Skip to main content
SpringerLink
Log in

Let’s Get Physical: Models and Methods for Real-World Security Protocols

  • Conference paper
Theorem Proving in Higher Order Logics (TPHOLs 2009)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 5674))

Included in the following conference series:

Abstract

Traditional security protocols are mainly concerned with key establishment and principal authentication and rely on predistributed keys and properties of cryptographic operators. In contrast, new application areas are emerging that establish and rely on properties of the physical world. Examples include protocols for secure localization, distance bounding, and device pairing.

We present a formal model that extends inductive, trace-based approaches in two directions. First, we refine the standard Dolev-Yao model to account for network topology, transmission delays, and node positions. This results in a distributed intruder with restricted, but more realistic, communication capabilities. Second, we develop an abstract message theory that formalizes protocol-independent facts about messages, which hold for all instances. When verifying protocols, we instantiate the abstract message theory, modeling the properties of the cryptographic operators under consideration. We have formalized this model in Isabelle/HOL and used it to verify distance bounding protocols where the concrete message theory includes exclusive-or.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Brands, S., Chaum, D.: Distance-bounding protocols. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  2. Capkun, S., Buttyan, L., Hubaux, J.P.: SECTOR: secure tracking of node encounters in multi-hop wireless networks. In: SASN 2003: Proceedings of the 1st ACM Workshop on Security of Ad Hoc and Sensor Networks, pp. 21–32. ACM Press, New York (2003)

    Chapter  Google Scholar 

  3. Hancke, G.P., Kuhn, M.G.: An RFID distance bounding protocol. In: SECURECOMM 2005: Proceedings of the 1st International Conference on Security and Privacy for Emerging Areas in Communications Networks, Washington, DC, USA, pp. 67–73. IEEE Computer Society, Los Alamitos (2005)

    Google Scholar 

  4. Meadows, C., Poovendran, R., Pavlovic, D., Chang, L., Syverson, P.: Distance bounding protocols: Authentication logic analysis and collusion attacks. In: Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks, pp. 279–298. Springer, Heidelberg (2006)

    Google Scholar 

  5. Sastry, N., Shankar, U., Wagner, D.: Secure verification of location claims. In: WiSe 2003: Proceedings of the 2003 ACM workshop on Wireless security, pp. 1–10. ACM Press, New York (2003)

    Chapter  Google Scholar 

  6. Schaller, P., Schmidt, B., Basin, D., Capkun, S.: Modeling and verifying physical properties of security protocols for wireless networks. In: CSF-22: 22nd IEEE Computer Security Foundations Symposium (to appear, 2009)

    Google Scholar 

  7. Paulson, L.C.: The inductive approach to verifying cryptographic protocols. Journal of Computer Security 6, 85–128 (1998)

    Article  Google Scholar 

  8. Nipkow, T., Paulson, L., Wenzel, M.: Isabelle/HOL. LNCS, vol. 2283. Springer, Heidelberg (2002)

    MATH  Google Scholar 

  9. Capkun, S., Hubaux, J.P.: Secure positioning of wireless devices with application to sensor networks. In: INFOCOM, pp. 1917–1928. IEEE, Los Alamitos (2005)

    Google Scholar 

  10. Perrig, A., Tygar, J.D.: Secure Broadcast Communication in Wired and Wireless Networks. Kluwer Academic Publishers, Norwell (2002)

    Google Scholar 

  11. Ballarin, C.: Interpretation of locales in Isabelle: Theories and proof contexts. In: Borwein, J.M., Farmer, W.M. (eds.) MKM 2006. LNCS (LNAI), vol. 4108, pp. 31–43. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  12. Porter, B.: Cauchy’s mean theorem and the cauchy-schwarz inequality. The Archive of Formal Proofs, Formal proof development (March 2006)

    Google Scholar 

  13. Clulow, J., Hancke, G.P., Kuhn, M.G., Moore, T.: So near and yet so far: Distance-bounding attacks in wireless networks. In: Buttyán, L., Gligor, V.D., Westhoff, D. (eds.) ESAS 2006. LNCS, vol. 4357, pp. 83–97. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  14. Schmidt, B., Schaller, P.: Isabelle Theory Files: Modeling and Verifying Physical Properties of Security Protocols for Wireless Networks, http://people.inf.ethz.ch/benschmi/ProtoVeriPhy/

  15. Delzanno, G., Ganty, P.: Automatic Verification of Time Sensitive Cryptographic Protocols. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 342–356. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  16. Evans, N., Schneider, S.: Analysing Time Dependent Security Properties in CSP Using PVS. In: Cuppens, F., Deswarte, Y., Gollmann, D., Waidner, M. (eds.) ESORICS 2000. LNCS, vol. 1895, pp. 222–237. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  17. Acs, G., Buttyan, L., Vajda, I.: Provably Secure On-Demand Source Routing in Mobile Ad Hoc Networks. IEEE Transactions on Mobile Computing 5(11), 1533–1546 (2006)

    Article  Google Scholar 

  18. Yang, S., Baras, J.S.: Modeling vulnerabilities of ad hoc routing protocols. In: SASN 2003: Proceedings of the 1st ACM Workshop on Security of Ad Hoc and Sensor Networks, pp. 12–20. ACM, New York (2003)

    Chapter  Google Scholar 

  19. Courant, J., Monin, J.: Defending the bank with a proof assistant. In: Proceedings of the 6th International Workshop on Issues in the Theory of Security (WITS 2006), pp. 87–98 (2006)

    Google Scholar 

  20. Paulson, L.: Defining functions on equivalence classes. ACM Transactions on Computational Logic 7(4), 658–675 (2006)

    Article  MathSciNet  Google Scholar 

  21. Basin, D., Constable, R.: Metalogical frameworks. In: Huet, G., Plotkin, G. (eds.) Logical Environments, pp. 1–29. Cambridge University Press, Cambridge (1993); Also available as Technical Report MPI-I-92-205

    Google Scholar 

  22. Basin, D., Matthews, S.: Logical frameworks. In: Gabbay, D., Guenthner, F. (eds.) Handbook of Philosophical Logic, 2nd edn., vol. 9, pp. 89–164. Kluwer Academic Publishers, Dordrecht (2002)

    Chapter  Google Scholar 

  23. Basin, D., Matthews, S.: Structuring metatheory on inductive definitions. Information and Computation 162(1–2) (October/November 2000)

    Google Scholar 

  24. Nipkow, T.: Reflecting quantifier elimination for linear arithmetic. Formal Logical Methods for System Security and Correctness, 245 (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. ETH Zurich, 8092, Zurich, Switzerland

    David Basin, Srdjan Capkun, Patrick Schaller & Benedikt Schmidt

Authors
  1. David Basin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Srdjan Capkun
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Patrick Schaller
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Benedikt Schmidt
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institut für Informatik, Technische Universität München, Boltzmannstraße 3, 85748, Garching, Germany

    Stefan Berghofer , Tobias Nipkow , Christian Urban  & Makarius Wenzel , ,  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Basin, D., Capkun, S., Schaller, P., Schmidt, B. (2009). Let’s Get Physical: Models and Methods for Real-World Security Protocols. In: Berghofer, S., Nipkow, T., Urban, C., Wenzel, M. (eds) Theorem Proving in Higher Order Logics. TPHOLs 2009. Lecture Notes in Computer Science, vol 5674. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03359-9_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-03359-9_1

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-03358-2

  • Online ISBN: 978-3-642-03359-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation