Tingyuan Li,Xiaodong Liu,Zhiguang Qin,Xuanfang Zhang

DOI: https://doi.org/10.1109/DBTA.2009.26

2009-01-01

Abstract:BAN logic can prove whether a protocol can reach expected target and find some flaws in the protocol. The paper analyzed constitute of BAN logic and analysis steps. On the basis of the above work, BAN logic was used to construct an ideal model of the Otway-Rees protocol and the security of the protocol was analyzed with the initial hypothesis and the logic postulate. The paper also pointed out various kinds of demerit of BAN logic and discussed some possible improvement.

张玉清,吴建平,李星

DOI: https://doi.org/10.3321/j.issn:1000-0054.2002.01.028

2002-01-01

Abstract:BAN (Burrows, Abadi and Needham) like logic can aid the design, analysis, and verification of cryptographic protocols used over open networks and distributed systems. This paper introduces BAN like logic and then illustrates the limitations of BAN logic on protocol idealization as a survey of the current state of BAN like logic. The conclusions are that BAN like logic is still one of the main tools for analysis of cryptographic protocols, but protocol idealization is the fatal weakness of BAN like logic. Suggestions are then made for future work. These conclusions will facilitate the development of formal methods for the analysis and design of cryptographic protocols.

DU Jin-hui,HU Ming-zeng,ZHANG Zhao-xin

2008-01-01

Abstract:Verification and analyzing the authentication protocol with formal method has become international researcher’s new focus. This paper researches on Needham-Schroeder authentication protocol based on BAN logic. It points out the flaw of the protocol that can be used by replay attack and improves the protocol by adding nonce in the transferred message. Finally,this paper proves the correctness of the improved protocol with BAN logic.

Yuebin Bai,Shouqi Zheng,Yi Liu,Li Zhu

DOI: https://doi.org/10.3321/j.issn:0253-987X.2001.04.010

2001-01-01

Abstract:After analysis of BAN logic used in formal analysis of authentication solution its localization on MAC was found. Based on this fact a new axiomatized rule of BAN logic to analyze HMAC based authentication scheme is presented. This method simplifies the formal analysis in the above scheme and can achieve the expected security goals.

Tieming Chen,Zhenbo Yu,Shijian Li,Bo Chen

DOI: https://doi.org/10.1155/2016/8797568

IF: 2.336

2016-01-01

Journal of Sensors

Abstract:Model checking has successfully been applied on verification of security protocols, but the modeling process is always tedious and proficient knowledge of formal method is also needed although the final verification could be automatic depending on specific tools. At the same time, due to the appearance of novel kind of networks, such as wireless sensor networks (WSN) and wireless body area networks (WBAN), formal modeling and verification for these domain-specific systems are quite challenging. In this paper, a specific and novel formal modeling and verification method is proposed and implemented using an expandable tool called PAT to do WSN-specific security verification. At first, an abstract modeling data structure for CSP#, which is built in PAT, is developed to support the nodemobility related specification for modeling location-based node activity. Then, the traditional Dolev Yao model is redefined to facilitate modeling of location-specific attack behaviors on security mechanism. A throughout formal verification application on a location-based security protocol in WSN is described in detail to show the usability and effectiveness of the proposed methodology. Furthermore, also a novel location-based authentication security protocol in WBAN can be successfully modeled and verified directly using our method, which is, to the best of our knowledge, the first effort on employing model checking for automatic analysis of authentication protocol for WBAN.

ZHANG Yu-qing,WANG Lei,XIAO Guo-zhen,WU Jian-ping

2000-01-01

Journal of Software

Abstract:It is an important and hard problem in the area of computer network security to analyze cryptographic protocols. A methodology is presented using a model checke r of formal methods, SMV (symbolic model verifier), to analyze the well known Ne edham-Schroeder Public-Key Protocol. The SMV is used to discover an attack upo n the protocol, which has never been discovered by BAN logic. Finally, the proto col is adapted, and then the SMV is used to show that the new protocol is secure .

Chen-Xiao MAO,Wen-Jian LUO,Xu-Fa WANG

DOI: https://doi.org/10.3321/j.issn:0254-4164.2007.06.006

2007-01-01

Jisuanji Xuebao/Chinese Journal of Computers

Abstract:In the field of security protocol formal verification, it is a new challenge to analyze security protocol guessing attacks. CKT5 logic, used as the base, is significantly extended in several aspects. Both public key cryptography and Vernam encryption are added to symmetric key cryptography of the original logic, which makes it more powerful in expressing security protocols. Perfect encryption hypothesis is not obeyed any more, and a series of definitions and rules are given to allow principals to guess and verify passwords. Theorems and lemmas given in this paper can describe features of on-line guessing attacks, and simplify the analysis procedure of guessing attacks. The extended logic can be used to analyze guessing attacks on security protocols including on-line guessing attacks.

