Abstract
Routing protocols aim at establishing a route between nodes on a network. Secured versions of routing protocols have been proposed in order to provide more guarantees on the resulting routes. Formal methods have proved their usefulness when analysing standard security protocols such as confidentiality or authentication protocols. However, existing results and tools do not apply to routing protocols. This is due in particular to the fact that all possible topologies (infinitely many) have to be considered.
In this paper, we propose a simple reduction result: when looking for attacks on properties such as the validity of the route, it is sufficient to consider topologies with only four nodes, resulting in a number of just five distinct topologies to consider. As an application, we analyse the SRP applied to DSR and the SDMSR protocols using the ProVerif tool.
Keywords
- Malicious Node
- Security Property
- Horn Clause
- Reduction Result
- Request Packet
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
The research leading to these results has received funding from the European Research Council under the European Union’s Seventh Framework Programme (FP7/2007-2013) / ERC grant agreement no 258865, project ProSecure, and the ANR project JCJC VIP no 11 JS02 006 01.
Download conference paper PDF
References
Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: Proc. 28th Symposium on Principles of Programming Languages (POPL 2001), pp. 104–115. ACM Press (2001)
Abadi, M., Gordon, A.: A calculus for cryptographic protocols: The spi calculus. In: Proc. 4th Conference on Computer and Communications Security (CCS 1997), pp. 36–47. ACM Press (1997)
Ács, G., Buttyán, L., Vajda, I.: Provably secure on-demand source routing in mobile ad hoc networks. IEEE Trans. Mob. Comput. 5(11), 1533–1546 (2006)
Andel, T., Back, G., Yasinsac, A.: Automating the security analysis process of secure ad hoc routing protocols. Simulation Modelling Practice and Theory 19(9), 2032–2049 (2011)
Armando, A., Carbone, R., Compagna, L., Cuéllar, J., Tobarra, M.L.: Formal analysis of SAML 2.0 web browser single sign-on: breaking the SAML-based single sign-on for google apps. In: Proc. of the 6th ACM Workshop on Formal Methods in Security Engineering (FMSE 2008), pp. 1–10. ACM (2008)
Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., Drielsma, P.H., Heám, P.C., Kouchnarenko, O., Mantovani, J., Mödersheim, S., von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Viganò, L., Vigneron, L.: The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005)
Arnaud, M., Cortier, V., Delaune, S.: Modeling and verifying ad hoc routing protocols. In: Proc. 23rd IEEE Computer Security Foundations Symposium (CSF 2010), pp. 59–74. IEEE Computer Society Press (July 2010)
Arnaud, M., Cortier, V., Delaune, S.: Deciding Security for Protocols with Recursive Tests. In: Bjørner, N., Sofronie-Stokkermans, V. (eds.) CADE 2011. LNCS (LNAI), vol. 6803, pp. 49–63. Springer, Heidelberg (2011)
Arnaud, M., Cortier, V., Delaune, S.: Modeling and verifying ad hoc routing protocols. Research Report LSV-11-24, Laboratoire Spécification et Vérification, ENS Cachan, France, 68 pages (December 2011)
Benetti, D., Merro, M., Viganò, L.: Model checking ad hoc network routing protocols: Aran vs. endaira. In: Proc. 8th IEEE International Conference on Software Engineering and Formal Methods (SEFM 2010), Pisa, Italy, pp. 191–202. IEEE Computer Society (2010)
Berton, S., Yin, H., Lin, C., Min, G.: Secure, disjoint, multipath source routing protocol(sdmsr) for mobile ad-hoc networks. In: Proc. 5th International Conference on Grid and Cooperative Computing, GCC 2006, pp. 387–394. IEEE Computer Society, Washington, DC (2006)
Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: Proc., 14th Computer Security Foundations Workshop (CSFW 2001). IEEE Comp. Soc. Press (2001)
Blanchet, B.: An automatic security protocol verifier based on resolution theorem proving (invited tutorial). In: Proc. 20th International Conference on Automated Deduction, CADE 2005 (2005)
Burmester, M., de Medeiros, B.: On the security of route discovery in manets. IEEE Trans. Mob. Comput. 8(9), 1180–1188 (2009)
Buttyán, L., Vajda, I.: Towards Provable Security for Ad Hoc Routing Protocols. In: Proc. 2nd ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN 2004), pp. 94–105. ACM, New York (2004)
Comon-Lundh, H., Cortier, V.: Security Properties: Two Agents Are Sufficient. In: Degano, P. (ed.) ESOP 2003. LNCS, vol. 2618, pp. 99–113. Springer, Heidelberg (2003)
Cortier, V., Degrieck, J., Delaune, S.: Analysing routing protocols: four nodes topologies are sufficient. Research Report LSV-11-25, Laboratoire Spécification et Vérification, ENS Cachan, France, 28 pages (December 2011)
Cremers, C.: The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols. In: Gupta, A., Malik, S. (eds.) CAV 2008. LNCS, vol. 5123, pp. 414–418. Springer, Heidelberg (2008)
Dolev, D., Yao, A.C.: On the security of public key protocols. In: Proc. 22nd Symposium on Foundations of Computer Science (FCS 1981), pp. 350–357. IEEE Computer Society Press (1981)
Feng, T., Guo, X., Ma, J., Li, X.: UC-Secure Source Routing Protocol (2009)
Hu, Y.-C., Perrig, A., Johnson, D.: Ariadne: A Secure On-Demand Routing Protocol for Ad Hoc Networks. Wireless Networks 11, 21–38 (2005)
Hu, Y.-C., Perrig, A., Johnson, D.B.: Wormhole attacks in wireless networks. IEEE Journal on Selected Areas in Communications 24(2), 370–380 (2006)
Johnson, D.B., Maltz, D.A., Broch, J.: DSR: The dynamic source routing protocol for multi-hop wireless ad hoc networks. In: Perkins, C.E. (ed.) In Ad Hoc Networking, ch. 5, pp. 139–172. Addison-Wesley (2001)
Lazos, L., Poovendran, R., Meadows, C., Syverson, P., Chang, L.W.: Preventing wormhole attacks on wireless ad hoc networks: a graph theoretic approach. In: Wireless Communications and Networking Conference, vol. 2 (2005)
Nanz, S., Hankin, C.: A Framework for Security Analysis of Mobile Wireless Networks. Theoretical Computer Science 367(1), 203–227 (2006)
Papadimitratos, P., Haas, Z.: Secure routing for mobile ad hoc networks. In: Proc. SCS Communication Networks and Distributed Systems Modelling Simulation Conference, CNDS (2002)
Rusinowitch, M., Turuani, M.: Protocol insecurity with finite number of sessions is NP-complete. In: Proc. 14th Computer Security Foundations Workshop (CSFW 2001), pp. 174–190. IEEE Comp. Soc. Press (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cortier, V., Degrieck, J., Delaune, S. (2012). Analysing Routing Protocols: Four Nodes Topologies Are Sufficient. In: Degano, P., Guttman, J.D. (eds) Principles of Security and Trust. POST 2012. Lecture Notes in Computer Science, vol 7215. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28641-4_3
Download citation
DOI: https://doi.org/10.1007/978-3-642-28641-4_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-28640-7
Online ISBN: 978-3-642-28641-4
eBook Packages: Computer ScienceComputer Science (R0)