Abstract
A long-standing research problem is how to efficiently verify security protocols with tamper-resistant global states, especially when the global states evolve unboundedly. We propose a protocol specification framework, which facilitates explicit modeling of states and state transformations. On the basis of that, we develop an algorithm for verifying security properties of protocols with unbounded state-evolving, by tracking state transformation and checking the validity of the state-evolving traces. We prove the correctness of the verification algorithm, implement both of the specification framework and the algorithm, and evaluate our implementation using a number of stateful security protocols. The experimental results show that our approach is both feasible and practically efficient. Particularly, we have found a security flaw on the digital envelope protocol, which cannot be detected with existing security protocol verifiers.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Blanchet, B.: An efficient cryptographic protocol verifier based on Prolog rules. In: Proceedings 14th IEEE Computer Security Foundations Workshop (CSFW), pp. 82–96. IEEE CS (2001)
Viganò, L.: Automated security protocol analysis with the avispa tool. Electron. Notes Theoret. Comput. Sci. (ENTCS) 155, 61–86 (2006)
Escobar, S., Meadows, C., Meseguer, J.: Maude-NPA: cryptographic protocol analysis modulo equational properties. In: Aldini, A., Barthe, G., Gorrieri, R. (eds.) FOSAD 2007-2009. LNCS, vol. 5705, pp. 1–50. Springer, Heidelberg (2009). doi:10.1007/978-3-642-03829-7_1
Kremer, S., Künnemann, R.: Automated analysis of security protocols with global state. In: Proceedings 24th IEEE Symposium on Security and Privacy (S & P), pp. 163–178 (2014)
Herzog, J.: Applying protocol analysis to security device interfaces. IEEE Secur. Priv. 4, 84–87 (2006)
Arapinis, M., Ritter, E., Ryan, M.D.: StatVerif: verification of stateful processes. In: Proceedings 24th IEEE Computer Security Foundations Symposium (CSF), pp. 33–47. IEEE CS (2011)
Delaune, S., Kremer, S., Ryan, M.D., Steel, G.: Formal analysis of protocols based on TPM state registers. In: Proceedings 24th IEEE Computer Security Foundations Symposium (CSF), pp. 66–80. IEEE CS (2011)
Dong, N., Jonker, H., Pang, J.: Challenges in eHealth: from enabling to enforcing privacy. In: Liu, Z., Wassyng, A. (eds.) FHIES 2011. LNCS, vol. 7151, pp. 195–206. Springer, Heidelberg (2012). doi:10.1007/978-3-642-32355-3_12
Dong, N., Jonker, H., Pang, J.: Formal analysis of privacy in an ehealth protocol. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 325–342. Springer, Heidelberg (2012). doi:10.1007/978-3-642-33167-1_19
Dong, N., Jonker, H.L., Pang, J.: Formal modelling and analysis of receipt-free auction protocols in applied PI. Comput. Secur. 65, 405–432 (2017)
Meier, S., Schmidt, B., Cremers, C., Basin, D.: The TAMARIN prover for the symbolic analysis of security protocols. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 696–701. Springer, Heidelberg (2013). doi:10.1007/978-3-642-39799-8_48
Li, L., Dong, N., Pang, J., Sun, J., Bai, G., Liu, Y., Dong, J.S.: A verification framework for stateful security protocols - full version (2017). http://www.comp.nus.edu.sg/dongnp/sspa
Ables, K., Ryan, M.D.: Escrowed data and the digital envelope. In: Acquisti, A., Smith, S.W., Sadeghi, A.-R. (eds.) Trust 2010. LNCS, vol. 6101, pp. 246–256. Springer, Heidelberg (2010). doi:10.1007/978-3-642-13869-0_16
Microsoft: Bitlocker FAQ (2011). http://technet.microsoft.com/en-us/library/hh831507.aspx
Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Commun. ACM 21, 993–999 (1978)
Lowe, G.: An attack on the needham-schroeder public-key authentication protocol. Inf. Process. Lett. 56, 131–133 (1995)
Li, L., Dong, N., Pang, J., Sun, J., Bai, G., Liu, Y., Dong, J.S.: SSPA tool, experiment models and evaluation results (2017). http://lilissun.github.io/r/sspa.html
Dolev, D., Yao, A.C.C.: On the security of public key protocols. IEEE Trans. Inf. Theory 29, 198–207 (1983)
Rusinowitch, M., Turuani, M.: Protocol insecurity with a finite number of sessions, composed keys is np-complete. Theoret. Comput. Sci. 299, 451–475 (2003)
Durgin, N.A., Lincoln, P., Mitchell, J.C.: Multiset rewriting and the complexity of bounded security protocols. J. Comput. Secur. 12, 247–311 (2004)
Meier, S.: Advancing automated security protocol verification. Ph.D. thesis, ETH (2013)
Mödersheim, S.: Abstraction by set-membership: verifying security protocols and web services with databases. In: Proceedings 17th ACM Conference on Computer and Communications Security (CCS), pp. 351–360. ACM (2010)
Guttman, J.D.: Fair exchange in strand spaces. In: Proceedings 7th International Workshop on Security Issues in Concurrency (SECCO), EPTCS, vol. 7, pp. 46–60 (2009)
Guttman, J.D.: State and progress in strand spaces: Proving fair exchange. J. Autom. Reasoning 48, 159–195 (2012)
Acknowledgement
This work is supported by the National Research Foundation, Prime Minister’s Office, Singapore under its National Cybersecurity R&D Program (TSUNAMi project, Award No.NRF2014NCR-NCR001-21) and administered by the National Cybersecurity R&D Directorate.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Li, L. et al. (2017). A Verification Framework for Stateful Security Protocols. In: Duan, Z., Ong, L. (eds) Formal Methods and Software Engineering. ICFEM 2017. Lecture Notes in Computer Science(), vol 10610. Springer, Cham. https://doi.org/10.1007/978-3-319-68690-5_16
Download citation
DOI: https://doi.org/10.1007/978-3-319-68690-5_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-68689-9
Online ISBN: 978-3-319-68690-5
eBook Packages: Computer ScienceComputer Science (R0)