Abstract
ProVerif over-approximates the attacker’s power to enable verification of processes under replication. Unfortunately, this results in ProVerif finding false attacks. This problem is particularly common in protocols whereby a participant commits to a particular value and later reveals their value. We introduce a method to reduce false attacks when analysing secrecy. First, we show how inserting phases into non-replicated processes enables a more accurate translation to Horn clauses which avoids some false attacks. Secondly, we generalise our methodology to processes under replication. Finally, we demonstrate the applicability of our technique by analysing BlueTooth Simple Pairing. Moreover, we propose a simplification of this protocol that achieves the same security goal.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Abadi, M., Blanchet, B., Fournet, C.: Just Fast Keying in the Pi Calculus. ACM Transactions on Information and System Security 10(3) (2007)
Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: POPL 2001: 28th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 104–115. ACM Press (2001)
Allamigeon, X., Blanchet, B.: Reconstruction of Attacks against Cryptographic Protocols. In: CSFW 2005: 18th Computer Security Foundations Workshop, pp. 140–154. IEEE Computer Society (2005)
Arapinis, M., Cortier, V., Kremer, S., Ryan, M.: Practical everlasting privacy. In: Basin, D., Mitchell, J.C. (eds.) POST 2013. LNCS, vol. 7796, pp. 21–40. Springer, Heidelberg (2013)
Backes, M., Hriţcu, C., Maffei, M.: Automated Verification of Remote Electronic Voting Protocols in the Applied Pi-calculus. In: CSF 2008: 21st IEEE Computer Security Foundations Symposium, pp. 195–209. IEEE Computer Society (2008)
Baudet, M.: Deciding security of protocols against off-line guessing attacks. In: Proc. 12th ACM Conference on Computer and Communications Security (CCS 2005), pp. 16–25. ACM Press (2005)
Baudet, M.: Sécurité des protocoles cryptographiques: Aspects logiques et calculatoires. PhD thesis, Laboratoire Spécification et Vérification, ENS Cachan, France (2007)
Blanchet, B.: An efficient cryptographic protocol verifier based on Prolog rules. In: CSFW 2001: 14th IEEE Computer Security Foundations Workshop, pp. 82–96. IEEE Computer Society (2001)
Blanchet, B.: From Secrecy to Authenticity in Security Protocols. In: Hermenegildo, M.V., Puebla, G. (eds.) SAS 2002. LNCS, vol. 2477, pp. 342–359. Springer, Heidelberg (2002)
Blanchet, B.: Automatic Verification of Correspondences for Security Protocols. Journal of Computer Security 17(4), 363–434 (2009)
Blanchet, B.: Private email communication (November 12, 2012)
Blanchet, B.: Security Protocol Verification: Symbolic and Computational Models. In: Degano, P., Guttman, J.D. (eds.) Principles of Security and Trust. LNCS, vol. 7215, pp. 3–29. Springer, Heidelberg (2012)
Blanchet, B., Abadi, M., Fournet, C.: Automated verification of selected equivalences for security protocols. Journal of Logic and Algebraic Programming 75(1), 3–51 (2008)
Blanchet, B., Cortier, V.: Private email communication (November 13, 2012)
Blanchet, B., Smyth, B.: ProVerif: Automatic Cryptographic Protocol Verifier User Manual & Tutorial (2011), http://www.proverif.ens.fr/
Blanchet, B., Smyth, B., Cheval, V.: Proverif 1.88: Automatic cryptographic protocol verifier, user manual and tutorial (2013)
Chang, R., Shmatikov, V.: Formal analysis of authentication in bluetooth device pairing. In: Foundations of Computer Security and Automated Reasoning for Security Protocol Analysis (2007)
Chen, L., Ryan, M.: Attack, Solution and Verification for Shared Authorisation Data in TCG TPM. In: Degano, P., Guttman, J.D. (eds.) FAST 2009. LNCS, vol. 5983, pp. 201–216. Springer, Heidelberg (2010)
Delaune, S., Kremer, S., Ryan, M.D., Steel, G.: Formal analysis of protocols based on tpm state registers. In: CSF 2011: 24th IEEE Computer Security Foundations Symposium, pp. 66–80. IEEE (2011)
Delaune, S., Ryan, M.D., Smyth, B.: Automatic verification of privacy properties in the applied pi-calculus. In: Karabulut, Y., Mitchell, J., Herrmann, P., Jensen, C.D. (eds.) IFIPTM 2008: 2nd Joint iTrust and PST Conferences on Privacy, Trust Management and Security. IFIP, vol. 263, pp. 263–278. Springer, Heidelberg (2008)
Durgin, N.A., Lincoln, P., Mitchell, J.C., Scedrov, A.: Multiset rewriting and the complexity of bounded security protocols. Journal of Computer Security 12(2), 247–311 (2004)
Bluetooth Special Interest Group. Specification of the bluetooth system (2001)
Bluetooth Special Interest Group. Simple pairing whitepaper (2006)
Breaking, G.L.: Breaking and Fixing the Needham-Schroeder Public-Key Protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996)
Meadows, C.: Open Issues in Formal Methods for Cryptographic Protocol Analysis. In: Gorodetski, V.I., Skormin, V.A., Popyack, L.J. (eds.) MMM-ACNS 2001. LNCS, vol. 2052, p. 21. Springer, Heidelberg (2001)
Needham, R.M., Schroeder, M.D.: Using Encryption for Authentication in Large Networks of Computers. Communications of the ACM 21(12), 993–999 (1978)
Ryan, M.D., Smyth, B.: Applied pi calculus. In: Cortier, V., Kremer, S. (eds.) Formal Models and Techniques for Analyzing Security Protocols, ch. 6. IOS Press (2011)
Smyth, B., Ryan, M.D., Chen, L.: Formal analysis of privacy in Direct Anonymous Attestation schemes (2012)
Zhao, F., Hanatani, Y., Komano, Y., Smyth, B., Ito, S., Kambayashi, T.: Secure Authenticated Key Exchange with Revocation for Smart Grid. In: ISGT 2012: 3rd IEEE Power & Energy Society Conference on Innovative Smart Grid Technologies, pp. 1–8 (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chothia, T., Smyth, B., Staite, C. (2015). Automatically Checking Commitment Protocols in ProVerif without False Attacks. In: Focardi, R., Myers, A. (eds) Principles of Security and Trust. POST 2015. Lecture Notes in Computer Science(), vol 9036. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-46666-7_8
Download citation
DOI: https://doi.org/10.1007/978-3-662-46666-7_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-46665-0
Online ISBN: 978-3-662-46666-7
eBook Packages: Computer ScienceComputer Science (R0)