Share This Article:

Formal Verification of Secrecy in Group Key Protocols Using Event-B

Abstract Full-Text HTML XML Download Download as PDF (Size:554KB) PP. 165-177
DOI: 10.4236/ijcns.2012.53021    3,307 Downloads   5,322 Views  

ABSTRACT

Group key security protocols play an important role in today’s communication systems. Their verification, however, remains a great challenge because of the dynamic characteristics of group key construction and distribution protocols. Security properties that are well defined in normal two-party protocols have different meanings and different interpretations in group key distribution protocols, specifically, secrecy properties, such as group secrecy, forward secrecy, backward secrecy, and key independence. In this paper, we present a method to verify forward secrecy properties for group-oriented protocols. The method is based on a correct semantical link between group key protocols and event-B models and also uses the refinement process in the B method to model and verify group and forward secrecy. We use an event-B first-order theorem proving system to provide invariant checking for these secrecy properties. We illustrate our approach on the Tree based Group Diffie-Hellman protocol as case study.

Conflicts of Interest

The authors declare no conflicts of interest.

Cite this paper

A. Gawanmeh, S. Tahar and L. Ayed, "Formal Verification of Secrecy in Group Key Protocols Using Event-B," International Journal of Communications, Network and System Sciences, Vol. 5 No. 3, 2012, pp. 165-177. doi: 10.4236/ijcns.2012.53021.

References

[1] Y. Kim, A. Perrig and G. Tsudik, “Tree-Based Group Key Agreement,” ACM Transactions on Information and Systems Security, Vol. 7, No. 1, 2004, pp. 60-96. doi:10.1145/984334.984337
[2] J. Abrial, “Modelling in Event-B: System and Software Engineering,” Cambridge University Press, Cambridge, 2009.
[3] J. Abrial, “The B-Book: Assigning Programs to Meanings,” Cambbridge University Press, Cambridge, 1996. doi:10.1017/CBO9780511624162
[4] C. Metayer, J. Abrial and L. Voisin, “RODIN Deliverable 3.2: Event-B Language,” Technical Report Project IST-511599, School of Computing Science, University of Newcastle, Newcastle, 2005.
[5] A. Gawanmeh, L. J. B. Ayed and S. Tahar, “Event-B Based Invariant Checking of Secrecy in Group Key Protocols,” Local Computer Networks, IEEE Computer Society Press, New York, 2008, pp. 950-957.
[6] M. Steiner, G. Tsudik and M. Waidner, “Diffie-Hellman Key Distribution Extended to Group Communication,” Conference on Computer and Communications Security, ACM Press, London, 1996, pp. 31-37.
[7] J. Abrial, M. Butler, S. Hallerstede and L. Voisin, “An Open Extensible Tool Environment for Event-B,” International Conference on Formal Methods and Software Engineering, Lecture Notes in Computer Science, Springer-Verlag, Berlin, Vol. 4789, 2006, pp. 588-605.
[8] “Rodin Platform,” 2011. http://www.event-b.org
[9] F. F′abrega, “Strand Spaces: Proving Security Protocols Correct,” IOS Journal of Computer Security, Vol. 7, No. 2-3, 1999, pp. 191-230.
[10] L. Paulson, “The Inductive Approach to Verifying Cryptographic Protocols,” IOS Journal of Computer Security, Vol. 6, No. 1-2, 1998, pp. 85-128.
[11] F. Crazzolara and G. Winskel, “Events in Security Protocols,” ACM Conference on Computer and Communications Security, ACM Press, London, 2001 pp. 96-105.
[12] C. Cremers and S. Mauw, “Operational Semantics of Security Protocols,” Scenarios: Models, Transformations and Tools, LNCS, Springer-Verlag, Berlin, Vol. 3466, 2005, pp. 66-89. doi:10.1007/11495628_4
[13] A. Gawanmeh, A. Bouhoula and S. Tahar, “Rank Functions Based Inference System for Group Key Management Protocols Verification,” International Journal of Network Security, Vol. 8, No. 2, 2009, pp. 207-218.
[14] N. Stouls and M. Potet, “Security Policy Enforcement through Refinement Process,” Formal Specification and Development in B, LNCS, Springer-Verlag, Berlin, Vol. 4355, 2007, pp. 216-231. doi:10.1007/11955757_18
[15] N. Benaissa, D. Cansell and D. Mery, “Integration of Security Policy into System Modeling,” Formal Specification and Development in B, LNCS, Springer-Verlag, Berlin, Vol. 4355, 2007, pp. 232-247. doi:10.1007/11955757_19
[16] A. Abou El Kalam, R. E. Baida, P. Balbiani, S. Benferhat, F. Cuppens, Y. Deswarte, A. Miege, C. Saurel and G. Trouessin, “Organization Based Access Control,” International Workshop on Policies for Distributed Systems and Networks, IEEE Computer Society Press, New York, 2003, pp. 120-131.
[17] D. Bert, M. Potet and N. Stouls, “GeneSyst: A Tool to Reason about Behavioral Aspects of B Event Specifications. Application to Security Properties,” Formal Specification and Development in Z and B, LNCS, Springer-Verlag, Berlin, Vol. 3455, 2005, pp. 299-318. doi:10.1007/11415787_18
[18] M. Butler, “On the Use of Data Refinement in the Development of Secure Communications Systems,” Formal Aspects of Computing, Vol. 14, No. 1, 2002, pp. 2-34. doi:10.1007/s001650200025
[19] N. Chridi, M. Turuani and M. Rusinowitch, “Decidable analysis for a Class of Cryptographic Group Protocols with Unbounded Lists,” Computer Security Foundations Symposium, IEEE Computer Society Press, New York, 2009, pp. 277-289.
[20] N. Dalal, J. Shah, K. Hisaria and D. Jinwala, “A Comparative Analysis of Tools for Verification of Security Protocols,” International Journal of Communications, Network and System Sciences, Vol. 3, No. 10, 2010, pp. 779-787. doi:10.4236/ijcns.2010.310104
[21] Y. Li and J. Pang, “Extending the Strand Space Method with Timestamps: Part I the Theory,” International Journal of Communications, Network and System Sciences, Vol. 1, No. 2, 2010, pp. 45-55.
[22] J. Abrial, “Extending B without Changing It (for Developing Distributed Systems),” 1st Conference on the B method, Putting into Practice Methods and Tools for Information System Design, Institut de Recherche en Informatique de Nantes, 1996, pp. 169-190.
[23] T. Hoang and J. Abrial, “Reasoning about Liveness Properties in Event-B,” International Conference on Formal Engineering Methods, Lecture Notes in Computer Science, Springer-Verlag, Berlin, Vol. 6991, 2011, pp. 456-471.

  
comments powered by Disqus

Copyright © 2018 by authors and Scientific Research Publishing Inc.

Creative Commons License

This work and the related PDF file are licensed under a Creative Commons Attribution 4.0 International License.