Skip to main content
SpringerLink
Log in

Formal Analysis of Combinations of Secure Protocols

  • Conference paper
  • First Online:
Foundations and Practice of Security (FPS 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10723))

Included in the following conference series:

Abstract

When trying to prove the security of a protocol, one usually analyzes the protocol in isolation, i.e., in a network with no other protocols. But in reality, there will be many protocols operating on the same network, maybe even sharing data including keys, and an intruder may use messages of one protocol to break another. We call that a multi-protocol attack. In this paper, we try to find such attacks using the Tamarin prover. We analyze both examples that were previously analyzed by hand or using other tools, and find novel attacks.

This research was conducted with the support of the Indo-French Centre for the Promotion of Advanced Research (IFCPAR) and the Center Franco-Indien Pour La Promotion De La Recherche Avancée (CEFIPRA) through the project DST/CNRS 2015-03 under DST-INRIA-CNRS Targeted Programme, and by the CNRS PEPS SISC ASSI 2016/2017.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Abadi, M., Needham, R.: Prudent engineering practice for cryptographic protocols. IEEE Trans. Softw. Eng. 22(1), 6–15 (1996)

    Article  Google Scholar 

  2. Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., Drielsma, P.H., Heám, P.C., Kouchnarenko, O., Mantovani, J., Mödersheim, S., von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Viganò, L., Vigneron, L.: The AVISPA tool for the automated validation of internet security protocols and applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005). https://doi.org/10.1007/11513988_27

    Chapter  Google Scholar 

  3. Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: Proceedings of the 14th IEEE Workshop on Computer Security Foundations, CSFW 2001, Washington, DC, USA, pp. 82–96. IEEE Computer Society (2001)

    Google Scholar 

  4. Burrows, M., Abadi, M., Needham, R.: A logic of authentication. ACM Trans. Comput. Syst. 8(1), 18–36 (1990)

    Article  MATH  Google Scholar 

  5. Buttyan, L., Staamann, S., Wilhelm, U.: A simple logic for authentication protocol design. In: 11th IEEE Computer Security Foundations Workshop, pp. 153–162. IEEE Computer Society Press (1998)

    Google Scholar 

  6. Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. Cryptology ePrint Archive, Report 2000/067 (2000). http://eprint.iacr.org/2000/067

  7. Clark, J., Jacob, J.: A survey of authentication protocol literature: version 1.0 (1997)

    Google Scholar 

  8. Clark, J.A., Jacob, J.: On the security of recent protocols. Inf. Process. Lett. 56(3), 151–155 (1995)

    Article  MATH  Google Scholar 

  9. C. Cremers. Feasibility of multi-protocol attacks. In: Proceedings of the First International Conference on Availability, Reliability and Security (ARES), Vienna, Austria, pp. 287–294. IEEE Computer Society (2006)

    Google Scholar 

  10. Cremers, C., Mauw, S.: Security properties. In: Operational Semantics and Verification of Security Protocols. ISC, pp. 37–65. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-540-78636-8_4

  11. Cremers, C., Mauw, S., de Vink, E.: Injective synchronisation: an extension of the authentication hierarchy. Theor. Comput. Sci. 367(1), 139–161 (2006)

    Article  MathSciNet  MATH  Google Scholar 

  12. Cremers, C.J.: Unbounded verification, falsification, and characterization of security protocols by pattern refinement. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, CCS 2008, pp. 119–128. ACM, New York (2008)

    Google Scholar 

  13. Denning, D.E., Sacco, G.M.: Timestamps in key distribution protocols. Commun. ACM 24(8), 533–536 (1981)

    Article  Google Scholar 

  14. Durgin, N.A., Mitchell, J.C., Pavlovic, D.: A compositional logic for proving security properties of protocols. J. Comput. Secur. 11(4), 677–722 (2003)

    Article  Google Scholar 

  15. Elliott, B., Dreier, J., Lafourcade, P.: Formal Analysis of Combinations of Secure Protocols (Extended Version). Technical report (2017). https://hal.archives-ouvertes.fr/hal-01558552v3

  16. Hwang, T., Chen, Y.-H.: On the security of SPLICE/AS - the authentication system in WIDE internet. Inf. Process. Lett. 53(2), 97–101 (1995)

    Article  MATH  Google Scholar 

  17. Kao, I.-L., Chow, R.: An efficient and secure authentication protocol using uncertified keys. SIGOPS Oper. Syst. Rev. 29(3), 14–21 (1995)

