Title :
Formal security analysis of authentication in SNMPv3 protocol by an automated tool
Author :
Asadi, Shahrooz ; Shahhoseini, Hadi Shahriar
Author_Institution :
Electr. Eng. Dept., Iran Univ. of Sci. & Technol., Tehran, Iran
Abstract :
Recently, the verification of network management protocols has been the subject of many research works. SNMP (Simple Network Management Protocol) is a widely used protocol for monitoring and managing devices on IP networks. Three significant security features (authentication, encryption, access control) are added to SNMPv3 under the User-based Security Model (USM). Until now, no formal and automated verification methods have been proposed for network management protocols and they have been analyzed only with informal techniques or with symbolic methods which is a hard, time-consuming and error-prone task when done by hand. Hence, in this paper, we first describe the SNMPv3 protocol and propose an abstract model of it to formalize our understanding of SNMP, and provide a specification of SNMPv3 in the applied π-calculus. We verify authenticity in SNMPv3 protocol without bounding the number of sessions of the protocol, using an automated protocol verifier, ProVerif and we show a proof of authenticity for the SNMPv3 protocol.
Keywords :
IP networks; cryptographic protocols; telecommunication network management; telecommunication security; π-calculus; IP networks; ProVerif; SNMP; SNMPv3 protocol; USM; access control; authentication; automated protocol verifier; automated tool; encryption; error-prone task; formal security analysis; security features; simple network management protocol; time-consuming task; user-based security model; Abstracts; Authentication; Calculus; Encryption; Protocols; Applied π-Calculus; Authentication; Correspondence Assertions; Formal Verification; ProVerif; SNMPv3;
Conference_Titel :
Telecommunications (IST), 2012 Sixth International Symposium on
Conference_Location :
Tehran
Print_ISBN :
978-1-4673-2072-6
DOI :
10.1109/ISTEL.2012.6483143
