Article

Formalizing and analyzing sender invariance

Authors:

Paul Hankes Drielsma,

Sebastian Mödersheim,

David BasinAuthors Info & Claims

FAST'06: Proceedings of the 4th international conference on Formal aspects in security and trust

Pages 80 - 95

Published: 26 August 2006 Publication History

Abstract

In many network applications and services, agents that share no secure channel in advance may still wish to communicate securely with each other. In such settings, one often settles for achieving security goals weaker than authentication, such as sender invariance. Informally, sender invariance means that all messages that seem to come from the same source actually do, where the source can perhaps only be identified by a pseudonym. This implies, in particular, that the relevant parts of messages cannot be modified by an intruder.

In this paper, we provide the first formal definition of sender invariance as well as a stronger security goal that we call strong sender invariance. We show that both kinds of sender invariance are closely related to, and entailed by, weak authentication, the primary difference being that sender invariance is designed for the context where agents can only be identified pseudonymously. In addition to clarifying how sender invariance and authentication are related, this result shows how a broad class of automated tools can be used for the analysis of sender invariance protocols. As a case study, we describe the analysis of two sender invariance protocols using the OFMC back-end of the AVISPA Tool.

References

[1]

Abadi, M.: Private Authentication. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 27-40. Springer, Heidelberg (2003).

Digital Library

[2]

Arkko, J., Kempf, J., Zill, B., Nikander, P.: RFC3971 - SEcure Neighbor Discovery (SEND) (March 2005).

[3]

Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., Hankes Drielsma, P., Heà, P.C., Mantovani, J., Moedersheim, S., von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Viganò, L., Vigneron, L.: The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281-285. Springer, Heidelberg (2005), http://www.avispa-project.org

Digital Library

[4]

Aura, T.: RFC3972 - Cryptographically Generated Addresses (CGA) (March 2005).

[5]

Basin, D., Mödersheim, S., Viganò, L.: Constraint Differentiation: A New Reduction Technique for Constraint-Based Analysis of Security Protocols. In: CCS'03. Proceedings of CCS'03, pp. 335-344. ACM Press, New York (2003).

Digital Library

[6]

Basin, D., Mödersheim, S., Viganò, L.: Algebraic intruder deductions. In: Sutcliffe, G., Voronkov, A. (eds.) LPAR 2005. LNCS (LNAI), vol. 3835, pp. 549-564. Springer, Heidelberg (2005).

Digital Library

[7]

Basin, D., Mödersheim, S., Viganò, L.: OFMC: A Symbolic Model-Checker for Security Protocols. International Journal of Information Security 4(3), 181-208 (2005).

[8]

Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232-249. Springer, Heidelberg (1994).

Digital Library

[9]

Boyd, C.: Security architectures using formal methods. IEEE Journal on Selected Areas in Communications 11(5), 694-701 (1993).

[10]

Bradner, S., Mankin, A., Schiller, J.I.: A framework for purpose built keys (PBK), Work in Progress (Internet Draft) (June 2003).

[11]

Chevalier, Y., Compagna, L., Cuellar, J., Hankes Drielsma, P., Mantovani, J., Mödersheim, S., Vigneron, L.: A High Level Protocol Specification Language for Industrial Security-Sensitive Protocols. In: Proceedings of SAPS'04, pp. 193-205. Austrian Computer Society (2004).

[12]

Dierks, T., Allen, C.: RFC2246 - The TLS Protocol Version 1 (January 1999).

Digital Library

[13]

Dolev, D., Yao, A.: On the Security of Public-Key Protocols. IEEE Transactions on Information Theory 2(29) (1983).

[14]

Gollmann, D.: What do we mean by Entity Authentication. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 46-54. IEEE Computer Society Press, Los Alamitos (1996).

Digital Library

[15]

Johnson, D., Perkins, C., Arkko, J.: RFC3775 - Mobility Support in IPv6 (June 2004).

[16]

Lowe, G.: A hierarchy of authentication specifications. In: Proceedings of CSFW'97, pp. 31-43. IEEE Computer Society Press, Los Alamitos (1997).

