short-paper

Short Paper: Modular Black-box Runtime Verification of Security Protocols

Authors:

Dennis Jackson,

Robert KünnemannAuthors Info & Claims

PLAS'20: Proceedings of the 15th Workshop on Programming Languages and Analysis for Security

Pages 19 - 22

https://doi.org/10.1145/3411506.3417596

Published: 09 November 2020 Publication History

Abstract

Verification techniques have been applied to the design of secure protocols for decades. However, relatively few efforts have been made to ensure that verified designs are also implemented securely. Static code verification techniques offer one way to bridge the verification gap between design and implementation, but require substantial expertise and manual labor to realize in practice. In this short paper, we propose black-box runtime verification as an alternative approach to extend the security guarantees of protocol designs to their implementations. Instead of instrumenting the complete protocol implementation, our approach only requires instrumenting common cryptographic libraries and network interfaces with a runtime monitor that is automatically synthesized from the protocol specification. This lightweight technique allows the effort for instrumentation to be shared among different protocols and ensures security with presumably minimal performance overhead.

Supplementary Material

MP4 File (3411506.3417596.mp4)

Presentation video for the paper "Short Paper: Modular Black-box Runtime Verification of Security Protocols"

Download
322.97 MB

References

[1]

Martín Abadi and Cédric Fournet. 2001. Mobile Values, New Names, and Secure Communication. In 28th ACM Symp. on Principles of Programming Languages (POPL'01). ACM, 104--115.

Digital Library

[2]

GnuTLS Airtower. 2020. CVE-2020--13777: TLS 1.3 session resumption works without master key, allowing MITM. https://gitlab.com/gnutls/gnutls/-/issues/1011 (Accessed June 26th, 2020).

[3]

José Bacelar Almeida, Manuel Barbosa, Gilles Barthe, Franccois Dupressoir, and Michael Emmi. 2016. Verifying Constant-Time Implementations. In Proceedings of the 25th USENIX Conference on Security Symposium (Austin, TX, USA) (SEC'16). USENIX Association, USA, 53--70.

Digital Library

[4]

Howard Barringer, Yliès Falcone, Klaus Havelund, Giles Reger, and David Rydeheard. 2012. Quantified Event Automata : Towards Expressive and Efficient Runtime Monitors. In FM 2012: Formal Methods, Dimitra Giannakopoulou and Dominique Méry (Eds.). Lecture Notes in Computer Science, Vol. 7436. Springer Berlin Heidelberg, 68--84. https://doi.org/10.1007/978--3--642--32759--9_9

[5]

Daniel J. Bernstein. 2015. Multi-user Schnorr security, revisited. IACR Cryptology ePrint Archive, Vol. 2015 (2015), 996.

[6]

Karthikeyan Bhargavan, Benjamin Beurdouche, Jean-Karim Zinzindohoué, and Jonathan Protzenko. 2017. HACL*: A Verified Modern Cryptographic Library. ACM CCS (September 2017). https://www.microsoft.com/en-us/research/publication/hacl-a-verified-modern-cryptographic-library/

[7]

Bruno Blanchet. 2001. An Efficient Cryptographic Protocol Verifier Based on Prolog Rules. In 14th Computer Security Foundations Workshop (CSFW'01). IEEE Comp. Soc., 82--96.

[8]

Bruno Blanchet. 2013. Automatic verification of security protocols in the symbolic model: The verifier proverif. In Foundations of Security Analysis and Design VII. Springer, 54--87.

[9]

Barry Bond, Chris Hawblitzel, Manos Kapritsos, Rustan Leino, Jay Lorch, Bryan Parno, Ashay Rane, Srinath Setty, and Laure Thompson. 2017. Vale: Verifying High-Performance Cryptographic Assembly Code. In Proceedings of the USENIX Security Symposium. USENIX. https://www.microsoft.com/en-us/research/publication/vale-verifying-high-performance-cryptographic-assembly-code/ Distinguished Paper Award.

