Modeling and Verification of Fiat-Shamir Zero Knowledge Authentication Protocol (original) (raw)
Related papers
Modeling and Verification of Kerberos Protocol using Symbolic Model Verifier
Authentication is one of the biggest issues concerning information security in the context of distributed environments. Various protocols are used for the authentication purpose such as Needham-Schroeder, Kerberos protocol etc. The aim of this paper is to verify and formalize the Kerberos protocol using NuSMV model checker. The protocol version used in this paper is Kerberos version 4. The paper suggests CTL specifications for authentication, secrecy and integrity. We have also proposed an approach to identify presence of intruder in the system.
Analysis of Security Protocols using Finite-State Machines
International Journal of Advanced Research in Artificial Intelligence, 2015
This paper demonstrates a comprehensive analysis method using formal methods such as finite-state machine. First, we describe the modified version of our new protocol and briefly explain the encrypt-then-authenticate mechanism, which is regarded as more a secure mechanism than the one used in our protocol. Then, we use a finite-state verification to study the behaviour of each machine created for each phase of the protocol and examine their behaviours together. Modelling with finitestate machines shows that the modified protocol can function correctly and behave properly even with invalid input or time delay.
Verification and modelling of authentication protocols
Lecture Notes in Computer Science, 1992
With the emergence of numerous distributed services, the importance of electronic authentication in networks is rapidly increasing. Since more than a decade, authentication protocols have been proposed and discussed. Because of various flaws which were found late, Burrows, Abadi and Needham [BAN] created a logic of authentication to formally verify authentication protocols by the end of the 80's.This so called BAN logic has been subject to considerable critique and several extensions have been suggested. None the less, due to its straightforward design and easy understandability, it still attracts the attention of current research.We developed an authentication logic which is built closely after the BAN-logic. It addresses answers to important critiques of the BAN like the non-disclosure problem, and avoids some newly discovered weaknesses of BAN, e.g. with respect to freshness. We also built a verification tool embodying this extended BAN logic and the means for modelling the different participating principals as finite state machines. The tool allows therefore both for formal, passive analysis of an authentication protocol and for active simulation of a protocol run. We also can model actions of intruders, consequences of such intrusions, and the respective counter-measures. The tool is implemented in Prolog and facilitates exploratory design of new authentication protocols.
New Method of Verifying Cryptographic Protocols, Based on the Process Model
Artificial Intelligence in Intelligent Systems, 2021
A cryptographic protocol (CP) is a distributed algorithm designed to provide a secure communication in an insecure environment. CPs are used, for example, in electronic payments, electronic voting procedures, database access systems, etc. Errors in the CPs can lead to great financial and social damage, therefore it is necessary to use mathematical methods to justify the correctness and safety of the CPs. In this paper, a new mathematical model of a CP is introduced, which allows one to describe both the CPs and their properties. It is shown how, on the basis of this model, it is possible to solve the problems of verification of CPs.
Model Checking for Security Protocols
As more resources are added to computer networks, and as more vendors look to the World Wide Web as a viable marketplace, the importance of being able to restrict access and to insure some kind of acceptable behavior even in the presence of malicious intruders becomes paramount. People have looked to cryptography to help solve many of these problems. However, cryptography itself is only a tool. The security of a system depends not only on the cryptosystem being used, but also on how it is used. Typically, researchers have proposed the use of security protocols to provide these security guarantees. These protocols consist of a sequence of messages, many with encrypted parts. In this paper, we develop a way of verifying these protocols using model checking. Model checking has proven to be a very useful technique for verifying hardware designs. By modelling circuits as nite-state machines, and examining all possible execution traces, model checking has found a number of errors in real world designs. Like hardware designs, security protocols are very subtle, and can also have bugs which are di cult to nd. By examining all possible execution traces of a security protocol in the presence of a malicious intruder with well de ned capabilities, we can determine if a protocol does indeed enforce its security guarantees. If not, we can provide a sample trace of an attack on the protocol.
