research-article

Mechanized Network Origin and Path Authenticity Proofs

Authors:

Cristina Basescu,

Tiffany Hyun-Jin Kim,

Adrian PerrigAuthors Info & Claims

CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

Pages 346 - 357

https://doi.org/10.1145/2660267.2660349

Published: 03 November 2014 Publication History

Abstract

A secure routing infrastructure is vital for secure and reliable Internet services. Source authentication and path validation are two fundamental primitives for building a more secure and reliable Internet. Although several protocols have been proposed to implement these primitives, they have not been formally analyzed for their security guarantees. In this paper, we apply proof techniques for verifying cryptographic protocols (e.g., key exchange protocols) to analyzing network protocols. We encode LS2, a program logic for reasoning about programs that execute in an adversarial environment, in Coq. We also encode protocol-specific data structures, predicates, and axioms. To analyze a source-routing protocol that uses chained MACs to provide origin and path validation, we construct Coq proofs to show that the protocol satisfies its desired properties. To the best of our knowledge, we are the first to formalize origin and path authenticity properties, and mechanize proofs that chained MACs can provide the desired authenticity properties.

References

[1]

M. Abadi. Secrecy by typing in security protocols. Journal of the ACM, 46(5):749--786, 1999.

Digital Library

[2]

A. Armando and L. Compagna. SATMC: A SAT-Based Model Checker for Security Protocols. In JELIA, 2004.

[3]

M. Arnaud, V. Cortier, and S. Delaune. Modeling and Verifying Ad Hoc Routing Protocols. In Proc. CSF, 2010.

Digital Library

[4]

M. Arnaud, V. Cortier, and S. Delaune. Deciding security for protocols with recursive tests. In Proc. CADE, 2011.

Digital Library

[5]

D. A. Basin. Lazy Infinite-State Analysis of Security Protocols. In CQRE, 1999.

Digital Library

[6]

D. A. Basin, S. Capkun, P. Schaller, and B. Schmidt. Formal Reasoning about Physical Properties of Security Protocols. ACM Trans. Inf. Syst. Secur. 14(2):16, 2011.

Digital Library

[7]

D. A. Basin, S. Mödersheim, and L. Viganò. Ofmc: A symbolic model checker for security protocols. Int. J. Inf. Sec., 4(3):181--208, 2005.

Digital Library

[8]

J. Bau and J. Mitchell. A Security Evaluation of DNSSEC with NSEC3. In Proc. NDSS, 2010.

[9]

A. Bender, N. Spring, D. Levin, and B. Bhattacharjee. Accountability as a Service. In Proc. USENIX SRUTI, 2007.

Digital Library

[10]

J. Bengtson, K. Bhargavan, C. Fournet, A. D. Gordon, and S. Maffeis. Refinement types for secure implementations. TOPLAS, 33(2):8:1--8:45, 2011.

Digital Library

[11]

K. Bhargavan, C. Fournet, and A. D. Gordon. Modular Verification of Security Protocol Code by Typing. In Proc.\ POPL, 2010.

Digital Library

[12]

B. Blanchet. Automatic verification of correspondences for security protocols. J. Comput. Secur., 17(4), Dec. 2009.

Digital Library

[13]

B. Blanchet and B. Smyth. ProVerif 1.86: Automatic Cryptographic Protocol Verifier, User Manual and Tutorial. http://www.proverif.ens.fr/manual.pdf.

[14]

Y. Boichut, P.-C. Heam, O. Kouchnarenko, and F. Oehl. Improvements on the Genet and Klay Technique to Automatically Verify Security Protocols. In Proc. AVIS, 2004.

[15]

L. Bozga, Y. Lakhnech, and M. Périn. HERMES: An Automatic Tool for Verification of Secrecy in Security Protocols. In CAV, 2003.

[16]

K. Butler, T. R. Farley, P. McDaniel, and J. Rexford. A Survey of BGP Security Issues and Solutions. Proc. the IEEE, 98:100--122, January 2010.

[17]

C. Chen, L. Jia, B. T. Loo, and W. Zhou. Reduction-based Security Analysis of Internet Routing Protocols. In WRiPE, 2012.