Digital Library

[17]

Nikander, P., Kempf, J., Nordmark, E.: RFC3756 - IPv6 Neighbor Discovery (ND) Trust Models and Threats (May 2004).

Digital Library

Cited By

Jonker HMauw SRadomirović S(2015)Location-Private Interstellar CommunicationRevised Selected Papers of the 23rd International Workshop on Security Protocols XXIII - Volume 937910.1007/978-3-319-26096-9_11(105-115)Online publication date: 31-Mar-2015
https://dl.acm.org/doi/10.1007/978-3-319-26096-9_11
Karapanos NCapkun SFu K(2014)On the effective prevention of TLS man-in-the-middle attacks in web applicationsProceedings of the 23rd USENIX conference on Security Symposium10.5555/2671225.2671268(671-686)Online publication date: 20-Aug-2014
https://dl.acm.org/doi/10.5555/2671225.2671268
Mödersheim SViganò L(2009)Secure pseudonymous channelsProceedings of the 14th European conference on Research in computer security10.5555/1813084.1813112(337-354)Online publication date: 21-Sep-2009
https://dl.acm.org/doi/10.5555/1813084.1813112
Show More Cited By

Formalizing and analyzing sender invariance
1. Social and professional topics
  1. Computing / technology policy

Recommendations

Polite sender: A resource-saving spam email countermeasure based on sender responsibilities and recipient justifications

Currently, most of the existing spam countermeasures are deployed on the email recipient side. However, they cannot diminish the amount of wasteful traffic sent from the SMTP server and the wasteful data storage in the receiver's inbox incurred by spam ...
Explicit invariance of Cartesian Zernike moments

Zernike moments are one of the most commonly implemented feature extractors among the family of moment invariants. Their popularity stems from the fact that they are robust in the presence of noise. Their rotational invariance property is inherited from ...
A Sender-Centric Approach to Detecting Phishing Emails
CYBERSECURITY '12: Proceedings of the 2012 International Conference on Cyber Security

Email-based online phishing is a critical security threat on the Internet. Although phishers have great flexibility in manipulating both the content and structure of phishing emails, phishers have much less flexibility in completely concealing the ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

FAST'06: Proceedings of the 4th international conference on Formal aspects in security and trust

August 2006

285 pages

ISBN:3540752269

Editors:
Theo Dimitrakos
BT Group Chief Technology Office, Ipswich, UK
,
Fabio Martinelli
National Research Council, Pisa, Italy
,
Peter Y. A. Ryan
University of Newcastle, UK
,
Steve Schneider
University of Surrey, UK

Sponsors

IIT-CNR
Newcastle University

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 26 August 2006

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
2
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 28 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Jonker HMauw SRadomirović S(2015)Location-Private Interstellar CommunicationRevised Selected Papers of the 23rd International Workshop on Security Protocols XXIII - Volume 937910.1007/978-3-319-26096-9_11(105-115)Online publication date: 31-Mar-2015
https://dl.acm.org/doi/10.1007/978-3-319-26096-9_11
Karapanos NCapkun SFu K(2014)On the effective prevention of TLS man-in-the-middle attacks in web applicationsProceedings of the 23rd USENIX conference on Security Symposium10.5555/2671225.2671268(671-686)Online publication date: 20-Aug-2014
https://dl.acm.org/doi/10.5555/2671225.2671268
Mödersheim SViganò L(2009)Secure pseudonymous channelsProceedings of the 14th European conference on Research in computer security10.5555/1813084.1813112(337-354)Online publication date: 21-Sep-2009
https://dl.acm.org/doi/10.5555/1813084.1813112
Lucks SZenner EWeimerskirch AWesthoff D(2008)Concrete Security for Entity RecognitionProceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology10.1007/978-3-540-89754-5_13(158-171)Online publication date: 14-Dec-2008
https://dl.acm.org/doi/10.1007/978-3-540-89754-5_13

View Options

View options

Media

Figures

Other

Tables

View Table of Contents