Thorsten Koch
ABSTRACT
Security protocols ensure secure communication between and within systems such as internet services, factories, and smartphones. As evidenced by numerous successful attacks against popular protocols such as TLS, designing protocols securely is a tedious and error-prone task. Model checkers greatly aid protocol verification, yet any single model checker is oftentimes insufficient to check a protocol's security in full. Instead, engineers are forced to maintain multiple overlapping and hopefully non-contradicting and non-diverging specifications, one per model-checking tool---an error-prone task.
To address this problem, this paper presents VICE, a scenario-based approach to security-protocol verification. It provides a visual modeling language based for specifying security protocols independent of the model checker. It then automatically transforms the relevant fragments of these models into equivalent inputs to multiple model checkers. In result, VICE completely relieves the security engineer from choosing and specifying queries via a fully automatic generation of all necessary queries.
Through a case study involving real-world specifications of eight security protocols, we show that VICE is applicable in practice.
- Martín Abadi, Bruno Blanchet, and Cédric Fournet. [n.d.]. The Applied Pi Calculus: Mobile Values, New Names, and Secure Communication. http://arxiv.org/pdf/1609.03003v2Google Scholar
- Martín Abadi and Cédric Fournet. 2001. Mobile values, new names, and secure communication. In Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages - POPL '01, Chris Hankin and Dave Schmidt (Eds.). ACM Press, New York, New York, USA, 104--115. Google ScholarDigital Library
- Silvia Abrahão, Carmine Gravino, Emilio Insfran, Giuseppe Scanniello, and Genoveffa Tortora. 2013. Assessing the Effectiveness of Sequence Diagrams in the Comprehension of Functional Requirements: Results from a Family of Five Experiments. IEEE Transactions on Software Engineering 39, 3 (2013), 327--342. Google ScholarDigital Library
- Rabéa Ameur-Boulifa, Florian Lugou, and Ludovic Apvrille. 2019. SysML Model Transformation for Safety and Security Analysis. In Security and Safety Interplay of Intelligent Software Systems, Brahim Hamid, Barbara Gallina, Asaf Shabtai, Yuval Elovici, and Joaquin Garcia-Alfaro (Eds.). Lecture Notes in Computer Science, Vol. 11552. Springer International Publishing, Cham, 35--49. Google ScholarCross Ref
- Bruno Blanchet. 11--13 June 2001. An efficient cryptographic protocol verifier based on prolog rules. In Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001. IEEE, 82--96. Google ScholarCross Ref
- Bruno Blanchet. 2016. Modeling and Verifying Security Protocols with the Applied Pi Calculus and ProVerif. Foundations and Trends® in Privacy and Security 1, 1--2 (2016), 1--135. Google ScholarDigital Library
- Antonio Bucchiarone, Jordi Cabot, Richard F. Paige, and Alfonso Pierantonio. 2020. Grand challenges in model-driven engineering: an analysis of the state of the research. Software and Systems Modeling 19, 1 (2020), 5--13. Google ScholarCross Ref
- Michael Burrows, Martin Abadi, and Roger Needham. 1990. A logic of authentication. ACM Transactions on Computer Systems (TOCS) 8, 1 (1990), 18--36. Google ScholarDigital Library
- John Clark and Jeremy Jacob. 2002. Security Protocols Open Repository. http://www.lsv.fr/Software/spore/index.htmlGoogle Scholar
- Véronique Cortier, Stéphanie Delaune, and Pascal Lafourcade. 2006. A survey of algebraic properties used in cryptographic protocols. Journal of Computer Security 14, 1 (2006), 1--43. Google ScholarCross Ref
