Abstract
Existing model checking tools for cryptographic protocol analysis have two drawbacks, when applied to present day web based protocols. Firstly, they require expertise in specialized formalisms which limits their use to a small fragment of scientific community. Secondly, they do not support common web constructs and attacks making the analysis both cumbersome as well as error-prone. In this paper, we propose a novel security analysis technique specialized for web protocols. We provide explicit support for common web mechanisms and an adversary capable of exploiting browser-based interaction. Our approach has two unique aspects. It represents the only tool built using a general purpose first-order logic based modeling language – Alloy – that can be used to analyze security of industrial strength web protocols. The other unique aspect is our use of an inference system that analyzes beliefs at honest participants to simplify the protocol model. Despite its simplicity, we demonstrate effectiveness of our approach through a case-study of SAML, where we identify a previously unknown vulnerability in its identity federation workflow.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abadi, M., Blanchet, B.: Analyzing security protocols with secrecy types and logic programs. Journal of the ACM (JACM) 52(1), 102–146 (2005)
Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: Proceedings of the 28th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 104–115. ACM (2001)
Abadi, M., Tuttle, M.: A semantics for a logic of authentication. In: Proceedings of the Tenth Annual ACM Symposium on Principles of Distributed Computing, pp. 201–216. ACM (1991)
Akhawe, D., Barth, A., Lam, P., Mitchell, J., Song, D.: Towards a formal foundation of web security. In: Proceedings of 23rd IEEE Computer Security Foundations Symposium, pp. 290–304. IEEE (2010)
Armando, A., Carbone, R., Compagna, L., Cuellar, J., Tobarra, L.: Formal analysis of SAML 2.0 web browser single sign-on: Breaking the SAML-based single sign-on for Google Apps. In: Proceedings of the 6th ACM Workshop on Formal Methods in Security Engineering, pp. 1–10. ACM (2008)
Armando, A., Compagna, L.: SATMC: A SAT-based model checker for security protocols. In: Alferes, J.J., Leite, J. (eds.) JELIA 2004. LNCS (LNAI), vol. 3229, pp. 730–733. Springer, Heidelberg (2004)
Bansal, C., Bhargavan, K., Maffeis, S.: Discovering concrete attacks on website authorization by formal analysis. In: 2012 IEEE 25th Computer Security Foundations Symposium (CSF), pp. 247–262. IEEE (2012)
Blanchet, B.: Automatic verification of correspondences for security protocols. Journal of Computer Security 17(4), 363–434 (2009)
Blanchet, B.: Using Horn clauses for analyzing security protocols. Formal Models and Techniques for Analyzing Security Protocols 5, 86–111 (2011)
Blanchet, B., Abadi, M., Fournet, C.: Automated verification of selected equivalences for security protocols. Journal of Logic and Algebraic Programming 75(1), 3–51 (2008)
Blanchet, B., et al.: An efficient cryptographic protocol verifier based on Prolog rules. In: Proceedings of the 14th IEEE workshop on Computer Security Foundations, pp. 82–96 (2001)
Burrows, M., Abadi, M., Needham, R.: A logic of authentication. ACM Transactions on Computer Systems 8(1), 18–36 (1990)
Cantor, S., Kemp, I., Philpott, N., Maler, E.: Assertions and protocols for the OASIS Security Assertion Markup Language V2.0. OASIS Standard (March 2005)
Cervesato, I., Durgin, N.A., Lincoln, P., Mitchell, J.C., Scedrov, A.: A meta-notation for protocol analysis. In: Proceedings of the 12th IEEE Computer Security Foundations Workshop, pp. 55–69. IEEE (1999)
Craigen, D., Saaltink, M.: Using EVES to analyze authentication protocols. Technical Report TR-96-5508-05, pp. 6–55 (1996)
Cremers, C.: Unbounded verification, falsification, and characterization of security protocols by pattern refinement. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 119–128. ACM (2008)
Cremers, C.J.F., Lafourcade, P., Nadeau, P.: Comparing state spaces in automatic security protocol analysis. In: Cortier, V., Kirchner, C., Okada, M., Sakurada, H. (eds.) Formal to Practical Security. LNCS, vol. 5458, pp. 70–94. Springer, Heidelberg (2009)
Dolev, D., Yao, A.: On the security of public key protocols. IEEE Transactions on Information Theory 29(2), 198–208 (1983)
Durgin, N., Lincoln, P., Mitchell, J., Scedrov, A.: Undecidability of bounded security protocols. In: Proceedings of the Workshop on Formal Methods and Security Protocols (1999)
Fábrega, F., Herzog, J., Guttman, J.: Strand spaces: Why is a security protocol correct? In: Proceedings of 1998 IEEE Symposium on Research in Security and Privacy, pp. 160–171. IEEE (1998)
Hammer-Lahav, E., Recordon, D., Hardt, D.: The OAuth 2.0 authorization protocol. tools.ietf.org/html/ietf-oauth-v2-31, 8 (2011)
Jackson, D.: Alloy: A lightweight object modelling notation. ACM Transactions on Software Engineering and Methodology (TOSEM) 11(2), 256–290 (2002)
Kindred, D., Wing, J.: Fast, automatic checking of security protocols. In: Proceedings of 2nd Workshop on Electronic Commerce, pp. 41–52. USENIX (1996)
Kumar, A.: Model driven security analysis of IDaaS protocols. In: Kappel, G., Maamar, Z., Motahari-Nezhad, H.R. (eds.) ICSOC 2011. LNCS, vol. 7084, pp. 312–327. Springer, Heidelberg (2011)
Kumar, A.: Using automated model analysis for reasoning about security of web protocols. In: Proceedings of 28th Annual Computer Security Applications Conference, ACSAC 2012, pp. 289–298 (2012)
Nessett, D.: A critique of the Burrows, Abadi and Needham logic. ACM SIGOPS Operating Systems Review 24(2), 35–38 (1990)
Recordon, D., Reed, D.: OpenID 2.0: A platform for user-centric identity management. In: Proceedings of the Second ACM Workshop on Digital Identity Management, pp. 11–16. ACM (2006)
Schumann, J.: Automatic verification of cryptographic protocols with SETHEO. In: McCune, W. (ed.) CADE 1997. LNCS, vol. 1249, pp. 87–100. Springer, Heidelberg (1997)
Song, D., Berezin, S., Perrig, A.: Athena: A novel approach to efficient automatic security protocol analysis. Journal of Computer Security 9(1/2), 47–74 (2001)
Syverson, P., Van Oorschot, P.: On unifying some cryptographic protocol logics. In: Proceedings of 1994 IEEE Symposium on Research in Security and Privacy, pp. 14–28. IEEE (1994)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Kumar, A. (2014). A Lightweight Formal Approach for Analyzing Security of Web Protocols. In: Stavrou, A., Bos, H., Portokalidis, G. (eds) Research in Attacks, Intrusions and Defenses. RAID 2014. Lecture Notes in Computer Science, vol 8688. Springer, Cham. https://doi.org/10.1007/978-3-319-11379-1_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-11379-1_10
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11378-4
Online ISBN: 978-3-319-11379-1
eBook Packages: Computer ScienceComputer Science (R0)