Digital Library

[18]

C. Chen, L. Jia, H. Xu, C. Luo, W. Zhou, and B. T. Loo. A Program Logic for Verifying Secure Routing Protocols. In Proc. FORTE, 2014.

[19]

E. M. Clarke, S. Jha, and W. Marrero. Verifying Security Protocols with Brutus. ACM Trans. Softw. Eng. Methodol., 9:443--487, 2000.

Digital Library

[20]

V. Cortier, J. Degrieck, and S. Delaune. Analysing routing protocols: four nodes topologies are sufficient. In Proc. POST, 2012.

Digital Library

[21]

C. J. Cremers. The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols. In Proc. CAV, 2008.

Digital Library

[22]

A. Datta, A. Derek, J. C. Mitchell, and A. Roy. Protocol Composition Logic (PCL). Electronic Notes in Theoretical Computer Science, 172:311--358, 2007.

Digital Library

[23]

A. Datta, J. Franklin, D. Garg, and D. Kaynar. A Logic of Secure Systems and its Application to Trusted Computing. In Proc. IEEE S&P, 2009.

Digital Library

[24]

S. Escobar, C. Meadows, and J. Meseguer. A rewriting-based inference system for the NRL protocol analyzer: grammar generation. In Proc. FMSE, 2005.

Digital Library

[25]

D. Garg, J. Franklin, A. Datta, and D. Kaynar. Compositional System Security in the Presence of Interface-Confined Adversaries. Electronic Notes in Theoretical Computer Science, 265:49--71, 2010.

Digital Library

[26]

T. Genet and F. Klay. Rewriting for Cryptographic Protocol Verification. In Proc. CADE, 2000.

Digital Library

[27]

A. D. Gordon and A. Jeffrey. Authenticity by typing for security protocols. Journal of Computer Security, 11(4):451--519, July 2003.

Digital Library

[28]

S. Kent, C. Lynn, J. Mikkelson, and K. Seo. Secure Border Gateway Protocol (S-BGP). IEEE Journal on Selected Areas in Communications, 18:103--116, 2000.

Digital Library

[29]

T. H.-J. Kim, C. Basescu, L. Jia, S. B. Lee, Y.-C. Hu, and A. Perrig. Lightweight Source Authentication and Path Validation. In Proc. of ACM SIGCOMM, 2014.

Digital Library

[30]

R. Küsters and T. Wilke. Automata-Based Analysis of Recursive Cryptographic Protocols. In Proc. STACS, 2004.

[31]

X. Liu, A. Li, X. Yang, and D. Wetherall. Passport: Secure and Adoptable Source Authentication. In Proc. of NSDI, 2008.

Digital Library

[32]

G. Lowe. An Attack on the Needham-Schroeder Public-key Authentication Protocol. Inf. Process. Lett., 56(3):131--133, 1995.

Digital Library

[33]

C. Meadows. The NRL Protocol Analyzer: An Overview. J. Log. Program., 26:113--131, 1996.

[34]

J. K. Millen, S. C. Clark, and S. B. Freedman. The Interrogator: Protocol Security Analysis. IEEE Trans. Software Eng., 13:274--288, 1987.

Digital Library

[35]

J. C. Mitchell, M. Mitchell, and U. Stern. Automated analysis of cryptographic protocols using mur-phi. In Proc. IEEE S&P, 1997.

Digital Library

[36]

A. Nanevski, G. Morrisett, A. Shinnar, P. Govereau, and L. Birkedal. Ynot: Reasoning with the awkward squad. In Proc. ICFP, 2008.

Digital Library

[37]

J. Naous, M. Walfish, A. Nicolosi, D. Mazieres, M. Miller, and A. Seehra. Verifying and enforcing network paths with ICING. In Proc. CoNEXT, 2011.

Digital Library

[38]

O. Nordström and C. Dovrolis. Beware of BGP attacks. SIGCOMM Computer Communication Review, 34:1--8, 2004.

Digital Library

[39]

B. Parno, A. Perrig, and D. Andersen. SNAPP: Stateless Network-Authenticated Path Pinning. In Proc. ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2008.