- Werner Damm and David Harel. 2001. LSCs: Breathing Life into Message Sequence Charts. Formal Methods in System Design 19, 1 (2001), 45--80. Google ScholarDigital Library
- Dorothy E. Denning and Giovanni Maria Sacco. 1981. Timestamps in key distribution protocols. Commun. ACM 24, 8 (1981), 533--536. Google ScholarDigital Library
- Long Di Li and Alwen Tiu. 2019. Combining ProVerif and Automated Theorem Provers for Security Protocol Verification. In Automated Deduction - CADE 27, Pascal Fontaine (Ed.). Springer International Publishing, Cham, 354--365.Google Scholar
- Jannik Dreier, Lucca Hirschi, Sasa Radomirovic, and Ralf Sasse. 09.07.2018 - 12.07.2018. Automated Unbounded Verification of Stateful Cryptographic Protocols with Exclusive OR. In 2018 IEEE 31st Computer Security Foundations Symposium (CSF). IEEE, 359--373. Google ScholarCross Ref
- Kunding Fang, Xiaohong Li, Jianye Hao, and Zhiyong Feng. 23.08.2016 - 26.08.2016. Formal Modeling and Verification of Security Protocols on Cloud Computing Systems Based on UML 2.3. In 2016 IEEE Trustcom/BigDataSE/ISPA. IEEE, 852--859. Google ScholarCross Ref
- Li Gong. 1989. Using one-way functions for authentication. ACM SIGCOMM Computer Communication Review 19, 5 (1989), 8--11. Google ScholarDigital Library
- David Harel and Shahar Maoz. 2008. Assert and negate revisited: Modal semantics for UML sequence diagrams. Software & Systems Modeling 7, 2 (2008), 237--252. Google ScholarCross Ref
- Jameleddine Hassine, Juergen Rilling, and Rachida Dssouli. 2010. An Evaluation of Timed Scenario Notations. Journal of Systems and Software 83, 2 (2010), 326--350. Google ScholarDigital Library
- Jörg Holtmann, Markus Fockel, Thorsten Koch, David Schmelter, Christian Brenner, Ruslan Bernijazov, and Marcel Sander. 2016. The MechatronicUML Requirements Engineering Method: Process and Language. Technical Report tr-ri-16-351. Software Engineering Department, Fraunhofer IEM / Software Engineering Group, Heinz Nixdorf Institute.Google Scholar
- Jan Jürjens. 2002. UMLsec: Extending UML for Secure Systems Development. In The unified modeling language, Jean-Marc Jézéquel (Ed.). Lecture Notes in Computer Science, Vol. 2460. Springer, Berlin [u.a.], 412--425. Google ScholarCross Ref
- Barbara Kitchenham, Lesley M. Pickard, and Shari Lawrence Pfleeger. 1995. Case studies for method and tool evaluation. IEEE Software 12, 4 (1995), 52--62. Google ScholarDigital Library
- Grischa Liebel and Matthias Tichy. 2015. Comparing Comprehensibility of Modelling Languages for Specifying Behavioural Requirements. In Proceedings of the First International Workshop on Human Factors in Modeling (HuFaMo). 17--24.Google Scholar
- Torsten Lodderstedt, David Basin, and Jürgen Doser. 2002. SecureUML: A UML-Based Modeling Language for Model-Driven Security. In «UML» 2002 --- The Unified Modeling Language, Jean-Marc Jézéquel, Heinrich Hussmann, and Stephen Cook (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 426--441.Google Scholar
- Gavin Lowe. 1996. Breaking and fixing the Needham-Schroeder Public-Key Protocol using FDR. In Tools and Algorithms for the Construction and Analysis of Systems, Gerhard Goos, Juris Hartmanis, Jan Leeuwen, Tiziana Margaria, and Bernhard Steffen (Eds.). Lecture Notes in Computer Science, Vol. 1055. Springer Berlin Heidelberg, Berlin, Heidelberg, 147--166. Google ScholarCross Ref
- Florian Lugou, Letitia W. Li, Ludovic Apvrille, and Rabéa Ameur-Boulifa. 2016. SysML Models and Model Transformation for Security. In MODELSWARD 2016, Slimane Hammoudi (Ed.). SCITEPRESS - Science and Technology Publications Lda, Setübal, 331--338. Google ScholarCross Ref
