Abstract
Modern communication protocols are complex programs, and only small parts inside them are security protocols, but they are critical parts. A small error is enough to disrupt the operation of the whole. Errors can occur during the implementation of protocols, and there are also problems of a time-consuming generation of encryption keys, and difficulties in managing such a large number of security keys. A question arises - can keys be intercepted, whether protocols work correctly, and whether some security measures are sometimes unnecessary? In what situations we can detect an Intruder? How many steps do we need? After what time and finally, with what probability we will detect the danger? A detailed analysis is needed.
The article presents the methods of probabilistic analysis of security protocols with the use of probabilistic timed automata, including times of generating, decrypting and encrypting messages and delays in the network. We invented an appropriate mathematical model. We also implemented the method, which allows a detailed analysis of the protocol - its strengths and weaknesses. We show a summary of the experimental results.
The project financed under the program of the Polish Minister of Science and Higher Education under the name “Regional Initiative of Excellence” in the years 2019–2022 project number 020/RID/2018/19, the amount of financing 12,000,000.00 PLN.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alur, R., Dill, D.: A theory of timed automata. Theor. Comput. Sci. 126, 183–235 (1994)
Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., et al.: The AVISPA tool for the automated validation of Internet security protocols and applications. In: Proceedings of 17th International Conference on Computer Aided Verification (CAV 2005), LNCS, vol. 3576, pp. 281–285. Springer (2005)
Basin, D., Cremers, C., Meadows, C.: Model checking security protocols. In: Handbook of Model Checking, pp. 727–762 (2018)
Blanchet, B.: Modeling and verifying security protocols with the applied Pi calculus and ProVerif. Found. Trends Priv. Secur. 1(1–2), 1–135 (2016)
Burrows, M., Abadi, M., Needham, R.: A logic of authentication. Proc. R. Soc. Lond. A 426, 233–271 (1989)
Cremers, C., Mauw, S.: Operational Semantics and Verification of Security Protocols. Information Security and Cryptography series. Springer, Heidelberg (2012)
David, A., Larsen, K.G., et al.: UPPAAL SMC tutorial. Int. J. Softw. Tools Technol. Transf. (STTT) 17(4), 397–415 (2015)
Hyla, T., Pejas, J., El Fray, I., Mackow, W., Chocianowicz, W., Szulga, M.: Sensitive information protection on mobile devices using general access structures. In: Proceedings of the Ninth International Conference on Systems, ICONS 2014, pp. 192–196. XPS (Xpert Publishing Services) (2014)
Kacprzak, M., Nabialek, W., Niewiadomski, A., Penczek, W., Polrola, A., Szreter, M., et al.: Verics 2007 - a model checker for knowledge and real-time. Fundamenta Informaticae 85, 313–328 (2008)
Kurkowski, M., Penczek, W.: Applying timed automata to model checking of security protocols. In: Wang, J. (ed.) Handbook of Finite State Based Models and Applications, pp. 223–254. CRC Press, Boca Raton (2012)
Kwiatkowska, M., Norman, G., Segala, R., Sproston, J.: Automatic verification of real-time systems with discrete probability distributions. Theor. Comput. Sci. 282, 101–150 (2002)
Kwiatkowska, M., Norman, G., Sproston, J., Wang, F.: Symbolic model checking for probabilistic timed automata. Inf. Comput. 205(7), 1027–1077 (2007)
Lowe, G.: Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In: TACAS, LNCS, pp. 147–166. Springer (1996)
Norman, G., Parker, D., Sproston, J.: Model checking for probabilistic timed automata. Form. Methods Syst. Des. 43(2), 164–190 (2013)
Paulson, L.: Inductive analysis of the Internet protocol TLS. ACM Trans. Inf. Syst. Secur. (TISSEC) 2(3), 332–351 (1999)
Siedlecka-Lamch, O., Kurkowski, M., Piatkowski, J.: Probabilistic model checking of security protocols without perfect cryptography assumption. In: Proceedings of 23rd International Conference, Computer Networks 2016, Brunow, Poland, June 14–17, Communications in Computer and Information Science, vol. 608, pp. 107–117. Springer (2016)
Siedlecka-Lamch, O., Szymoniak, S., Kurkowski, M.: A fast method for security protocols verification. In: Proceedings of Computer Information Systems and Industrial Management, Lecture Notes in Computer Science, vol. 11703, pp. 523–534. Springer (2019)
Siedlecka-Lamch, O., Kurkowski, M., Piatkowski, J.: Using probabilistic automata for security protocols verification. J. Appl. Math. Comput. Mech. 15(2), 125–131 (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Siedlecka-Lamch, O. (2021). Probabilistic and Timed Analysis of Security Protocols. In: Herrero, Á., Cambra, C., Urda, D., Sedano, J., Quintián, H., Corchado, E. (eds) 13th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2020). CISIS 2019. Advances in Intelligent Systems and Computing, vol 1267. Springer, Cham. https://doi.org/10.1007/978-3-030-57805-3_14
Download citation
DOI: https://doi.org/10.1007/978-3-030-57805-3_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-57804-6
Online ISBN: 978-3-030-57805-3
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)