Chunqiang Hu,Fan Zhang,Xiuzhen Cheng,Xiaofeng Liao,Dechang Chen

DOI: https://doi.org/10.1145/2463183.2463191

2013-01-01

Abstract:Wireless Body Area Networks (BANs) are expected to play a crucial role in patient-health monitoring in the near future. Establishing secure communications between BAN sensors and external users is key to addressing the prevalent security and privacy concerns. In this paper, we propose the primitive functions to implement a secret-sharing based Ciphertext-Policy Attribute-Based Encryption (CP_ABE) scheme, which encrypts the data based on an access structure specified by the data source. We also design two protocols to securely retrieve the sensitive patient data from a BAN and instruct the sensors in a BAN. Our analysis indicates that the proposed scheme is feasible, can provide message authenticity, and can counter possible major attacks such as collusion attacks and battery-draining attacks.

CHEN Qiang,HUANG Lian-sheng,ZHAO Xiu-wen

DOI: https://doi.org/10.3969/j.issn.1001-3695.2006.06.033

2006-01-01

Abstract:This paper presents a combined analysis method for security protocols.By specifying security protocols using Common Authentication Protocol Specification Language,then convert CAPSL specification into formal inputs for other analysis tools by connector.This method can utilize the advantage of various analysis tools and ensure the accuracy of formal analysis.Meanwhile,it is convenient for analyzer.We design two CAPSL connector and give an instance.

Ge Yi,Huang Wenchao,Xiong Yan

DOI: https://doi.org/10.19734/j.issn.1001-3695.2022.08.0446

2023-01-01

Abstract:With the development of formal analysis technology of security protocols, automatic verification using tools has been realized, but modeling still needs to rely on manual modeling by professionals, which is difficult and costly and limits the further spread of formal analysis technology.In order to improve the automation of formal modeling, this paper proposed a scheme of formal assistant modeling based on security protocol code.Firstly, the method used taint analysis to obtain communication processes and record the cryptographic primitive operations.Then, it constructed the protocol communication state machine according to the sequential relationship between communication processes.Finally, it generated a formal model according to the syntax of Tamarin, a mainstream formal analysis tool for security protocols.Experimental results show that this scheme can gene-rate the key parts of the formal model and improves the degree of automation of the formal modeling, which contributes to the spread of formal analysis technology.

Xiaoyu Li,Cheng Su,Yan Xiong,Wenchao Huang,Wansen Wang

DOI: https://doi.org/10.1109/bigcom.2019.00021

2019-01-01

Abstract:Blockchain is a decentralized cryptocurrency framework which has gained considerable attention in research and many industries. Ethereum is an implementation based on blockchain technology. Ethereum blockchain offers smart contracts, a piece of program codes which can execute and record the transactions in blockchain. Users can use smart contracts to create their own tokens based on ERC-20 standard, and token smart contracts have been used to manage and transfer tokens, carrying millions dollars worth of virtual currencies. However, keeping token smart contracts secure can be difficult. When smart contracts are deployed on Ethereum successfully, they cannot be changed. Due to the openness of Ethereum, both users and attackers can invoke contracts. So errors in smart contracts have led and will lead to a loss. For example, the DAO bug led to a 60 million US dollar loss in June 2016. Therefore, the researches on security of smart contracts are urgently important. In this paper, we use a formal approach to verify smart contracts. We apply formal verification on a concrete smart contract example, BNB contract, which is one of the most popular token contracts. We analyze the contract and discover the two attributes in the contract, one is transfer attribute involving the functions of transferring tokens operations, and the other is owner attribute which involves the authority of contract owner. We verify these two attributes respectively. We model the contract using SAPIC, the applied pi calculus and then verify by Tamarin prover. We specify the processes of modeling and verifying. The results show we cannot find an attack path. The research method reduces the complexity of verifying smart contracts and can be used to analyze complex contracts.

Jinze Du,Junwei Du,Tao Liu,Feng Zhang

DOI: https://doi.org/10.53106/199115992023083404003

2023-01-01

Abstract:In order to verify the security of the Z-Wave communication protocol, the possible attacks in the protocol are analyzed to reduce user privacy security vulnerabilities. For the communication process and key exchange process between the controller and the node, this paper uses CPN tools to model the Z-Wave S2 protocol, and introduces the Dolev-Yao attack model to verify the security behavior of the protocol. The results show that there is a man-in-the-middle attack when using S2 authentication for device inclusion. In response to this vulnerability, we propose a lightweight static authentication scheme based on HKDF function and XOR operation, which performs authentication between Z-Wave controller and slave device. Secondly, we formally verify the security objectives of the improved scheme, and prove that the optimization scheme can effectively prevent man-in-the-middle attacks in the S2 security mode.

Fusheng Wu,Jinhui Liu,Yanbing Li,Mingtao Ni

2023-11-01

Abstract:The pi calculus is a basic theory of mobile communication based on the notion of interaction, which, aimed at analyzing and modelling the behaviors of communication process in communicating and mobile systems, is widely applied to the security analysis of cryptographic protocol's design and implementation. But the pi calculus does not provide perfect logic security analysis, so the logic flaws in the design and the implementation of a cryptographic protocol can not be discovered in time. The aim is to analyze whether there are logic flaws in the design and the implementation of a cryptographic protocol, so as to ensure the security of the cryptographic protocol when it is encoded into a software and implemented. This paper introduces logic rules and proofs, binary tree and the KMP algorithm, and proposes a new extension the pi calculus theory, a logic security analysis framework and an algorithm. This paper presents the logic security proof and analysis of TLS1.3 protocol's interactional implementation process. Empirical results show that the new extension theory, the logic security analysis framework and the algorithm can effectively analyze whether there are logic flaws in the design and the implementation of a cryptographic protocol. The security of cryptographic protocols depends not only on cryptographic primitives, but also on the coding of cryptographic protocols and the environment in which they are implemented. The security analysis framework of cryptographic protocol implementation proposed in this paper can ensure the security of protocol implementation.