- Simon Meier, Benedikt Schmidt, Cas Cremers, and David A. Basin. 2013. The TAMARIN Prover for the Symbolic Analysis of Security Protocols. In Computer Aided Verification - 25th International Conference, CAV 2013, Saint Petersburg, Russia, July 13--19, 2013. Proceedings (Lecture Notes in Computer Science, Vol. 8044), Natasha Sharygina and Helmut Veith (Eds.). Springer, 696--701. Google ScholarCross Ref
- Nina Moebius, Kurt Stenzel, Holger Grandy, and Wolfgang Reif. 16.03.2009 - 19.03.2009. SecureMDD: A Model-Driven Development Method for Secure Smart Card Applications. In 2009 International Conference on Availability, Reliability and Security. IEEE, 841--846. Google ScholarCross Ref
- Object Management Group (OMG). 2014. OMG Object Constraint Language (OCL) - Version 2.4. OMG Document Number: formal/14-02-03.Google Scholar
- Object Management Group (OMG). 2017. OMG Systems Modeling Language (OMG SysML) - Version 1.5. OMG Document Number: formal/2017-05-01.Google Scholar
- Object Management Group (OMG). 2017. OMG Unified Modeling Language (OMG UML) - Version 2.5.1. OMG Document Number: formal/2017-12-05.Google Scholar
- Per Runeson (Ed.). 2012. Case study research in software engineering: Guidelines and examples (1st ed. ed.). Wiley, Hoboken, N.J. Google ScholarCross Ref
- Per Runeson and Martin Höst. 2009. Guidelines for conducting and reporting case study research in software engineering. Empirical Software Engineering 14, 2 (2009), 131--164. Google ScholarDigital Library
- Gang Shen, Xiaohong Li, Ruitao Feng, Guangquan Xu, Jing Hu, and Zhiyong Feng. 2014. An Extended UML Method for the Verification of Security Protocols. In 2014 19th International Conference on Engineering of Complex Computer Systems (ICECCS). IEEE, Piscataway, NJ, 19--28. Google ScholarDigital Library
- Ton van Deursen and Saša Radomirović. 2009. Attacks on RFID Protocols. Cryptology ePrint Archive 2008, 310 (6 Aug. 2009), 1--56.Google Scholar
- Marc-Florian Wendland, Martin Schneider, and Øystein Haugen. 2013. Evolution of the UML Interactions Metamodel. In Proceedings MODELS 2013 (LNCS). Springer, 405--421. Google ScholarDigital Library
- Thomas Woo and Simon S. Lam. 24--26 May 1993. A semantic model for authentication protocols. In Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy. IEEE Comput. Soc. Press, 178--194. Google ScholarCross Ref
- World Economic Forum. 2019. Global risks 2019: Insight report (14th edition ed.). World Economic Forum, Geneva.Google Scholar
Index Terms
- Scenario-based specification of security protocols and transformation to security model checkers
Recommendations
Formal Verification of Security Protocols: ProVerif and Extensions
Artificial Intelligence and SecurityAbstractSecure protocols are built on cryptographic algorithms, which provide a variety of secure services to realize secure communications in a network environment. To improve the quality of security protocols and ensure their reliability, sufficient ...
Local abstract verification and refinement of security protocols
FMSE '08: Proceedings of the 6th ACM workshop on Formal methods in security engineeringThe verification problem for security protocols is undecidable, but it is feasible to verify protocols by abstract interpretation. This paper presents a method based on local abstraction and refinement for verifying security protocols terminably. Local ...
Strategy for Verifying Security Protocols with Unbounded Message Size
We present a system for automatically verifying cryptographic protocols. This system manages the knowledge of principals and checks if the protocol is runnable. In this case, it outputs a set of rewrite rules describing the protocol itself, the strategy ...
Comments