Christian Kraetzer
ABSTRACT
The primary goal in this paper is to adapt and extend a recent concept and prototypical framework for (semi-)automated security verification of watermarking-based communication protocols based on the CASPER protocol modeling language and the FRD model checker. Therefore our paper extends the scope of watermarking research beyond signal processing and information theory investigations to include also protocol verification considerations as known e.g. from the field of cryptographic research. To be able to establish a clear picture of the potential prospects and the current restrictions of such a verification framework for watermarking-based communication protocols, we conceptualize, model, generate and (partially) verify an exemplary protocol for a complex watermarking-based application scenario that combines a multi-level data access structure and the assurance of the security aspects of confidentiality, authenticity and integrity. Our results show that, while the security aspects of communication confidentiality and entity-authenticity can actually be verified with the introduced approach, other security aspects which might be similarly verified are still lacking corresponding support in protocol modeling languages like CASPER.
- J. C. L. Pimental and R. Monroy: Formal support to security protocol development: A survey. Computacion y Sistemas, 12(1), 2008.Google Scholar
- J. Dittmann, S. Katzenbeisser, C. Schallhart, and H. Veith: Provably Secure Authentication of Digital Media Through Invertible Watermarks. Cryptology ePrint Archive, Report 2004/293, 2004. http://eprint.iacr.org/.Google Scholar
- C. Kraetzer, R. Merkel, R. Altschaffel, E. Clausing, M. Schott, J. Dittmann: Modelling Watermark Communication Protocols using the CASPER Modelling Language. Proc. of the ACM Workshop on Multimedia and Security, 2010. Google ScholarDigital Library
- G. Lowe: CASPER: A Compiler for the Analysis of Security Protocols. J. of Computer Security, Society Press, 1998. Google ScholarDigital Library
- FDR user manual. Formal Systems (Europe) Ltd., http://www.fsel.com/documentation/fdr2/html/, May, 7th 2011.Google Scholar
- N.P. Sheppard, R. Safavi-Naini, P. Ogumbona: On Multiple Watermarking, Proc. of the ACM Workshop on Multimedia and Security, 2001. Google ScholarDigital Library
- NIST Special Publication 800--67 v1.1: Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher, 2008.Google Scholar
- A. S. Tanenbaum: Computer Networks. 4th ed., Prentice Hall, 2002. Google ScholarDigital Library
- P. Ryan, S. Schneider: Modelling and analysis of security protocols, 2001. Google ScholarDigital Library
- K. Solanki, A. Sarkar, B. Manjunath: YASS: Yet Another Steganographic Scheme That Resists Blind Steganalysis. In Proc. of Information Hiding '07. Lecture Notes in Computer Science, Volume: 4567, Springer Berlin / Heidelberg, pp.16--31, 2007. Google ScholarDigital Library
- A. Lang: Audio Watermarking Benchmarking -- A Profile Based Approach. PhD Thesis. Otto-von-Guericke-University Magdeburg, Germany, Dept. of Computer Science, ISBN: 978--3--940961--22--8, 2007.Google Scholar
- D. X. Song: Athena: a new efficient automatic checker for security protocol analysis. In Proceedings of the Twelth IEEE Computer Security Foundations Workshop, pp. 192--202, IEEE Computer Society Press, 1999. Google ScholarDigital Library
- D. E. Bell and L. J. LaPadula: Secure Computer Systems: Mathematical Foundations, MITRE Technical Report MTR-2547, Volume I, The Mitre Corporation, 1973.Google Scholar
- K. J. Biba: Integrity Considerations for Secure Computer Systems, MITRE Technical Report MTR-3153, The Mitre Corporation, 1977.Google Scholar
- D. F.C. Brewer and M. J. Nash: The Chinese wall security policy. In Proc. of the 1989 IEEE Computer Society Symposium on Security and Privacy, pp. 206--214, May 1989.Google ScholarCross Ref
Index Terms
- Semi-automated communication protocol security verification for watermarking - pros and cons illustrated on a complex application scenario
Recommendations
The concept of layered proving trees and its application to the automation of security protocol verification
Security protocols are one of the most critical elements in enabling the secure communication and processing of information. The presence of flaws in published protocols highlights the complexity of security protocol design. Only formal verification can ...
Fingerprint forensics application protocol: semi-automated modeling and verification of watermark-based communication using CASPER and FDR
IWDW'11: Proceedings of the 10th international conference on Digital-Forensics and WatermarkingRecently, the technique of semi-automated protocol verification using model-checkers was transferred from cryptography to the domain of watermark-based communication protocols. This technique offers cost-effective security verification of such watermark-...
Proposing and verifying a security protocol for hash function-based IoT communication system
Internet of things (IoT) has recently drawn much attention around the world. Technological development in relevant industries has facilitated great strides in the advancement of multifunctional high-performance electronic communication system. IoT ...
Comments