Abstract
Fraglets represent an execution model for communication protocols that resembles the chemical reactions in living organisms. The strong connection between their way of transforming and reacting and formal rewriting systems makes a fraglet program amenable to automatic verification. Grounded on past work, this paper investigates feasibility of adopting fraglets as model for specifying security protocols and analysing their properties. In particular, we give concrete sample analyses over a secure RFID protocol, showing evolution of the protocol run as chemical dynamics and simulating an adversary trying to circumvent the intended steps. The results of our analysis confirm the effectiveness of the cryptofraglets framework for the model and analysis of security properties and eventually show its potential to identify and uncover protocol flaws.
Similar content being viewed by others
References
Avoine G, Oechslin P (2005) A scalable and provably secure hash based RFID protocol. In: International workshop on pervasive computing and communication security (PerSec ’05), pp. 110–114
BIONETS website. http://www.bionets.eu/
Clarke E, Jha S, Marrero W (2000) Verifying security protocols with Brutus. ACM Trans Softw Eng Methodol 9(4):443–487
Clavel M, Durán F, Eker S, Lincoln P, Martí-Oliet N, Meseguer J, Talcott CL (eds) (2007) All About Maude - A high-performance logical framework, how to specify, program and verify systems in rewriting logic, LNCS, vol. 4350 Springer
Conti M, Di Pietro R, Mancini LV, Spognardi A (2007) RIPP-FS: An RFID identification, privacy preserving protocol with forward secrecy. In: IEEE international conference on pervasive computing and communications workshops, 2007. Fifth Annual , pp. 229–234. IEEE
Conti M, Di Pietro R, Mancini LV, Spognardi A (2010) eRIPP-FS: Enforcing privacy and security in RFID. Secur Commun Netw 3(1):58–70
Dolev D, Yao A (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208
Durgin NA, Lincoln P, Mitchell JC (2004) Multiset rewriting and the complexity of bounded security protocols. J Comput Secur 12(2):247–311. http://iospress.metapress.com/content/gpwf813k7jnlup50/
Egidi L, Petrocchi M Modelling a secure agent with team automata. In: Proc VODCA’04, pp. 119–134, Elsevier (2005). ENTCS
Escobar S, Meadows C, Meseguer J (2009) Maude-NPA: Cryptographic protocol analysis modulo equational properties. In: Foundations of Security Analysis and Design V, Lecture Notes in Computer Science, vol. 5705, pp. 1–50. Springer Berlin Heidelberg. doi:10.1007/978-3-642-03829-7_1
Focardi R, Martinelli F (1999) A uniform approach for the definition of security properties. In: Proc. FM’99, LNCS, vol. 1708, pp. 794–813. Springer
FRAGLETS website. http://www.fraglets.net
Lenzini G, Gnesi S, Latella D Spider: A security model checker. In: Proc. FAST’03, pp. 163–180 (2003). Informal proceedings
Lynch N (1999) I/O automaton models and proofs for shared-key communication systems. In: Proc. CSFW’99, pp. 14–31. IEEE
Martinelli F, Petrocchi M (2007) Access control mechanisms for fraglets. In: BIONETICS. ICST
Martinelli F, Petrocchi M (2008) Signed and weighted trust credentials for fraglets. In: BIONETICS. ICST
Martinelli F, Petrocchi M Executable specification of cryptofraglets in maude for security verification. In: BIONETICS, pp. 11–23 (2009). doi:10.1007/978-3-642-12808-0_2
Maude website. http://maude.cs.uiuc.edu/
Menezes AJ, Vanstone SA, Orschot PCV (2001) Handbook of applied cryptography, 5th ed. CRC Press Inc
Meseguer J (1997) Research directions in rewriting logic. In: Computational Logic, LNCS, vol. 165. Springer-Verlag
Mitchell JC Multiset rewriting and security protocol analysis. In: Tison S (ed) Rewriting Techniques and Applications, Lecture Notes in Computer Science, vol. 2378, pp. 19–22. Springer Berlin Heidelberg (2002). doi:10.1007/3-540-45610-4_2
Ohkubo M, Suzuki K, Kinoshita S (2003) Cryptographic approach to privacy-friendly tags. In: 2003 MIT RFID Privacy Workshop
Petrocchi M (2005) Formal techniques for modeling and verifying secure procedures. University of Pisa, Ph.D. thesis
Petrocchi M (2006) Crypto-fraglets. In: BIONETICS. IEEE
Petrocchi M, Spognardi A, Santi P (2014) Cryptofraglets reloaded - bioinspired security modeling of a RFID protocol and properties. In: 8th international conference on bio-inspired information and communications technologies, BICT 2014. doi:10.4108/icst.bict.2014.258027
Tschudin C (2003) Fraglets - a metabolistic execution model for communication protocols. In: Proc. AINS’03
Tschudin C, Yamamoto L (2004) A metabolic approach to protocol resilience. In: Proc. WAC’04, LNCS 3457, pp. 191–206. Springer
Tsudik G (2006) YA-TRAP: Yet another trivial RFID authentication protocol. In: Proceedings of the fourth annual IEEE international conference on pervasive computing and communications workshops (PERCOMW ’06), p. 640
Tsudik G (2007) A family of dunces. In: Proceedings of the seventh workshop on privacy enhancing technologies (PET’07), pp. 45–61
Yamamoto L, Tschudin C (2005) Experiments on the automatic evolution of protocols using genetic programming. In: Proc. WAC’05, LNCS 3854, pp. 13–28. Springer
Yamamoto L, Tschudin C (2005) Genetic evolution of protocol implementations and configurations. In: Proc. Self Man’05
Acknowledgments
This work has been partly supported by the Registro.it project My Information Bubble MIB.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Petrocchi, M., Spognardi, A. & Santi, P. Bioinspired Security Analysis of Wireless Protocols. Mobile Netw Appl 21, 139–148 (2016). https://doi.org/10.1007/s11036-016-0702-z
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11036-016-0702-z