Abstract
In this paper, we consider how one can analyse a stream authentication protocol using model checking techniques. In particular, we focus on the Timed Efficient Stream Loss-tolerant Authentication Protocol, TESLA. This protocol differs from the standard class of authentication protocols previously analysed using model checking techniques in the following interesting way: an unbounded stream of messages is broadcast by a sender, making use of an unbounded stream of keys; the authentication of the n-th message in the stream is achieved on receipt of the n + 1-th message. We show that, despite the infinite nature of the protocol, it is possible to build a finite model that correctly captures its behaviour.
Keywords
- Authentication Protocol
- Model Check Technique
- Authentication Request
- Honest Agent
- Initial Authentication
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This work was partially funded by the UK Engineering and Physical Sciences Research Council and Particle Physics and Astronomy Research Council as part of the e-science program.
Download to read the full chapter text
Chapter PDF
References
R. Anderson, F. Bergadano, B. Crispo, J.-H. Lee, C. Manifavas, and R. Needham. A new family of authentication protocols. Operating Systems Review, 32(4):9–20, 1998.
M. Archer. Proving correctness of the basic TESLA multicast stream authentication protocol with TAME. In Workshop on Issues in the Theory of Security, 2002.
D. Dolev and A. C. Yao. On the security of public-key protocols. Communications of the ACM, 29(8):198–208, August 1983.
Formal Systems (Europe) Ltd. Failures-Divergence Refinement—FDR2 User Manual, 2000. At http://www.fsel.com/fdr2manual.html.
C. A. R. Hoare. Communicating Sequential Processes. Prentice Hall, 1985.
M. L. Hui. A CSP Approach to the Analysis of Security Protocols. PhD thesis, University of Leicester, 2001.
M. L. Hui and G. Lowe. Fault-preserving simplifying transformations for security protocols. Journal of Computer Science, 9(1, 2):3–46, 2001.
R. Lazić. Theorems for mechanical verification of data-independent CSP. D.Phil, Oxford University, 1999.
G. Lowe. Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In Proceedings of TACAS, volume 1055 of Lecture Notes in Computer Science, pages 147–166. Springer Verlag, 1996. Also in Software—Concepts and Tools, 17:93-102, 1996.
G. Lowe and B. Roscoe. Using CSP to detect errors in the TMN protocol. IEEE Transactions on Software Engineering, 23(10):659–669, 1997.
A. Perrig, R. Canetti, J. D. Tygar, and D.X. Song. Efficient authentication and signing of multicast streams over lossy channels. In IEEE Symposium on Security and Privacy, pages 56–73, May 2000.
A.W. Roscoe. The Theory and Practice of Concurrency. Prentice Hall, 1997.
A.W. Roscoe. Proving security protocols with model checkers by data independence techniques. In 11th IEEE Computer Security Foundations Workshop, pages 84–95, 1998.
A. W. Roscoe and P. J. Broadfoot. Proving security protocols with model checkers by data independence techniques. Journal of Computer Security, 7(2, 3):147–190, 1999.
A.W. Roscoe and M. H. Goldsmith. The perfect’ spy’ for model-checking crypto-protocols. In Proceedings of DIM ACS workshop on the design and formal verification of cryptographic protocols, 1997.
P. Ryan, S. Schneider, M. Goldsmith, G. Lowe, and B. Roscoe. Modelling and Analysis of Security Protocols. Pearson Education, 2001.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Broadfoot, P., Lowe, G. (2002). Analysing a Stream Authentication Protocol Using Model Checking. In: Gollmann, D., Karjoth, G., Waidner, M. (eds) Computer Security — ESORICS 2002. ESORICS 2002. Lecture Notes in Computer Science, vol 2502. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45853-0_9
Download citation
DOI: https://doi.org/10.1007/3-540-45853-0_9
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44345-2
Online ISBN: 978-3-540-45853-1
eBook Packages: Springer Book Archive