Development of security strategies using Kerberos in wireless networks

Authentication is the primary function used to reduce the risk of illegitimate access to IT services of any organisation. Kerberos is a widely used authentication protocol for authentication and access control mechanisms. This thesis presents the development of security strategies using Kerberos authentication protocol in wireless networks, Kerberos-Key Exchange protocol, Kerberos with timed-delay, Kerberos with timed-delay and delayed decryption, Kerberos with timed-delay, delayed decryption and password encryption properties. This thesis also includes a number of other research works such as, frequently key renewal under pseudo-secure conditions and shut down of the authentication server to external access temporarily to allow for secure key exchange. A general approach for the analysis and verification of authentication properties as well as Kerberos authentication protocol are presented. Existing authentication mechanisms coupled with strong encryption techniques are considered, investigated and analysed in detail. IEEE 802.1x standard, IEEE 802.11 wireless communication networks are also considered. First, existing security and authentication approaches for Kerberos authentication protocol are critically analysed with the discussions on merits and weaknesses. Then relevant terminology is defined and explained. Since Kerberos exhibits some vulnerabilities, the existing solutions have not treated the possibilities of more than one authentication server in a strict sense. A three way authentication mechanism addresses possible solution to this problem. An authentication protocol has been developed to improve the three way authentication mechanism for Kerberos. Dynamically renewing keys under pseudo-secure situations involves a temporary interruption to link/server access. After describing and analysing a protocol to achieve improved security for authentication, an analytical method is used to evaluate the cost in terms of the degradation of system performability. Various results are presented. An approach that involves a new authentication protocol is proposed. This new approach combines delaying decryption with timed authentication by using passwords and session keys for authentication purposes, and frequent key renewal under secure conditions. The analysis and verification of authentication properties and results of the designed protocol are presented and discussed. Protocols often fail when they are analysed critically. Formal approaches have emerged to analyse protocol failures. Abstract languages are designed especially for the description of communication patterns. A notion of rank functions is introduced for analysing purposes as well. An application of this formal approach to a newly designed authentication protocol that combines delaying the decryption process with timed authentication is presented. Formal methods for verifying cryptographic protocols are created to assist in ensuring that authentication protocols meet their specifications. Model checking techniques such as Communicating Sequential Processes (CSP) and Failure Divergence Refinement (FDR) checker, are widely acknowledged for effectively and efficiently revealing flaws in protocols faster than most other contemporaries. Essentially, model checking involves a detailed search of all the states reachable by the components of a protocol model. In the models that describe authentication protocols, the components, regarded as processes, are the principals including intruder (attacker) and parameters for authentication such as keys, nonces, tickets, and certificates. In this research, an automated generation tool, CASPER is used to produce CSP descriptions. Proposed protocol models rely on trusted third parties in authentication transactions while intruder capabilities are based on possible inductions and deductions. This research attempts to combine the two methods in model checking in order to realise an abstract description of intruder with enhanced capabilities. A target protocol of interest is that of Kerberos authentication protocol. The process of increasing the strength of security mechanisms usually impacts on performance thresholds. In recognition of this fact, the research adopts an analytical method known as spectral expansion to ascertain the level of impact, and which resulting protocol amendments will have on performance. Spectral expansion is based on state exploration. This implies that it is subject, as model checking, to the state explosion problem. The performance characteristics of amended protocols are examined relative to the existing protocols. Numerical solutions are presented for all models developed

Formal verification of the W3C Web Authentication Protocol

International audienceThe science of security can be set on rm foundations via the formal verication of protocols. New protocols can have their design validated in a mechanized manner for security aws, allowing protocol designs to be scientically compared in a neutral manner. Given that these techniques have discovered critical aws in protocols such as TLS 1.2 and are now being used to redesign protocols such as TLS 1.3, we demonstrate how formal verication can be used to analyze new protocols such as the W3C Web Authen-tication API. We model W3C Web Authentication with the formal verication language ProVerif, showing that the protocol itself is secure. However, we also stretch the boundaries of formal verica-tion by trying to verify the privacy properties of W3C Web Authen-tication given in terms of the same origin policy. We use ProVerif to show that without further mandatory requirements in the speci-cation, the claimed privacy properties do not hold. Next steps on how formal verication can be further integrated into standards and the further development of the privacy properties of W3C Web Authentication is outlined