    Article  Google Scholar 

  18. Kelsey, J., Schneier, B., Wagner, D.: Protocol interactions and the chosen protocol attack. In: Christianson, B., Crispo, B., Lomas, M., Roe, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 91–104. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0028162

    Chapter  Google Scholar 

  19. Lowe, G.: An attack on the needham-schroeder public-key authentication protocol. Inf. Process. Lett. 56(3), 131–133 (1995)

    Article  MATH  Google Scholar 

  20. Lowe, G.: A hierarchy of authentication specification. In: 10th Computer Security Foundations Workshop (CSFW 1997), 10–12 June 1997, Rockport, Massachusetts, USA, pp. 31–44. IEEE Computer Society (1997)

    Google Scholar 

  21. Lowe, G.: Towards a completeness result for model checking of security protocols. J. comput. secur. 7(2–3), 89–146 (1999)

    Article  Google Scholar 

  22. Mathuria, A., Singh, A.R., Shravan, P.V., Kirtankar, R.: Some new multi-protocol attacks. In: Proceedings of the 15th International Conference on Advanced Computing and Communications, ADCOM 2007, Washington, DC, USA, pp. 465–471. IEEE Computer Society (2007)

    Google Scholar 

  23. Meier, S., Schmidt, B., Cremers, C., Basin, D.: The TAMARIN prover for the symbolic analysis of security protocols. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 696–701. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39799-8_48

    Chapter  Google Scholar 

  24. Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Commun. ACM 21(12), 993–999 (1978)

    Article  MATH  Google Scholar 

  25. Needham, R.M., Schroeder, M.D.: Authentication revisited. SIGOPS Oper. Syst. Rev. 21(1), 7 (1987)

    Article  Google Scholar 

  26. Perrig, A., Song, D.: Looking for diamonds in the desert - extending automatic protocol generation to three-party authentication and key agreement protocols. In: Proceedings of the 13th IEEE Workshop on Computer Security Foundations, CSFW 2000, Washington, DC, USA, pp. 64–76. IEEE Computer Society (2000)

    Google Scholar 

  27. Song, D.X., Berezin, S., Perrig, A.: Athena: a novel approach to efficient automatic security protocol analysis. J. Comput. Secur. 9(1–2), 47–74 (2001)

    Article  Google Scholar 

  28. Woo, T.Y.C., Lam, S.S.: A lesson on authentication protocol design. SIGOPS Oper. Syst. Rev. 28(3), 24–37 (1994)

    Article  Google Scholar 

  29. Yamaguchi, S., Okayama, K., Miyahara, H.: The design and implementation of an authentication system for the wide area distributed environment. IEICE Trans. Inf. Syst. 74(11), 3902–3909 (1991)

    Google Scholar 

  30. Zhou, H., Foley, S.N.: Fast automatic synthesis of security protocols using backward search. In: Proceedings of the 2003 ACM Workshop on Formal Methods in Security Engineering, FMSE 2003, pp. 1–10. ACM, New York (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LIMOS, University Clermont Auvergne, Clermont-Ferrand, France

    Elliott Blot & Pascal Lafourcade

  2. LORIA, Université de Lorraine, INRIA, CNRS, Nancy, France

    Jannik Dreier

Authors
  1. Elliott Blot
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jannik Dreier
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Pascal Lafourcade
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jannik Dreier .

Editor information

Editors and Affiliations

  1. University of Lorraine, Villers-lès-Nancy, France

    Abdessamad Imine

  2. Polytechnique de Montréal, Montreal, Québec, Canada

    José M. Fernandez

  3. LORIA, Vandœuvre-lès-Nancy, France

    Jean-Yves Marion

  4. Université du Québec en Outaouais, Gatineau, Québec, Canada

    Luigi Logrippo

  5. Télécom SudParis, Evry Cedex, France

    Joaquin Garcia-Alfaro

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Blot, E., Dreier, J., Lafourcade, P. (2018). Formal Analysis of Combinations of Secure Protocols. In: Imine, A., Fernandez, J., Marion, JY., Logrippo, L., Garcia-Alfaro, J. (eds) Foundations and Practice of Security. FPS 2017. Lecture Notes in Computer Science(), vol 10723. Springer, Cham. https://doi.org/10.1007/978-3-319-75650-9_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-75650-9_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-75649-3

  • Online ISBN: 978-3-319-75650-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation