Abstract
We present a method of conformance testing of the cryptographic protocol implementations that ensures a high degree of automation of the testing process and provides criteria for the quality assessment of the generated test suites. Our method is based on a kind of extended (non-finite) state machine which is specifically designed for the domain of cryptographic protocols. The key concept of the proposed machine is a built-in mechanism of sequences, which, firstly, sets an effective way to deal with the nondeterminism inherent in cryptographic protocols and, secondly, provides the means to express "inconvenient" (for the high-level declarative languages) requirements, such as e.g. "take the concatenation of the specified parts of all the previous messages which meet specified condition". Basing on this machine, we propose a high-level declarative language (embedded in Haskell) intended for development of interoperable protocol specifications used as input data for our testing tool. The protocol specification consists of two parts: a description of the structure of the protocol messages (this part, by virtue of its conciseness and declarativeness, can be directly incorporated in the primary specifications such as RFC) and a set of state machine transition functions binded to the sequences. In the paper, we present the principles of building of our machine and introduce the notion of sequences fuzzing. The proposed approach was successfully approved for the industrial cryptographic protocol TLS.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Bozic, J., Marsso, L., Mateescu, R., Wotawa, F.: A formal TLS handshake model in LNT. In: Proceedings Third Workshop on Models for Formal Analysis of Real Systems and Sixth International Workshop on Verification and Program Transformation, MARS/VPT@ETAPS 2018, and Sixth International Workshop on Verification and Program Transformation, Thessaloniki, Greece, 20th April 2018
ABZ Conference. https://abz-conf.org/
Nikeshin A.V., Pakulin N.V., Shnitman. V.Z.: Conformance test suite for implementations of the security protocol suite IPsec v2. Proceedings of the Institute for System Programming of the RAS (Proceedings of ISP RAS). 2010;18. (In Russ.)
Nikeshin A.V., Pakulin, N.V., Shnitman. V.Z.: Test suite development for verification of TLS security protocol. Proceedings of the Institute for System Programming of the RAS (Proceedings of ISP RAS). 2012;23. (In Russ.) https://doi.org/10.15514/ISPRAS-2012-23-22
McMillan, K.L., Zuck, L.D.: Formal specification and testing of QUIC. In: Proceedings of the ACM Special Interest Group on Data Communication, SIGCOMM 2019, Beijing, China, August 19–23, 2019. pp. 227–240 (2019)
Rozenzweig, D., Runje, D.: The Cryptographic Abstract Machine. ASM 2004: Abstract State Machines 2004. Advances in Theory and Practice. pp 202–217. https://doi.org/10.1007/978-3-540-24773-9_15.
Aizatulin, M., Gordon, A., Jurjens, J.: Extracting and verifying cryptographic models from C protocol code by symbolic execution. In: Proc. of the 18th ACM Conference on Computer and Communications Security (CCS’11), Chicago, IL, USA, pages 331–340. ACM, October 2011
Braghin, C., Lilli, M., Riccobene, E.: Towards ASM-Based Automated Formal Verification of Security Protocols. In: Proceedings of 8th International Conference, ABZ 2021 Ulm, Germany, June 9–11, 2021
Gagliardi, E., Levillain, O.: Analysis of QUIC session establishment and its implementations. In: WISTP 2019: IFIP International Conference on Information Security Theory and Practice, Dec 2019, Paris, France. pp.169–184. https://doi.org/10.1007/978-3-030-41702-4_11
Gargantini, A., Riccobene, E.: ASM-based testing: coverage criteria and automatic test sequence generation. J. Univ. Comput. Sci. 7(11), 1050–1067 (2001)
de Ruiter, J., Poll, E.: Protocol state fuzzing of TLS implementations. In: USENIX Security Symposium, 2015, pp. 193–206
Funding
The reported study was funded by Ministry of Science and Higher Education of the Russian Federation, Project Number 075-15-2020-788.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflicts of interest to report regarding the present study.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Appendix A: Excerpts from the EDSL-description of the protocol TLS
Appendix A: Excerpts from the EDSL-description of the protocol TLS
See Figs.
Fragment of the ‘structures’ part related to the TLS ClientHello message
3,
Fragment of the ‘structures’ part related to the TLS ClientHello extension
4 and
Fragment of the ‘transitions’ part related to the sequence HandshakeMessages of TLS 1.3
5.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Prokopev, S. Cryptographic protocol conformance testing based on domain-specific state machine. J Comput Virol Hack Tech 20, 249–259 (2024). https://doi.org/10.1007/s11416-023-00474-1
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11416-023-00474-1