Title :
Modeling and Analyzing Timed Security Protocols Using Extended Timed CSP
Author :
Zhang, Xian ; Liu, Yang ; Auguston, Mikhail
Author_Institution :
Sch. of Comput., Nat. Univ. of Singapore, Singapore, Singapore
Abstract :
Security protocols are hard to design, even under the assumption of perfect cryptography. This is especially true when a protocol involves different timing aspects such as timestamps, timeout, delays and a set of timing constraints. In this paper, we propose a methodology for modeling and analyzing security protocols that are aware of timing aspects. We develop a formalism for modeling security protocols by extending Timed CSP with the capability of stating complicated timing behaviors for processes and events. A reasoning mechanism for the proposed formalism is developed based on Constraint Logic Programming (CLP). Using the reasoning engine built in CLP, the authentication properties of timed security protocols are able to be verified and attacks can be discovered. We demonstrate the capability of our method by modeling and verifying real-world security protocols. New approaches of using timing information to unfold and prevent potential attacks are also presented.
Keywords :
authorisation; communicating sequential processes; constraint handling; cryptographic protocols; formal verification; inference mechanisms; timing; authentication properties; constraint logic programming; cryptography; extended timed CSP; formal verification; reasoning engine; timed security protocols; timing information; Authentication; Cryptographic protocols; Cryptography; Data security; Delay; Engines; Information security; Logic programming; National security; Timing; Constraint Logic Programm; Security Protocol; Timed CSP; extension; verifictaion;
Conference_Titel :
Secure Software Integration and Reliability Improvement (SSIRI), 2010 Fourth International Conference on
Conference_Location :
Singapore
Print_ISBN :
978-1-4244-7435-6
DOI :
10.1109/SSIRI.2010.29
