A Program Logic for Verifying Secure Routing Protocols

  • Chen Chen
  • Limin Jia
  • Hao Xu
  • Cheng Luo
  • Wenchao Zhou
  • Boon Thau Loo
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8461)


The Internet, as it stands today, is highly vulnerable to attacks. However, little has been done to understand and verify the formal security guarantees of proposed secure inter-domain routing protocols, such as Secure BGP (S-BGP). In this paper, we develop a sound program logic for SANDLog—a declarative specification language for secure routing protocols—for verifying properties of these protocols. We prove invariant properties of SANDLog programs that run in an adversarial environment. As a step towards automated verification, we implement a verification condition generator (VCGen) to automatically extract proof obligations. VCGen is integrated into a compiler for SANDLog that can generate executable protocol implementations; and thus, both verification and empirical evaluation of secure routing protocols can be carried out in this unified framework. To validate our framework, we (1) encoded several proposed secure routing mechanisms in SANDLog, (2) verified variants of path authenticity properties by manually discharging the generated verification conditions in Coq, and (3) generated executable code based on SANDLog specification and ran the code in simulation.


Invariant Property Operational Semantic Security Property Proof Obligation Cryptographic Protocol 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    ns 3 project: Network Simulator 3,
  2. 2.
    Arnaud, M., Cortier, V., Delaune, S.: Modeling and verifying ad hoc routing protocols. In: Proceedings of CSF (2010)Google Scholar
  3. 3.
    Arnaud, M., Cortier, V., Delaune, S.: Deciding security for protocols with recursive tests. In: Bjørner, N., Sofronie-Stokkermans, V. (eds.) CADE 2011. LNCS, vol. 6803, pp. 49–63. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  4. 4.
    Bau, J., Mitchell, J.: A security evaluation of DNSSEC with NSEC3. In: Proceedings of NDSS (2010)Google Scholar
  5. 5.
    Bhargavan, K., Obradovic, D., Gunter, C.A.: Formal verification of standards for distance vector routing protocols. J. ACM 49(4) (2002)Google Scholar
  6. 6.
    Blanchet, B.: Automatic verification of correspondences for security protocols. J. Comput. Secur. 17(4) (December 2009)Google Scholar
  7. 7.
    Blanchet, B., Smyth, B.: Proverif 1.86: Automatic cryptographic protocol verifier, user manual and tutorial,
  8. 8.
    Chen, C., Jia, L., Loo, B.T., Zhou, W.: Reduction-based security analysis of internet routing protocols. In: WRiPE (2012)Google Scholar
  9. 9.
    Chen, C., Jia, L., Xu, H., Luo, C., Zhou, W., Loo, B.T.: A program logic for verifying secure routing protocols. Tech. rep., CIS Dept. University of Pennsylvania (February 2014),
  10. 10.
    CNET: How pakistan knocked youtube offline,
  11. 11.
    Cortier, V., Degrieck, J., Delaune, S.: Analysing routing protocols: Four nodes topologies are sufficient. In: Degano, P., Guttman, J.D. (eds.) POST. LNCS, vol. 7215, pp. 30–50. Springer, Heidelberg (2012)Google Scholar
  12. 12.
    Datta, A., Derek, A., Mitchell, J.C., Roy, A.: Protocol Composition Logic (PCL). Electronic Notes in Theoretical Computer Science 172, 311–358 (2007)CrossRefMathSciNetGoogle Scholar
  13. 13.
    Engler, D., Musuvathi, M.: Model-checking large network protocol implementations. In: Proceedings of NSDI (2004)Google Scholar
  14. 14.