Digital Library

[40]

L. C. Paulson. The Inductive Approach to Verifying Cryptographic Protocols. J. Comput. Secur., 6(1--2):85--128, Jan. 1998.

Digital Library

[41]

A. Roy, A. Datta, A. Derek, J. C. Mitchell, and J.-P. Seifert. Secrecy Analysis in Protocol Composition Logic. In Proc. ASIAN, 2006.

Digital Library

[42]

D. X. Song, S. Berezin, and A. Perrig. Athena: A Novel Approach to Efficient Automatic Security Protocol Analysis. J. Comput. Secur., 9:47--74, 2001.

Digital Library

[43]

N. Swamy, J. Chen, C. Fournet, P.-Y. Strub, K. Bhargavan, and J. Yang. Secure Distributed Programming with Value-Dependent Types. In Proc. ICFP, 2011.

Digital Library

[44]

M. Turuani. The CL-Atse Protocol Analyser. In Proc. RTA, 2006.

Digital Library

[45]

L. Viganò. Automated Security Protocol Analysis With the AVISPA Tool. Electron. Notes Theor. Comput. Sci., 155:61--86, 2006.

Digital Library

[46]

T. Wan, E. Kranakis, and P. C. Oorschot. Pretty secure BGP (psBGP). In Proc. NDSS, 2005.

[47]

R. White. Securing BGP Through Secure Origin BGP (soBGP). The Internet Protocol Journal, 6(3):15--22, 2003.

[48]

T. Y. C. Woo and S. S. Lam. A Semantic Model for Authentication Protocols. In Proc. IEEE S&P, 1993.

Digital Library

[49]

F. Zhang, L. Jia, T. H.-J. Kim, C. Basescu, Y.-C. Hu, and A. Perrig. Mechanized network origin and path authenticity proofs. Technical Report Carnegie Mellon University-CyLab-14-007, Carnegie Mellon University, 2014.

Digital Library

[50]

X. Zhang, H.-C. Hsiao, G. Hasker, H. Chan, A. Perrig, and D. G. Andersen. SCION: Scalability, Control, and Isolation On Next-Generation Networks. In Proc. IEEE S&P, 2011.

Digital Library

Cited By

Borges EMartinello MBonella Vdos Santos AGomes RDominicini CGuimarães RMenegueti GBarcellos MRuffini M(2024)PoT-PolKA: Let the Edge Control the Proof-of-Transit in Path-Aware NetworksIEEE Transactions on Network and Service Management10.1109/TNSM.2024.338945721:4(3681-3691)Online publication date: Aug-2024
https://doi.org/10.1109/TNSM.2024.3389457
Klenze TSprenger CBasin D(2023)IsaNetJournal of Computer Security10.3233/JCS-22002131:3(217-259)Online publication date: 1-Jan-2023
https://dl.acm.org/doi/10.3233/JCS-220021
Borges EBonella VSantos AMenegueti GDominicini CMartinello M(2023)In-situ Proof-of-Transit for Path-Aware Programmable Networks2023 IEEE 9th International Conference on Network Softwarization (NetSoft)10.1109/NetSoft57336.2023.10175482(170-177)Online publication date: 19-Jun-2023
https://doi.org/10.1109/NetSoft57336.2023.10175482
Show More Cited By

Index Terms

Mechanized Network Origin and Path Authenticity Proofs
1. Networks
  1. Network protocols
    1. Protocol correctness
      1. Protocol testing and verification
2. Security and privacy
  1. Network security

Recommendations

Mechanized proofs for a recursive authentication protocol
CSFW '97: Proceedings of the 10th IEEE workshop on Computer Security Foundations

A novel protocol has been formally analyzed using the prover Isabelle/HOL, following the inductive approach described in earlier work (L.C. Paulson, 1997). There is no limit on the length of a run, the nesting of messages or the number of agents ...
Mechanized Proofs of Adversarial Complexity and Application to Universal Composability
CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security

In this paper we enhance the EasyCrypt proof assistant to reason about computational complexity of adversaries. The key technical tool is a Hoare logic for reasoning about computational complexity (execution time and oracle calls) of adversarial ...
Coinductive big-step operational semantics