Formal Verification of the xDAuth Protocol
IEEE Transactions on Information Forensics and Security, 2016
Service-oriented architecture offers a flexible paradigm for information flow among collaborating organizations. As information moves out of an organization boundary, various security concerns may arise, such as confidentiality, integrity, and authenticity that needs to be addressed. Moreover, verifying the correctness of the communication protocol is also an important factor. This paper focuses on the formal verification of the xDAuth protocol, which is one of the prominent protocols for identity management in cross domain scenarios. We have modeled the information flow of xDAuth protocol using high-level Petri nets to understand the protocol information flow in a distributed environment. We analyze the rules of information flow using Z language, while Z3 SMT solver is used for the verification of the model. Our formal analysis and verification results reveal the fact that the protocol fulfills its intended purpose and provides the security for the defined protocol specific properties, e.g., secure secret key authentication, and Chinese wall security policy and secrecy specific properties, e.g., confidentiality, integrity, and authenticity.
Formal automatic verification of authentication cryptographic protocols
Proceedings First IEEE International Conference on Formal Engineering Methods, 1997
We address the formal analysis of authentication cryptographic protocols. We present a new veri cation algorithm that generates from the protocol description the set of possible aws, if any, as well as the corresponding attack scenarios. This algorithm does not require any property or invariant speci cation. The algorithm involves three steps: extracting the protocol roles, modeling the intruder abilities and veri cation. In addition to the classical known intruder computational abilities such as encryption and decryption, we also consider those computations that result from different instrumentations of the protocol. The intruder abilities are m o deled as a d e ductive system. The veri cation is based on the extracted r oles as well as the deductive system. It consists in checking whether the intruder can answer all the challenges uttered by a particular role. If it is the case, an attack scenario is automatically constructed. The extracted p r oof system does not ensure the termination of deductions. For that purpose, we present a general transformation schema that allows one to automatically rewrite the non-terminating proof system into a terminating one. The transformation schema is shown to be correct. To exemplify the usefulness and e ciency of our approach, we illustrate it on the Woo a n d L am authentication protocol. Abadi and Needham have shown that the protocol is insecure and they proposed a new corrected version. Thanks to this method we have discovered new unknown aws in the Woo a n d L am protocol and in the corrected version of Abadi and Needham.
1997
We present a new formal automatic approach to the veri cation of authentication protocols. Our method could be applied without any prior speci cation of properties or invariant. It only needs the protocol speci cation from which it generates, if any, the set of possible aws as well as the corresponding attack scenarios. This approach consists of three steps. First, the extraction of roles from the protocol speci cation. Second, the generation of a proof system that models the intruder abilities to perform communications and computations from the protocol speci cation. In addition to the classical known intruder computational abilities such as encryption and decryption, we also consider the computations that result from the possible instrumentations of the protocol. Third, the veri cation is performed according to the extracted roles as well as to the deductive system. This veri cation consists in checking whether the intruder can answer all the challenges uttered by a particular role. If it is the case, an attack scenario is automatically constructed. To exemplify the usefulness and e ciency of our approach, we illustrate it on Woo and Lam authentication protocol. Abadi and Needham have shown that the protocol is insecure and they proposed a new corrected version. In this paper, we present new unknown aws in the Woo and Lam protocol as well as in its corrected version.
Comparing BDD and SAT based techniques for model checking Chaum's dining cryptographers protocol
2006
We analyse different versions of the Dining Cryptographers protocol by means of automatic verification via model checking. Specifically we model the protocol in terms of a network of communicating automata and verify that the protocol meets the anonymity requirements specified. Two different model checking techniques (ordered binary decision diagrams and SAT-based bounded model checking) are evaluated and compared to verify the protocols.
In this work, we explore the authentication and verification of key exchange protocol using Message Authentication Code (MAC). We propose a new MAC scheme model using input-output automata to protect the integrity of the secret key in the key exchange protocol. Our scheme was devised in reference to the Diffie-Hellman communication protocol model. We divided our MAC protocol into three stages of communication sequences in order to simplify the model and the design of automata machine. In the final result, we combined all stages and represented the protocol as Cryptographic MAC Protocol in the regular language. We have shown that the cryptographic MAC protocol for key exchange protocol can be implemented using finite input-output automata with some small modification of the finite state machine. The proposed protocol would be useful for implementation in a lightweight or a secure smart devices communication in the wireless sensor nodes (WSN) network.