Cryptography and Security,Logic in Computer Science

韩进,蔡圣闻,王崇峻,赖海光,谢俊元

2010-01-01

Journal of Computer Research and Development

Abstract:The security protocol model is the basis of the security protocol analysis and verification. Existing modeling methods have some shortcomings, such as high complexity, bad reusability, and so on. A typed π calculus-π(superscript t) calculus is presented in this paper, and its type rules and evaluation rules are also given. It is proved that π(superscript t) calculus is a safely typed system. π(superscript t) calculus can be used to build formal models of security protocols and their attackers. NRL protocol is taken for an example to show how to build a security protocol model based on π(superscript t) calculus. The attacker model for a security protocol is also presented in this paper. The action ability which the attacker model based on π(superscript t) calculus has is proved the same to the D-Y attacker model. So the correctness of the results which come from verifying the security protocol models based on π(superscript t) calculus is promised. The security protocol modeling approach based on π(superscript t) calculus can give more detailed description of the semantics of protocol data and the knowledge of participators. Compared with other kinds of methods, this method has better usability and high reusability and can provide more analysis support. The analysis result shows that the method can detect flaws of a security protocol in its modeling process.

WANG Wei

DOI: https://doi.org/10.3969/j.issn.1671-0428.2011.10.011

IF: 5.105

2011-01-01

Computers & Security

Abstract:Formal method is a powerful tool of analysis and verification of security properties of security protocols.In this paper,based on the first-order theorem prover ProVerif researched deeply,we analyzed the simplified Authentication Protocol Needham-Schroeder by formal method.

LI Xiehua,YANG Shutang,LI Jianhua,ZHU Hongwen

DOI: https://doi.org/10.3969/j.issn.1000-3428.2007.13.001

2007-01-01

Abstract:This paper proposes a new checking model based on the authentication tests for security protocol analysis.With the model,each component of the ciphertext is verified to determine its originator,so that the replayed attack can be detected in time.The combination of the check model and authentication tests can overcome the deficiency of the original authentication tests in detecting message replay attacks.The proof of neuman-stubblebine protocol shows that the checking model can detect the type flaw attack efficiently,while the original authentication tests cannot.

NING Xiao-jun,HUANG Liu-sheng,ZHOU Zhi

2005-01-01

Abstract:Cryptographic protocol is one of the important ways of constructing safe internet environment and protecting the safety of information systems.However,it is very difficult to analyze its limitation and unclose the intrusion.In this article,an automatic cryptographic protocol analysis was put forward,based on object submission and information model inspection by synthesizing the cryptographic protocol analysis based on logic and model matching,and further analysis on public-key protocol of Need-Schroeder(NS) was made.

Alvin Tang

2023-08-24

Abstract:This literature review discovers an implementation of formal logic systems in cyber security by enhancing access control models. We explore the characteristics of the existing access control theories, their limitations and how classical logic is used therein. We then delve into the possibility of utilising non-classical logic systems for improving the models. In particular, we explore how classical logic can be used to describe and prove the correctness of role-based access control and attribute-based access control models.

Logic in Computer Science,Cryptography and Security

Michael Burrows,Martin Abadi,Roger Needham

DOI: https://doi.org/10.1145/77648.77649

1990-02-01

ACM Transactions on Computer Systems

Abstract:Authentication protocols are the basis of security in many distributed systems, and it is therefore essential to ensure that these protocols function correctly. Unfortunately, their design has been extremely error prone. Most of the protocols found in the literature contain redundancies or security flaws. A simple logic has allowed us to describe the beliefs of trustworthy parties involved in authentication protocols and the evolution of these beliefs as a consequence of communication. We have been able to explain a variety of authentication protocols formally, to discover subtleties and errors in them, and to suggest improvements. In this paper we present the logic and then give the results of our analysis of four published protocols, chosen either because of their practical importance or because they serve to illustrate our method.

computer science, theory & methods

唐郑熠,李均涛,李祥

DOI: https://doi.org/10.3969/j.issn.1673-629x.2009.10.045

2009-01-01

Abstract:Informal methods are difficult to ensure the security of authentication protocols,so the research and application of the formal methods is very important.The model checking technology is one of the formal methods.Introduce the method of constructing and checking the model of A(0) protocol by SPIN and Promela language.From the checking result,we find that A(0) protocol can't ensure the freshness of public agreement key certificate.Hereby the freshness attack for A(0) protocol is designed.Finally,the improved scheme which can make up for the freshness defect is put forward.Thus,it is efficient and convenient to use model checking technology to analyze authentication protocols.