[10]

Ran Canetti, Alley Stoughton, and Mayank Varia. 2019. Easyuc: Using easycrypt to mechanize proofs of universally composable security. In 2019 IEEE 32nd Computer Security Foundations Symposium (CSF). IEEE, 167--16716.

[11]

Kim-Kwang Raymond Choo, Colin Boyd, and Yvonne Hitchcock. 2005. Errors in Computational Complexity Proofs for Protocols. In Advances in Cryptology - ASIACRYPT 2005, 11th International Conference on the Theory and Application of Cryptology and Information Security, Chennai, India, December 4--8, 2005, Proceedings (Lecture Notes in Computer Science), Bimal K. Roy (Ed.), Vol. 3788. Springer, 624--643. https://doi.org/10.1007/11593447_34

[12]

Jason A. Donenfeld. 2017. WireGuard: Next Generation Kernel Network Tunnel. In 24th Annual Network and Distributed System Security Symposium, NDSS 2017, San Diego, California, USA, February 26 - March 1, 2017. The Internet Society. https://www.ndss-symposium.org/ndss2017/ndss-2017-programme/wireguard-next-generation-kernel-network-tunnel/

[13]

Yliès Falcone, Giles Reger, and Dmitriy Traytel. 2018. A Taxonomy for Classifying Runtime Verification Tools. In Runtime Verification, Christian Colombo and Martin Leucker (Eds.). Vol. 11237. Springer International Publishing, Cham, 241--262. https://doi.org/10.1007/978--3-030-03769--7_14

[14]

Bernd Finkbeiner, Christopher Hahn, Marvin Stenger, and Leander Tentrup. 2020. Efficient monitoring of hyperproperties using prefix trees. International Journal on Software Tools for Technology Transfer (02 2020). https://doi.org/10.1007/s10009-020-00552--5

[15]

Christopher Hahn. 2019. Algorithms for Monitoring Hyperproperties. In Runtime Verification, Bernd Finkbeiner and Leonardo Mariani (Eds.). Springer International Publishing, Cham, 70--90.

[16]

Christopher Hahn, Marvin Stenger, and Leander Tentrup. 2019. Constraint-Based Monitoring of Hyperproperties. In Tools and Algorithms for the Construction and Analysis of Systems, Tomávs Vojnar and Lijun Zhang (Eds.). Springer International Publishing, Cham, 115--131.

[17]

Martin Leucker and Christian Schallhart. 2009. A brief account of runtime verification. The Journal of Logic and Algebraic Programming, Vol. 78, 5 (2009), 293--303.

[18]

G. Lowe. 1997. A hierarchy of authentication specifications. In Proceedings 10th Computer Security Foundations Workshop. 31--43.

[19]

Simon Meier, Benedikt Schmidt, Cas Cremers, and David Basin. 2013. The TAMARIN prover for the symbolic analysis of security protocols. In International Conference on Computer Aided Verification. Springer, 696--701.

[20]

Alfred Menezes. 2007. Another look at HMQV. J. Mathematical Cryptology, Vol. 1, 1 (2007), 47--64. https://doi.org/10.1515/JMC.2007.004

[21]

P. Müller, M. Schwerhoff, and A. J. Summers. 2016. Viper: A Verification Infrastructure for Permission-Based Reasoning. In Verification, Model Checking, and Abstract Interpretation (VMCAI) (LNCS), B. Jobstmann and K. R. M. Leino (Eds.), Vol. 9583. Springer-Verlag, 41--62.

[22]

Jonathan Protzenko, Benjamin Beurdouche, Denis Merigoux, and Karthikeyan Bhargavan. 2019. Formally verified cryptographic web applications in WebAssembly. In 2019 IEEE Symposium on Security and Privacy (SP). IEEE, 1256--1274.

