Theorem Proving in Higher Order Logics

Volume 5674 of the series Lecture Notes in Computer Science pp 1-22

Let’s Get Physical: Models and Methods for Real-World Security Protocols

  • David BasinAffiliated withETH Zurich
  • , Srdjan CapkunAffiliated withETH Zurich
  • , Patrick SchallerAffiliated withETH Zurich
  • , Benedikt SchmidtAffiliated withETH Zurich

* Final gross prices may vary according to local VAT.

Get Access


Traditional security protocols are mainly concerned with key establishment and principal authentication and rely on predistributed keys and properties of cryptographic operators. In contrast, new application areas are emerging that establish and rely on properties of the physical world. Examples include protocols for secure localization, distance bounding, and device pairing.

We present a formal model that extends inductive, trace-based approaches in two directions. First, we refine the standard Dolev-Yao model to account for network topology, transmission delays, and node positions. This results in a distributed intruder with restricted, but more realistic, communication capabilities. Second, we develop an abstract message theory that formalizes protocol-independent facts about messages, which hold for all instances. When verifying protocols, we instantiate the abstract message theory, modeling the properties of the cryptographic operators under consideration. We have formalized this model in Isabelle/HOL and used it to verify distance bounding protocols where the concrete message theory includes exclusive-or.