholar 

  21. Lowe, G.: Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In: Proc. TACAS’96. LNCS, vol. 1055, pp. 147–166. Springer, New York (1996)

    Google Scholar 

  22. Martinelli, F.: Analysis of security protocols as open systems. Theor. Comp. Sci. 290(1), 1057–1106 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  23. Martinelli, F., Petrocchi, M., Vaccarelli, A.: Compositional verification of secure streamed data: a case study with EMSS. In: Proc. ICTCS’03. LNCS, vol. 2841, pp. 383–396. Springer, New York (2003)

    Google Scholar 

  24. Merro, M.: An observational theory for mobile ad hoc networks. Electr. Notes Theor. Comput. Sci. 173, 275–293 (2007)

    Article  Google Scholar 

  25. Mezzetti, N., Sangiorgi, D.: Towards a calculus for wireless systems. Electr. Notes Theor. Comput. Sci. 158, 331–353 (2006)

    Article  Google Scholar 

  26. Milner, R.: Communication and Concurrency. Prentice Hall, Englewood Cliffs (1989)

    MATH  Google Scholar 

  27. Nanz, S., Hankin, C.: A framework for security analysis of mobile wireless networks. Theor. Comput. Sci. 367(1), 203–227, ISSN 0304-3975. doi:10.1016/j.tcs.2006.08.036 (2006)

    Article  MATH  MathSciNet  Google Scholar 

  28. Park, J.M., Chong, E.K.P., Siegel, H.J.: Efficient multicast packet authentication using signature amortization. In: Proc. S&P’02, pp. 227–240. IEEE, Piscataway (2002)

    Google Scholar 

  29. Perrig, A., Canetti, R., Song, D.X., Tygar, D.: Efficient and secure source authentication for multicast. In: Proc. NDSS’01. The Internet Society, Geneva (2001)

    Google Scholar 

  30. Perrig, A., Canetti, R., Tygar, D., Song, D.X.: Efficient authentication and signing of multicast streams over lossy channels. In: Proc. S&P’00, pp. 56–73, citeseer.nj.nec.com/perrig00efficient.html. IEEE, Piscataway (2000)

    Google Scholar 

  31. Perrig, A., Szewczyk, R., Tygar, D., Wen, V., Culler, D.E.: SPINS: security protocols for sensor networks. Wirel. Netw. J. 8, 521–534 (2002)

    Article  MATH  Google Scholar 

  32. Postel, J.: The User Datagram Protocol - RFC 768. http://www.faqs.org/rfcs/rfc768.html (1980)

  33. Taghdiri, M., Jackson, D.: A lightweight formal analysis of a multicast key management scheme. In: Proc. of FORTE 2003. LNCS, vol. 2767, pp. 240–256. Springer, New York (2003)

    Google Scholar 

  34. ter Beek, M., Lenzini, G., Petrocchi, M.: A team automaton scenario for the analysis of security properties in communication protocols. J. Autom. Lang. Comb. 11(4), 345–374 (2006)

    Google Scholar 

  35. Wallner, D., Harder, E., Agee, R.: RFC 2627: Key Management for Multicast: Issues and Architectures. http://www.faqs.org/rfcs/rfc2627.html (1999)

  36. Wong, C.K., Gouda, M.G., Lam, S.S.: Secure group communications using key graphs. IEEE/ACM Trans. Netw. 8(1), 16–30 (2000)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Scienze dell’Informazione, Università di Bologna, Bologna, Italy

    Roberto Gorrieri

  2. Istituto di Informatica e Telematica, CNR, Pisa, Italy

    Fabio Martinelli & Marinella Petrocchi

Authors
  1. Roberto Gorrieri
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Fabio Martinelli
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Marinella Petrocchi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Roberto Gorrieri.

Additional information

This research was partly supported by the EU project FP6-IST-4-027748-IP Bionets (BIOlogically-inspired autonomic NETworks and Services), by the EU project FP7-214859 Consequence (Context-aware data-centric information sharing), and by the EU project FP6-IST-3-016004-IP-09 Sensoria (Software engineering for service-oriented overlay computers). This is an extended and revised version of [17, 18, 23].

Rights and permissions

Reprints and permissions

About this article

Cite this article

Gorrieri, R., Martinelli, F. & Petrocchi, M. Formal Models and Analysis of Secure Multicast in Wired and Wireless Networks. J Autom Reasoning 41, 325–364 (2008). https://doi.org/10.1007/s10817-008-9112-7

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10817-008-9112-7

Keywords

Search

Navigation