Let’s Get Physical: Models and Methods for Real-World Security Protocols

  • David Basin
  • Srdjan Capkun
  • Patrick Schaller
  • Benedikt Schmidt
Conference paper

DOI: 10.1007/978-3-642-03359-9_1

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5674)
Cite this paper as:
Basin D., Capkun S., Schaller P., Schmidt B. (2009) Let’s Get Physical: Models and Methods for Real-World Security Protocols. In: Berghofer S., Nipkow T., Urban C., Wenzel M. (eds) Theorem Proving in Higher Order Logics. TPHOLs 2009. Lecture Notes in Computer Science, vol 5674. Springer, Berlin, Heidelberg

Abstract

Traditional security protocols are mainly concerned with key establishment and principal authentication and rely on predistributed keys and properties of cryptographic operators. In contrast, new application areas are emerging that establish and rely on properties of the physical world. Examples include protocols for secure localization, distance bounding, and device pairing.

We present a formal model that extends inductive, trace-based approaches in two directions. First, we refine the standard Dolev-Yao model to account for network topology, transmission delays, and node positions. This results in a distributed intruder with restricted, but more realistic, communication capabilities. Second, we develop an abstract message theory that formalizes protocol-independent facts about messages, which hold for all instances. When verifying protocols, we instantiate the abstract message theory, modeling the properties of the cryptographic operators under consideration. We have formalized this model in Isabelle/HOL and used it to verify distance bounding protocols where the concrete message theory includes exclusive-or.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • David Basin
    • 1
  • Srdjan Capkun
    • 1
  • Patrick Schaller
    • 1
  • Benedikt Schmidt
    • 1
  1. 1.ETH ZurichZurichSwitzerland

Personalised recommendations