Automated verification of timed security protocols with clock drift

Automated verification of timed security protocols with clock drift

Time is frequently used in security protocols to provide better security. For instance, critical credentials often have limited lifetime which improves the security against brute-force attacks. However, it is challenging to correctly use time in protocol design, due to the existence of clock drift i...

Full description

Saved in:
Bibliographic Details
Main Authors: LI, Li, SUN, Jun
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2016
Subjects:
Security Protocol
Clock Rate
Local Clock
Global Clock
Clock Drift
Information Security
Software Engineering
Online Access:https://ink.library.smu.edu.sg/sis_research/4940
https://ink.library.smu.edu.sg/context/sis_research/article/5943/viewcontent/automated_verification.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-5943
record_format dspace
spelling sg-smu-ink.sis_research-59432020-02-27T03:25:43Z Automated verification of timed security protocols with clock drift LI, Li SUN, Jun Time is frequently used in security protocols to provide better security. For instance, critical credentials often have limited lifetime which improves the security against brute-force attacks. However, it is challenging to correctly use time in protocol design, due to the existence of clock drift in practice. In this work, we develop a systematic method to formally specify as well as automatically verify timed security protocols with clock drift. We first extend the previously proposed timed applied ππ -calculus as a formal specification language for timed protocols with clock drift. Then, we define its formal semantics based on timed logic rules, which facilitates efficient verification against various security properties. Clock drift is encoded as parameters in the rules. The verification result shows the constraints associated with clock drift that are required for the security of the protocol, e.g., the maximum drift should be less than some constant. We evaluate our method with multiple timed security protocols. We find a time-related security threat in the TESLA protocol, a complex time-related broadcast protocol for lossy channels, when the clocks used by different protocol participants do not share the same clock rate. 2016-11-11T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/4940 info:doi/10.1007/978-3-319-48989-6_31 https://ink.library.smu.edu.sg/context/sis_research/article/5943/viewcontent/automated_verification.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Security Protocol Clock Rate Local Clock Global Clock Clock Drift Information Security Software Engineering
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Security Protocol
Clock Rate
Local Clock
Global Clock
Clock Drift
Information Security
Software Engineering
spellingShingle Security Protocol
Clock Rate
Local Clock
Global Clock
Clock Drift
Information Security
Software Engineering
LI, Li
SUN, Jun
Automated verification of timed security protocols with clock drift
description Time is frequently used in security protocols to provide better security. For instance, critical credentials often have limited lifetime which improves the security against brute-force attacks. However, it is challenging to correctly use time in protocol design, due to the existence of clock drift in practice. In this work, we develop a systematic method to formally specify as well as automatically verify timed security protocols with clock drift. We first extend the previously proposed timed applied ππ -calculus as a formal specification language for timed protocols with clock drift. Then, we define its formal semantics based on timed logic rules, which facilitates efficient verification against various security properties. Clock drift is encoded as parameters in the rules. The verification result shows the constraints associated with clock drift that are required for the security of the protocol, e.g., the maximum drift should be less than some constant. We evaluate our method with multiple timed security protocols. We find a time-related security threat in the TESLA protocol, a complex time-related broadcast protocol for lossy channels, when the clocks used by different protocol participants do not share the same clock rate.
format text
author LI, Li
SUN, Jun
author_facet LI, Li
SUN, Jun
author_sort LI, Li
title Automated verification of timed security protocols with clock drift
title_short Automated verification of timed security protocols with clock drift
title_full Automated verification of timed security protocols with clock drift
title_fullStr Automated verification of timed security protocols with clock drift
title_full_unstemmed Automated verification of timed security protocols with clock drift
title_sort automated verification of timed security protocols with clock drift
publisher Institutional Knowledge at Singapore Management University
publishDate 2016
url https://ink.library.smu.edu.sg/sis_research/4940
https://ink.library.smu.edu.sg/context/sis_research/article/5943/viewcontent/automated_verification.pdf
_version_ 1770575152720904192

Similar Items