Formal Analysis of Combinations of Secure Protocols
read more
Citations
Sécurité des systèmes industriels : filtrage applicatif et recherche de scénarios d'attaques
A formal analysis method for composition protocol based on model checking
References
Universally composable security: a new paradigm for cryptographic protocols
Using encryption for authentication in large networks of computers
A logic of authentication
A logic of authentication
The AVISPA tool for the automated validation of internet security protocols and applications
Related Papers (5)
Towards the attacker's view of protocol narrations (or, how to compile security protocols)
Frequently Asked Questions (10)
Q2. What are the future works mentioned in the paper "Formal analysis of combinations of secure protocols" ?
Their future work is to see how the authors can integrate their algorithm for automatically merging two Tamarin files into the tools in order to facilitate the life of Tamarin users.
Q3. What are the common types of properties of a protocol?
The most common types of properties are secrecy, meaning that an intruder cannot know a secret value, and authentication, meaning that if A thinks he is talking to B, then he is really talking to B.
Q4. How long does Tamarin take to analyze properties for multi-protocols?
The authors would expect that Tamarin takes more time to analyze properties for multi-protocols than for protocols in isolation, due to the increased number of transitions and the larger number of traces with the new protocol.
Q5. Why is APG.6 used for this attack?
This attack is possible because the message from APG.6 used for this attack is also used in APG.4, so C can get a response from B, while B does not act in APG.
Q6. What is the purpose of this research?
This research was conducted with the support of the Indo-French Centre for the Promotion of Advanced Research (IFCPAR) and the Center Franco-Indien Pour La Promotion De La Recherche Avancée (CEFIPRA) through the project DST/CNRS 2015-03 under DST-INRIA-CNRS Targeted Programme, and by the CNRS PEPS SISC ASSI 2016/2017.2 are generally used to analyze the security of a protocol executed in isolation, meaning that each agent only executes the analyzed protocol.
Q7. Why do the authors not consider type-flaw attacks for these protocols?
The authors do not consider type-flaw attack for these protocols, because the number of combination with multi-protocol attack is too large (more than 100 different combinations) to model them all manually with Tamarin.
Q8. What is the attack on the authentication of A?
In this attack, A initiates the protocol APG.5, then the intruder C will initiate APG.6 with B, using data sent by A in the other protocol.
Q9. What are the conventions used to generate the input files of the composed protocols?
These conventions allowed us to develop an algorithm that can generate the input files of the composed protocols based on the individual specifications, including intermediate lemmas that simplify the analysis for Tamarin by removing undesirable cases for the subsequent analysis.
Q10. What is the reason why the authors try to find the attacks described in [22]?
6The authors try to find the attacks described in [22] using Tamarin, to see if the authors find the same or different attacks if the authors use an automatic tool.