    Escobar, S., Meadows, C., Meseguer, J.: A rewriting-based inference system for the NRL protocol analyzer: grammar generation. In: Proceedings of FMSE (2005)Google Scholar
  15. 15.
    Garg, D., Franklin, J., Kaynar, D., Datta, A.: Compositional system security with interface-confined adversaries. ENTCS 265, 49–71 (2010)MathSciNetGoogle Scholar
  16. 16.
    Goodloe, A., Gunter, C.A., Stehr, M.O.: Formal prototyping in early stages of protocol design. In: Proceedings of ACM WITS (2005)Google Scholar
  17. 17.
    He, C., Sundararajan, M., Datta, A., Derek, A., Mitchell, J.C.: A modular correctness proof of IEEE 802.11i and TLS. In: Proceedings of CCS (2005)Google Scholar
  18. 18.
    Kamp, H.W.: Tense Logic and the Theory of Linear Order. Phd thesis, Computer Science Department, University of California at Los Angeles, USA (1968)Google Scholar
  19. 19.
    Kent, S., Lynn, C., Mikkelson, J., Seo, K.: Secure border gateway protocol (S-BGP). IEEE Journal on Selected Areas in Communications 18, 103–116 (2000)CrossRefGoogle Scholar
  20. 20.
    Loo, B.T., Condie, T., Garofalakis, M., Gay, D.E., Hellerstein, J.M., Maniatis, P., Ramakrishnan, R., Roscoe, T., Stoica, I.: Declarative Networking: Language, Execution and Optimization. In: SIGMOD (2006)Google Scholar
  21. 21.
    Loo, B.T., Condie, T., Garofalakis, M., Gay, D.E., Hellerstein, J.M., Maniatis, P., Ramakrishnan, R., Roscoe, T., Stoica, I.: Declarative networking. Communications of the ACM (2009)Google Scholar
  22. 22.
    Naous, J., Walfish, M., Nicolosi, A., Mazieres, D., Miller, M., Seehra, A.: Verifying and enforcing network paths with ICING. In: Proceedings of CoNEXT (2011)Google Scholar
  23. 23.
    Nigam, V., Jia, L., Loo, B.T., Scedrov, A.: Maintaining distributed logic programs incrementally. In: Proceedings of PPDP (2011)Google Scholar
  24. 24.
    One Hundred Eleventh Congress: 2010 report to congress of the u.s.-china economic and security review commission (2010),
  25. 25.
    Paulson, L.C.: Mechanized proofs for a recursive authentication protocol. In: Proceedings of CSFW (1997)Google Scholar
  26. 26.
    RapidNet: A Declarative Toolkit for Rapid Network Simulation and Experimentation,
  27. 27.
    Roy, A., Datta, A., Derek, A., Mitchell, J.C., Seifert, J.-P.: Secrecy analysis in protocol composition logic. In: Okada, M., Satoh, I. (eds.) ASIAN 2006. LNCS, vol. 4435, pp. 197–213. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  28. 28.
    Wan, T., Kranakis, E., Oorschot, P.C.: Pretty secure BGP (psBGP). In: Proceedings of NDSS (2005)Google Scholar
  29. 29.
    Wang, A., Basu, P., Loo, B.T., Sokolsky, O.: Declarative network verification. In: Gill, A., Swift, T. (eds.) PADL 2009. LNCS, vol. 5418, pp. 61–75. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  30. 30.
    White, R.: Securing bgp through secure origin BGP (soBGP). The Internet Protocol Journal 6(3), 15–22 (2003)Google Scholar
  31. 31.
    Zhang, X., Hsiao, H.C., Hasker, G., Chan, H., Perrig, A., Andersen, D.G.: Scion: Scalability, control, and isolation on next-generation networks. In: Proceedings of IEEE S&P (2011)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2014

Authors and Affiliations

  • Chen Chen
    • 1
  • Limin Jia
    • 2
  • Hao Xu
    • 1
  • Cheng Luo
    • 1
  • Wenchao Zhou
    • 3
  • Boon Thau Loo
    • 1
  1. 1.University of PennsylvaniaPhiladelphiaUSA
  2. 2.Carnegie Mellon UniversityPittsburghUSA
  3. 3.Georgetown UniversityUSA

Personalised recommendations