Adatbiztonság és adatvédelem a mindent átható számítógépes technológia világában = Security and Privacy Issues in Pervasive Computing

(1) Több ugrásos vezeték nélküli hálózatok biztonsága: Ad hoc és szenzorhálózatokban használt útvonalválasztó protokollok biztonágának analízise, új bizonyíthatóan biztonságos protokollok tervezése (enairA, Secure tinyLUNAR). Új támadás-ellenálló adataggregációs algoritmusok tervezése (RANBAR, CORA) és analízise. Spontán kooperáció kialakulása feltételeinek vizsgálata ad hoc és szenzorhálózatokban, kooperáció ösztönzése késleltetéstűrő ad hoc hálózatokban (Barter). (2) Személyes biztonsági tokenek: A nem-megbízható terminál probléma vizsgálata, feltételes aláírásra épülő megoldás tervezése és analízise. (3) RFID biztonsági és adatvédelmi kérdések: Kulcsfa alapú azonosító-rejtő hitelesítés analízise, a privacy szintjének meghatározása. Optimális kulcsfa tervezése. Új azonosító-rejtő hitelesítő protokoll tervezése és összehasonlítása a kulcsfa alapú módszerrel. (4) Formális biztonsági modellek: Szimulációs paradigmára épülő biztonsági modell útvonalválasztó protokollok analízisére. Támadó-modellek és analízis módszer támadás-ellenálló adataggregáció vizsgálatára. Formális modell kidolgozása a korlátozott számítási képességekkel rendelkező humán felhasználó leírására. Privacy metrika kidolgozása azonosító-rejtő hitekesítő protokollok számára. Játékelméleti modellek a spontán koopráció vizsgálatára ad hoc és szenzor hálózatokban, valamint spam és DoS elleni védelmi mechanizmusok analízisére. | (1) Security of multi-hop wireless networks: Security analysis of routing protocols proposed for mobile ad hoc and sensor networks, development of novel routing protocols with provable security (enairA, Secure tinyLUNAR). Development of novel resilient aggregation algorithms for sensor networks (RANBAR, CORA). Analysis of conditions for the emergence of spontaneous cooperation in ad hoc and sensor networks, novel algorithm to foster cooperation in opportunistic ad hoc networks (Barter). (2) Security tokens: Analysis of the untrusted terminal problem, mitigation by using conditional signature based protocols. (3) RFID security and privacy: Analysis of key-tree based private authentication, novel metrics to measure the level of privacy. Design of optimal key-trees, novel private authentication protocols based on group keys. (4) Formal models: Modeling framework for routing protocols based on the simulation paradigm, proof techniques for analyzing the security of routing. Attacker models and analysis techniques for resilient aggregation in sensor networks. Formal model for representing the limited computing capacity of humans. Metrics for determining the level of privacy provided by private authentication protocols. Game theoretic models for studying cooperation in ad hoc and sensor networks, and for analysisng the performance of spam and DoS protection mechanisms

Formal Verification of Security Protocol Implementations: A Survey

Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implementations. This paper surveys these attempts, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography. According to these approaches, libraries are assumed to correctly implement some models. The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approac

A formal methodology for integral security design and verification of network protocols

We propose a methodology for verifying security properties of network protocols at design level. It can be separated in two main parts: context and requirements analysis and informal verification; and formal representation and procedural verification. It is an iterative process where the early steps are simpler than the last ones. Therefore, the effort required for detecting flaws is proportional to the complexity of the associated attack. Thus, we avoid wasting valuable resources for simple flaws that can be detected early in the verification process. In order to illustrate the advantages provided by our methodology, we also analyze three real protocols