Abstract
In this paper, a formal analysis of security protocols in the field of wireless sensor networks is presented. Two complementary protocols, TinySec and LEAP, are modelled using the high-level formal language HLPSL, and verified using the model checking tool Avispa, where two main security properties are checked: authenticity and confidentiality of messages. As a result of this analysis, two attacks have been found: a man-in-the-middle- attack and a type flaw attack. In both cases confidentiality is compromised and an intruder may obtain confidential data from a node in the network. Two solutions to these attacks are proposed in the paper.
This work has been supported by the Spanish government with the project “Application of Formal Methods to Web Services”, with reference TIN2006-15578-C02-02, and the JCCM regional project “Application of formal methods to the design and analysis of Web Services and e-commerce” (PAC06-0008-6995)
Chapter PDF
Similar content being viewed by others
References
Perrig, A., Stankovic, J.A., Wagner, D.: Security in wireless sensor networks. Commun. ACM 47 (2004) 53–57
Karlof, C, Sastry, N., Wagner, D.: TinySec: a link layer security architecture for wireless sensor networks. In: Proceedings of the 2nd International Conference on Embedded Networked Sensor Systems, SenSys 2004, Baltimore, MD, USA, November 3–5, 2004, ACM (2004) 162–175
Perrig, A., Szewczyk, R., Tygar, J.D., Wen, V., Culler, D.E.; SPINS: Security protocols for sensor networks. Wireless Networks 8 (2002) 521–534
Zhu, S., Setia, S., Jajodia, S.: LEAP: efficient security mechanisms for large-scale distributed sensor networks. In Jajodia, S., Atluri, V., Jaeger, T., eds.: ACM Conference on Computer and Communications Security, ACM (2003) 62–72
Chan, H., Perrig, A., Song, D.X.: Random key predistribution schemes for sensor networks. In: IEEE Symposium on Security and Privacy, IEEE Computer Society (2003) 197
Eschenauer, L., Gligor, V.: A key-management scheme for distributed sensor networks. In Atluri, V., ed.: ACM Conference on Computer and Communications Security, ACM (2002) 41–47
Hill, J., Szewczyk, R., Woo, A., Hollar, S., Culler, D.E., Pister, K.S.J.: System architecture directions for networked sensors. In: Inter. Conf. on Architectural Support for Programming Languages and Operating Systems, ASPLOS. (2000) 93–104
Clarke, E.M., Grumberg, O., Peled, D.A.,: Model Checking. The MIT Press (1999)
Lowe, G.: Casper: A compiler for the analysis of security protocols. Journal of Computer Security 6 (1998) 53–84
Armando, A., Basin, D.A., Boichut, Y., Chevalier, Y.; Compagna, L., Cuéllar, J., Drielsma, P.H., Héam, P.C., Kouchnarenko, O., Mantovani, J., Mödersheim, S., von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Viganò, L., Vigneron, L.: The AVISPA tool for the automated validation of internet security protocols and applications. In Etessami, K., Rajamani, S.K., eds.: CAV. Volume 3576 of Lecture Notes in Computer Science., Springer (2005) 281–285
Tobarra, M.L., Cazorla, D., Cuartero, F., Diaz, G.: Application of formal methods to the analysis of web services security. In Bravetti, M., Kloul, L., Zavattaro, G., eds.: EPEW/WS-FM. Volume 3670 of Lecture Notes in Computer Science., Springer (2005) 215–229
Backes, M., Mödersheim, S., Pfitzmann, B., Viganò, L.: Symbolic and cryptographic analysis of the secure WS-ReliableMessaging scenario. In Aceto, L., Ingólfsdóttir, A., eds.: FoSSaCS. Volume 3921 of Lecture Notes in Computer Science., Springer (2006) 428–445
Bhargavqn, K., Fournet, C., Gordon, A.D.: Verifying policy-based security for web services. In Atluri, V., Pfitzmann, B., McDaniel, P.D., eds.: ACM Conference on Computer and Communications Security, ACM (2004) 268–277
Mannan, M., van Oorschot, P.C.: A protocol for secure public instant messaging. In Crescenzo, G.D., Rubin, A., eds.: Financial Cryptography. Volume 4107 of Lecture Notes in Computer Science., Springer (2006) 20–35
Mitchell, J.C.: Finite-state analysis of security protocols. In Hu, A.J., Vardi, M.Y., eds.: CAV. Volume 1427 of Lecture Notes in Computer Science., Springer (1998) 71–76
Tobarra, M.L., Cazorla, D., Cuartero, F., Diaz, G.: Formal verification of TLS handshake and extensions for wireless networks. In: Proc. of IADIS International Conference on Applied Computing (AC’06), San Sebastian, Spain, IADIS Press (2006) 57–64
Chevalier, Y., Compagna, L., Cuéllar, J., Drielsma, P.H., Mantovani, J., Mödersheim, S., Vigneron, L.: A high level protocol specification language for industrial security-sensitive protocols. In: Proceedings of Workshop on Specification and Automated Processing of Security Requirements (SAPS). (2004) 193–205
Armando, A., Compagna, L.: SATMC: A SAT-based model checker for security protocols. In Alferes, J.J., Leite, J.A., eds.: JELIA. Volume 3229 of Lecture Notes in Computer Science.; Springer (2004) 730–733
Glouche, Y., Genet, T., Heen, O., Courtay, O,: A security protocol animator tool for AVISPA. In: ARTIST2 Workshop on Security Specification and Verification of Embedded Systems, Pisa (2006)
Dolev, D., Yao, A.C.C.: On the security of public key protocols. In: FOCS, IEEE (1981) 350–357
Bellare, M., Kilian, J., Rogaway, P.: The security of the cipher block chaining message authentication code. J. Comput. Syst. Sci. 61 (2000) 362–399
Bellare, M., Desai, A., Jokipii, E., Rogaway, P.; A concrete security treatment of symmetric encryption. In: Proceedings of 38th Annual Symposium on Foundations of Computer Science, IEEE (1997) 394–403
Heather, J., Lowe, G., Schneider, S.: How to prevent type flaw attacks on security protocols. Journal of Computer Security 11 (2003) 217–244
Mark Luk, Ghita Mezzour, A.P., Gligor, V.: Minisec: A secure sensor network communication architecture. In: Proceedings of IEEE International Conference on Information Processing in Sensor Networks (IPSN). (2007)
Zhu, S., Setia, S., Jajodia, S.: LEAP: Efficient security mechanisms for large-scale distributed sensor networks. ACM Transactions on Sensor Networks 2 (2006) 500–528
Watro, R-J., Kong, D., Cuti, S.f., Gardiner, C., Lynn, C., Kruus, P.: TinyPK: securing sensor networks with public key technology. In Setia, S., Swarup, V., eds.: SASN, ACM (2004) 59–64
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 International Federation for Information Processing
About this paper
Cite this paper
Tobarra, L., Cazorla, D., Cuartero, F., Díaz, G., Cambronero, E. (2007). Model Checking Wireless Sensor Network Security Protocols: TinySec + LEAP. In: Orozco-Barbosa, L., Olivares, T., Casado, R., Bermúdez, A. (eds) Wireless Sensor and Actor Networks. WSAN 2007. IFIP International Federation for Information Processing, vol 248. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-74899-3_9
Download citation
DOI: https://doi.org/10.1007/978-0-387-74899-3_9
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-74898-6
Online ISBN: 978-0-387-74899-3
eBook Packages: Computer ScienceComputer Science (R0)