[23]

E. Rescorla. 2018. RFC 8446: The Transport Layer Security (TLS) Protocol Version 1.3. https://tools.ietf.org/html/rfc8446 (Accessed May 29th, 2020).

[24]

Shubham Sahai, Pramod Subramanyan, and Rohit Sinha. 2020. Verification of Quantitative Hyperproperties Using Trace Enumeration Relations. In Computer Aided Verification, Shuvendu K. Lahiri and Chao Wang (Eds.). Springer International Publishing, Cham, 201--224.

[25]

Christoph Sprenger and David Basin. 2018. Refining Security Protocols. Journal of Computer Security, Vol. 26, 1 (2018), 71--120. https://doi.org/10.3233/JCS-16814

[26]

M. Marlinspike T. Perrin. 2016. The Signal Protocol. https://signal.org/ (Accessed May 29th, 2020).

[27]

T. Y. C. Woo and S. S. Lam. 1993. A semantic model for authentication protocols. In Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy. 178--194.

Cited By

Curmi AColombo CVella MAhrendt WAncona DFrancalanza A(2021)Runtime verification for trustworthy secure shell deploymentProceedings of the 5th ACM International Workshop on Verification and mOnitoring at Runtime EXecution10.1145/3464974.3468449(30-34)Online publication date: 12-Jul-2021
https://dl.acm.org/doi/10.1145/3464974.3468449
Abela RColombo CMalo PSýs PFabšič TGallo OHromada VVella M(2021)Secure Implementation of a Quantum-Future GAKE ProtocolSecurity and Trust Management10.1007/978-3-030-91859-0_6(103-121)Online publication date: 4-Dec-2021
https://doi.org/10.1007/978-3-030-91859-0_6

Index Terms

Short Paper: Modular Black-box Runtime Verification of Security Protocols
1. Security and privacy

Recommendations

Verification of security protocols using LOTOS-method and application

We explain how the formal language LOTOS can be used to specify security protocols and cryptographic operations. We describe how security properties can be modelled as safety properties and how a model-based verification method can be used to verify the ...
Black-Box Constructions of Protocols for Secure Computation

In this paper, we study the question of whether or not it is possible to construct protocols for general secure computation in the setting of malicious adversaries and no honest majority that use the underlying primitive (e.g., enhanced trapdoor ...
Two-Round MPC: Information-Theoretic and Black-Box
Theory of Cryptography
Abstract
We continue the study of protocols for secure multiparty computation (MPC) that require only two rounds of interaction. The recent works of Garg and Srinivasan (Eurocrypt 2018) and Benhamouda and Lin (Eurocrypt 2018) essentially settle the ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

PLAS'20: Proceedings of the 15th Workshop on Programming Languages and Analysis for Security

November 2020

46 pages

ISBN:9781450380928

DOI:10.1145/3411506

Program Chairs:
Alley Stoughton
Boston University, USA
,
Marco Vassena
CISPA, Germany

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 November 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Conference

CCS '20

Sponsor:

SIGSAC

CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security

November 13, 2020

Virtual Event, USA

Acceptance Rates

Overall Acceptance Rate 43 of 77 submissions, 56%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
92
Total Downloads

Downloads (Last 12 months)15
Downloads (Last 6 weeks)0

Reflects downloads up to 03 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Curmi AColombo CVella MAhrendt WAncona DFrancalanza A(2021)Runtime verification for trustworthy secure shell deploymentProceedings of the 5th ACM International Workshop on Verification and mOnitoring at Runtime EXecution10.1145/3464974.3468449(30-34)Online publication date: 12-Jul-2021
https://dl.acm.org/doi/10.1145/3464974.3468449
Abela RColombo CMalo PSýs PFabšič TGallo OHromada VVella M(2021)Secure Implementation of a Quantum-Future GAKE ProtocolSecurity and Trust Management10.1007/978-3-030-91859-0_6(103-121)Online publication date: 4-Dec-2021
https://doi.org/10.1007/978-3-030-91859-0_6

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents