Abstract
The Canvas protocol was developed by Harald Vogt [10] and should provide data integrity in Wireless Sensor Networks. However, Dieter Gollmann published [5] an attack on the protocol. This example supports a widespread belief that design of security protocols is notoriously error-prone. Therefore, it is required to use formal methods to analyze their security properties. In the paper we present design and analysis of a generalized Canvas protocol. We consider the fallacy of the Canvas scheme in different models of the attacker and present a solution for correcting the scheme. We discuss a motivation for generalization of the Canvas protocol and introduce a k-generalized version of the scheme for some parameter k ≥ 2. We build a formal model of the k-generalized Canvas protocol in the applied pi-calculus. This model includes a model of the network topology, communication channels, captured nodes, and capabilities of the attacker. In the semantic model of the applied pi-calculus we specify the data integrity property of the scheme. We prove that the proposed k-generalized Canvas scheme, in the presence of an active adversary, provides data integrity of messages assuming that at least one honest node exists on each path of the length k − 1 in the communication graph of a sensor network. Finally, we discuss the usability of the proposed formal model for other WSN security protocols.
This work was partially supported by APVV grant SK-SI-0010-08 and Slovak VEGA grant 1/0035/09.
Chapter PDF
References
Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pp. 104–115. ACM, New York (2001)
Armando, A., et al.: The Avispa Tool for the automated validation of internet security protocols and applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005)
Blanchet, B.: Automatic Verification of Correspondences for Security Protocols. Journal of Computer Security 17(4), 363–434 (2009)
Blanchet, B.: An Efficient Cryptographic Protocol Verifier Based on Prolog Rules. In: Proceedings of 14th IEEE Computer Security Foundations Workshop, pp. 82–96. IEEE Computer Society, Washington (2001)
Gollmann, D.: Protocol analysis for concrete environments. In: Moreno Díaz, R., Pichler, F., Quesada Arencibia, A. (eds.) EUROCAST 2005. LNCS, vol. 3643, pp. 365–372. Springer, Heidelberg (2005)
Menezes, A., van Oorshot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)
Tobarra, L., et al.: Model Checking Wireless Sensor Network Security Protocols: TinySec + LEAP. In: Orozco-Barbosa, L., et al. (eds.) Wireless Sensor and Actor Networks. IFIP, vol. 248, pp. 95–106. Springer, Boston (2008)
Vogt, H.: Exploring Message Authentication in Sensor Networks. In: Castelluccia, C., Hartenstein, H., Paar, C., Westhoff, D. (eds.) ESAS 2004. LNCS, vol. 3313, pp. 19–30. Springer, Heidelberg (2005)
Vogt, H.: Increasing Attack Resiliency of Wireless Ad Hoc and Sensor Networks. In: Proceedings of the Second International Workshop on Security in Distributed Computing Systems (ICDCSW 2005), vol. 2, pp. 179–184. IEEE Computer Society, Washington (2005)
Vogt, H.: Integrity preservation for communication in sensor networks. Technical Report 434, Institute for Pervasive Computing. ETH Zürich (2004)
Xiao, Y., Du, X.: A Survey on Sensor Network Security. In: Li, Y., et al. (eds.) Wireless Sensor Networks and Applications. Signals and Communication Technology Series, pp. 403–421. Springer, Heidelberg (2008)
Zhu, S., Setia, S., Jajodia, S., Ning, P.: Interleaved hop-by-hop authentication against false data injection attacks in sensor networks. ACM Transactions on Sensor Networks 3(3), article 14 (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 IFIP International Federation for Information Processing
About this paper
Cite this paper
Novotný, M. (2010). Design and Analysis of a Generalized Canvas Protocol. In: Samarati, P., Tunstall, M., Posegga, J., Markantonakis, K., Sauveron, D. (eds) Information Security Theory and Practices. Security and Privacy of Pervasive Systems and Smart Devices. WISTP 2010. Lecture Notes in Computer Science, vol 6033. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12368-9_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-12368-9_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-12367-2
Online ISBN: 978-3-642-12368-9
eBook Packages: Computer ScienceComputer Science (R0)