68 research outputs found
Security Issues in the 5G Standard and How Formal Methods Come to the Rescue
International audienc
Automated Unbounded Verification of Stateful Cryptographic Protocols with Exclusive OR
International audienceExclusive-or (XOR) operations are common in cryptographic protocols, in particular in RFID protocols and electronic payment protocols. Although there are numerous applications , due to the inherent complexity of faithful models of XOR, there is only limited tool support for the verification of cryptographic protocols using XOR.The TAMARIN prover is a state-of-the-art verification tool for cryptographic protocols in the symbolic model. In this paper, we improve the underlying theory and the tool to deal with an equational theory modeling XOR operations. The XOR theory can be freely combined with all equational theories previously supported, including user-defined equational theories. This makes TAMARIN the first tool to support simultaneously this large set of equational theories, protocols with global mutable state, an unbounded number of sessions, and complex security properties including observational equivalence. We demonstrate the effectiveness of our approach by analyzing several protocols that rely on XOR, in particular multiple RFID-protocols, where we can identify attacks as well as provide proofs
Verification of Stateful Cryptographic Protocols with Exclusive OR
International audienceIn cryptographic protocols, in particular RFID protocols, exclusive-or (XOR) operations are common. Due to the inherent complexity of faithful models of XOR, there is only limited tool support for the verification of cryptographic protocols using XOR. In this paper, we improve the TAMARIN prover and its underlying theory to deal with an equational theory modeling XOR operations. The XOR theory can be combined with all equational theories previously supported, including user-defined equational theories. This makes TAMARIN the first verification tool for cryptographic protocols in the symbolic model to support simultaneously this large set of equational theories, protocols with global mutable state, an unbounded number of sessions, and complex security properties including observational equivalence. We demonstrate the effectiveness of our approach by analyzing several protocols that rely on XOR, in particular multiple RFID-protocols, where we can identify attacks as well as provide proofs
Symbolically Analyzing Security Protocols Using Tamarin
During the last three decades, there has been considerable research devoted to the symbolic analysis of security protocols and existing tools have had considerable success both in detecting attacks on protocols and showing their absence. Nevertheless, there is still a large discrepancy between the symbolic models that one specifies on paper and the models that can be effectively analyzed by tools.
In this paper, we present the Tamarin prover for the symbolic analysis of security protocols. Tamarin takes as input a security protocol model, specifying the actions taken by the agents running the protocol in different roles (e.g., the protocol initiator, the responder, and the trusted key server), a specification of the adversary, and a specification of the protocol’s desired properties. Tamarin can then be used to automatically construct a proof that the protocol fulfills its specified properties, even when arbitrarily many instances of the protocol’s roles are interleaved in parallel, together with the actions of the adversary
A Formal Analysis of 5G Authentication
Mobile communication networks connect much of the world's population. The
security of users' calls, SMSs, and mobile data depends on the guarantees
provided by the Authenticated Key Exchange protocols used. For the
next-generation network (5G), the 3GPP group has standardized the 5G AKA
protocol for this purpose. We provide the first comprehensive formal model of a
protocol from the AKA family: 5G AKA. We also extract precise requirements from
the 3GPP standards defining 5G and we identify missing security goals. Using
the security protocol verification tool Tamarin, we conduct a full, systematic,
security evaluation of the model with respect to the 5G security goals. Our
automated analysis identifies the minimal security assumptions required for
each security goal and we find that some critical security goals are not met,
except under additional assumptions missing from the standard. Finally, we make
explicit recommendations with provably secure fixes for the attacks and
weaknesses we found.Comment: Categories (ACM class 2012): Security and privacy - Formal methods
and theory of security -- Security requirements -- Formal security models --
Logic and verification; Network protocols - Protocol correctness -- Formal
specifications; Security and privacy - Network security -- Mobile and
wireless security - Security services -- Privacy-preserving protocol
Security Issues in the 5G Standard and How Formal Methods Come to the Rescue
International audienc
SoK: Delegation and Revocation, the Missing Links in the Web's Chain of Trust
The ability to quickly revoke a compromised key is critical to the security
of any public-key infrastructure. Regrettably, most traditional certificate
revocation schemes suffer from latency, availability, or privacy problems.
These problems are exacerbated by the lack of a native delegation mechanism in
TLS, which increasingly leads domain owners to engage in dangerous practices
such as sharing their private keys with third parties.
We analyze solutions that address the long-standing delegation and revocation
shortcomings of the web PKI, with a focus on approaches that directly affect
the chain of trust (i.e., the X.509 certification path). For this purpose, we
propose a 19-criteria framework for characterizing revocation and delegation
schemes. We also show that combining short-lived delegated credentials or proxy
certificates with an appropriate revocation system would solve several pressing
problems.Comment: IEEE European Symposium on Security and Privacy (EuroS&P) 202
- …