Abstract
In this paper we offer a novel methodology for verifying correctness of (timed) security protocols. The idea consists in computing the time of a correct execution of a session and finding out whether the Intruder can change it to shorter or longer by an active attack. Moreover, we generalize the correspondence property so that attacks can be also discovered when some time constraints are not satisfied. As case studies we verify generalized authentication of KERBEROS, TMN, Neumann Stubblebine Protocol, Andrew Secure Protocol, WMF, and NSPK.
The authors acknowledge partial support from the Ministry of Science and Information Society Technologies under grant number 3 T11C 011 28 and N516 038 31/3853.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Armando, A., Compagna, L.: SATMC: A SAT-based model checker for security protocols. In: Alferes, J.J., Leite, J.A. (eds.) JELIA 2004. LNCS (LNAI), vol. 3229, pp. 730–733. Springer, Heidelberg (2004)
Basin, D.A., Mödersheim, S., Viganò, L.: OFMC: A symbolic model checker for security protocols. International Journal of Information Security 4, 181–208 (2005)
Boreale, M., Buscemi, M.G.: Experimenting with STA, a tool for automatic analysis of security protocols. In: SAC 2002. Proc. of the 2002 ACM Symposium on Applied Computing, pp. 281–285. ACM, New York (2002)
Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., Drielsma, P.H., Heám, P., Kouchnarenko, O., Mantovani, J., Mödersheim, S., von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Viganó, L., Vigneron, L.: The AVISPA tool for the automated validation of internet security protocols and applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005)
Kurkowski, M., Penczek, W., Zbrzezny, A.: Sat-based verification of security protocols via translation to networks of automata. In: MoChart IV. LNCS (LNAI), vol. 4428, pp. 146–165. Springer, Heidelberg (2007)
Delzanno, G., Ganty, P.: Automatic verification of time sensitive cryptographic protocols. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 342–356. Springer, Heidelberg (2004)
Evans, N., Schneider, S.: Analysing time dependent security properties in CSP using PVS. In: Cuppens, F., Deswarte, Y., Gollmann, D., Waidner, M. (eds.) ESORICS 2000. LNCS, vol. 1895, pp. 222–237. Springer, Heidelberg (2000)
Gorrieri, R., Locatelli, E., Martinelli, F.: A simple language for real-time cryptographic protocol analysis. In: Degano, P. (ed.) ESOP 2003 and ETAPS 2003. LNCS, vol. 2618, pp. 114–128. Springer, Heidelberg (2003)
Lowe, G.: Casper: A compiler for the analysis of security protocols. Journal of Computer Security 6, 53–84 (1998)
Corin, R., Etalle, S., Hartel, P.H., Mader, A.: Timed model checking of security protocols. In: FMSE 2004. Proc. of the 2004 ACM Workshop on Formal Methods in Security Engineering, pp. 23–32. ACM Press, New York (2004)
Bengtsson, J., Larsen, K.G., Larsson, F., Pettersson, P., Yi, W., Weise, C.: New generation of UPPAAL. In: Proc. of the Int. Workshop on Software Tools for Technology Transfer (1998)
Jakubowska, G., Penczek, W., Srebrny, M.: Verifying security protocols with timestamps via translation to timed automata. In: CS&P 2005. Proc. of the International Workshop on Concurrency, Specification and Programming, pp. 100–115. Warsaw University (2005)
Jakubowska, G., Penczek, W.: Modelling and checking timed authentication of security protocols. In: CS&P 2006. Proc. of the Int. Workshop on Concurrency, Specification and Programming, vol. 206(2) of Informatik-Berichte, pp. 280–291. Humboldt University (2006)
Clark, J.A., Jacob, J.L.: A survey of authentication protocol literature. Technical Report 1.0 (1997)
Security protocols open repository (2003), http://www.lsv.ens-cachan.fr//spore
Lowe, G.: An attack on the needham-schroeder public-key authentication protocol. Information Processing Letters 56, 131–133 (1995)
Doroś, A., Janowska, A., Janowski, P.: From specification languages to timed automata. In: CS&P 2002. Proc. of the Int. Workshop on Concurrency, Specification and Programming, vol. 161(1) of Informatik-Berichte, pp. 117–128. Humboldt University (2002)
Daws, C., Olivero, A., Tripakis, S., Yovine, S.: The tool KRONOS. In: Alur, R., Sontag, E.D., Henzinger, T.A. (eds.) Hybrid Systems III. LNCS, vol. 1066, pp. 208–219. Springer, Heidelberg (1996)
Dembiński, P., Janowska, A., Janowski, P., Penczek, W., Półrola, A., Szreter, M., Woźna, B., Zbrzezny, A.: VerICS: A tool for verifying timed automata and Estelle specifications. In: Garavel, H., Hatcliff, J. (eds.) ETAPS 2003 and TACAS 2003. LNCS, vol. 2619, pp. 278–283. Springer, Heidelberg (2003)
Burrows, M., Abadi, M., Needham, R.: A logic of authentication. ACM Trans. Comput. Syst. 8, 18–36 (1990)
Armando, A., Compagna, L.: An optimized intruder model for SAT-based model-checking of security protocols. ENTCS 125, 91–108 (2005)
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton, USA (2001)
Panti, M., Spalazzi, L., Tacconi, S.: Using the NuSMV model checker to verify the kerberos protocol. In: Simulation Series. Society for Computer Simulation, vol. 34, pp. 230–236 (2002)
Woo, T.Y.C., Lam, S.S.: A semantic model for authentication protocols. In: SP 1993. Proc. of the 1993 IEEE Symposium on Security and Privacy, pp. 178–194. IEEE Computer Society, Los Alamitos (1993)
Jakubowska, G., Penczek, W.: Verifying timed properties of security protocols. Technical Report 991, ICS PAS, Ordona 21, 01-237 Warsaw (2006)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jakubowska, G., Penczek, W. (2007). Is Your Security Protocol on Time ?. In: Arbab, F., Sirjani, M. (eds) International Symposium on Fundamentals of Software Engineering. FSEN 2007. Lecture Notes in Computer Science, vol 4767. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-75698-9_5
Download citation
DOI: https://doi.org/10.1007/978-3-540-75698-9_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-75697-2
Online ISBN: 978-3-540-75698-9
eBook Packages: Computer ScienceComputer Science (R0)