Abstract
For several years, the analysis of security protocols time properties has been very important in the area of computer networks security. Up to now, however, it has been primarily used for timestamps analysis, without the other time related parameters being taken into account. As we can see in literature using formal, mathematical structures many problems can be considered and solved. In order to present the assets and liabilities of the tested protocol, depending on the known time parameters, we have proposed a mathematical model.
For our research on security protocols time properties we use synchronized networks of timed automata – a specifically designed discrete mathematical model. This model allows to express and investigate the mentioned properties. In our work we also use encoding of structures and properties into Boolean propositional formulas that can be solved using SAT techniques. The investigation based on our model proved that even protocols which are potentially weak can be used with proper time constraints. In this paper we consider one of the popular security protocols: the WooLamPi protocol and its variations. By strengthening the crucial points, a way to improve protocol safety may also be found. Part of the work was to implement a tool which not only helps in the above mentioned activity, but also allows to display experimental results.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., et al.: The AVISPA tool for the automated validation of internet security protocols and applications. In: Proceedings of 17th International Conference on Computer Aided Verification (CAV 2005), vol. 3576. LNCS, pp. 281–285. Springer (2005)
Blanchet, B.: Modeling and verifying security protocols with the applied pi calculus and ProVerif. Found. Trends Priv. Secur. 1(1–2), 1–135 (2016)
Burrows, M., Abadi, M., Needham, R.: A logic of authentication. Proc. R. Soc. London A 426, 233–271 (1989)
Cremers, C., Mauw, S.: Operational Semantics and Verification of Security Protocols. Information Security and Cryptography Series. Springer, Heidelberg (2012)
David, A., Larsen, K.G., et al.: Uppaal SMC tutorial. Int. J. Softw. Tools Technol. Transfer (STTT) 17(4), 397–415 (2015)
Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–207 (1983)
Jakubowska, G., Penczek, W.: Modeling and checking timed authentication security protocols. In: Proceedings of the International Workshop on Concurrency, Specification and Programming (CS&P 2006), Informatik-Berichte, vol. 206, no. 2, str. pp. 280–291. Humboldt University (2006)
Jakubowska, G., Penczek, W.: Is your security protocol on time? In: Proceedings of FSEN’07. LNCS, vol. 4767, pp. 65–80. Springer (2007)
Kacprzak, M., Nabiałek, W., Niewiadomski, A., Penczek, W., Półrola, A., Szreter, M., et al.: Verics 2007 - a model checker for knowledge and real-time. Fundamenta Informatiace 85, 313–328 (2008)
Kurkowski, M., Penczek, W.: Applying timed automata to model checking of security protocols. In: Wang, J. (ed.) Handbook of Finite State Based Models and Applications, pp. 223–254. CRC Press, Boca Raton (2012)
Kurkowski, M.: Formalne metody weryfikacji wlasnosci protokolow zabezpieczajacych w sieciach komputerowych, wyd. Exit, Warszawa (2013)
Paulson, L.: Inductive analysis of the internet protocol TLS. ACM Trans. Inf. Syst. Secur. (TISSEC) 2(3), 332–351 (1999)
Penczek, W., Półrola, A.: Advances in Verification of Time Petri Nets and Timed Automata: Temporal Logic Approach. Studies in Computational Intelligence, vol. 20. Springer (2006)
Szymoniak, S.: Modeling and verification of security protocols including delays in the network. Ph.D. thesis, Czestochowa University of Technology (2017)
Siedlecka-Lamch, O., Kurkowski, M., Piatkowski, J.: Probabilistic model checking of security protocols without perfect cryptography assumption. In: Proceedings of 23rd International Conference, Computer Networks 2016, Brunow, Poland, 14–17 June 2016. Communications in Computer and Information Science, vol. 608, pp. 107–117. Springer (2016)
Szymoniak, S., Siedlecka-Lamch, O., Kurkowski, M.: Timed analysis of security protocols. In: Proceedings of 37th International Conference ISAT 2016, Karpacz, Poland, 18–20 September 2017. Advances in Intelligent Systems and Computing, vol. 522, pp. 53–63. Springer (2017)
Woo, T.Y.C., Lam, S.S.: A lesson on authentication protocol design. SIGOPS Oper. Syst. Rev. 28(3), 24 (1994)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Szymoniak, S., Siedlecka-Lamch, O., Kurkowski, M. (2019). Network’s Delays in Timed Analysis of Security Protocols. In: Borzemski, L., Świątek, J., Wilimowska, Z. (eds) Information Systems Architecture and Technology: Proceedings of 39th International Conference on Information Systems Architecture and Technology – ISAT 2018. ISAT 2018. Advances in Intelligent Systems and Computing, vol 852. Springer, Cham. https://doi.org/10.1007/978-3-319-99981-4_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-99981-4_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-99980-7
Online ISBN: 978-3-319-99981-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)