Using a call-by-value functional language as an example, this article illustrates the use of coinductive definitions and proofs in big-step operational semantics, enabling it to describe diverging evaluations in addition to terminating evaluations. We ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

November 2014

1592 pages

ISBN:9781450329576

DOI:10.1145/2660267

General Chair:
Gail-Joon Ahn
Arizona State University, USA
,
Program Chairs:
Moti Yung
Google -- Columbia University, USA
,
Ninghui Li
Purdue University, USA

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 November 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

CCS'14

Sponsor:

SIGSAC

CCS'14: 2014 ACM SIGSAC Conference on Computer and Communications Security

November 3 - 7, 2014

Arizona, Scottsdale, USA

Acceptance Rates

CCS '14 Paper Acceptance Rate 114 of 585 submissions, 19%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

22
Total Citations
View Citations
454
Total Downloads

Downloads (Last 12 months)16
Downloads (Last 6 weeks)4

Reflects downloads up to 21 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Borges EMartinello MBonella Vdos Santos AGomes RDominicini CGuimarães RMenegueti GBarcellos MRuffini M(2024)PoT-PolKA: Let the Edge Control the Proof-of-Transit in Path-Aware NetworksIEEE Transactions on Network and Service Management10.1109/TNSM.2024.338945721:4(3681-3691)Online publication date: Aug-2024
https://doi.org/10.1109/TNSM.2024.3389457
Klenze TSprenger CBasin D(2023)IsaNetJournal of Computer Security10.3233/JCS-22002131:3(217-259)Online publication date: 1-Jan-2023
https://dl.acm.org/doi/10.3233/JCS-220021
Borges EBonella VSantos AMenegueti GDominicini CMartinello M(2023)In-situ Proof-of-Transit for Path-Aware Programmable Networks2023 IEEE 9th International Conference on Network Softwarization (NetSoft)10.1109/NetSoft57336.2023.10175482(170-177)Online publication date: 19-Jun-2023
https://doi.org/10.1109/NetSoft57336.2023.10175482
Weghorn TLiu SSprenger CPerrig ABasin D(2022)N-Tube: Formally Verified Secure Bandwidth Reservation in Path-Aware Internet Architectures2022 IEEE 35th Computer Security Foundations Symposium (CSF)10.1109/CSF54842.2022.9919646(147-162)Online publication date: Aug-2022
https://doi.org/10.1109/CSF54842.2022.9919646
Zoure MAhmed TRéveillère LHung CHong JBechini ASong E(2021)VeriNeSProceedings of the 36th Annual ACM Symposium on Applied Computing10.1145/3412841.3441988(1138-1146)Online publication date: 22-Mar-2021
https://dl.acm.org/doi/10.1145/3412841.3441988
Hassan AIshaq IMinilla J(2021)Automated verification tools for cryptographic protocols2021 International Conference on Promising Electronic Technologies (ICPET)10.1109/ICPET53277.2021.00017(58-65)Online publication date: Nov-2021
https://doi.org/10.1109/ICPET53277.2021.00017
Klenze TSprenger CBasin D(2021)Formal Verification of Secure Forwarding Protocols2021 IEEE 34th Computer Security Foundations Symposium (CSF)10.1109/CSF51468.2021.00018(1-16)Online publication date: Jun-2021
https://doi.org/10.1109/CSF51468.2021.00018
Bu KLaird AYang YCheng LLuo JLi YRen K(2020)Unveiling the Mystery of Internet Packet ForwardingACM Computing Surveys10.1145/340979653:5(1-34)Online publication date: 28-Sep-2020
https://dl.acm.org/doi/10.1145/3409796
Yu KGuo XLiu LLi JWang HLing ZWu X(2020)Causality-based Feature SelectionACM Computing Surveys10.1145/340938253:5(1-36)Online publication date: 28-Sep-2020
https://dl.acm.org/doi/10.1145/3409382
Navarro GRojas-Ledesma J(2020)Predecessor SearchACM Computing Surveys10.1145/340937153:5(1-35)Online publication date: 28-Sep-2020
https://dl.acm.org/doi/10.1145/3409371
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents