Modeling and Analyzing Timed Security Protocols Using Extended Timed CSP
Loading...
Authors
Zhang, Xian
Liu, Yang
Auguston, Mikhail
Advisors
Second Readers
Subjects
Date of Issue
2010
Date
Publisher
IEEE
Language
Abstract
Security protocols are hard to design, even under
the assumption of perfect cryptography. This is especially
true when a protocol involves different timing aspects such as
timestamps, timeout, delays and a set of timing constraints.
In this paper, we propose a methodology for modeling and
analyzing security protocols that are aware of timing aspects. We
develop a formalism for modeling security protocols by extending
Timed CSP with the capability of stating complicated timing
behaviors for processes and events. A reasoning mechanism for
the proposed formalism is developed based on Constraint Logic
Programming (CLP). Using the reasoning engine built in CLP,
the authentication properties of timed security protocols are able
to be verified and attacks can be discovered. We demonstrate the
capability of our method by modeling and verifying real-world
security protocols. New approaches of using timing information
to unfold and prevent potential attacks are also presented.
Type
Article
Description
The article of record as published may be found at http://dx.doi.org/10.1109/SSIRI.2010.29
Series/Report No
Department
Computer Science (CS)
Organization
Naval Postgraduate School (U.S.)
Identifiers
NPS Report Number
Sponsors
Funding
Format
10 p.
Citation
Zhang, Xian, Yang Liu, and Mikhail Auguston. "Modeling and analyzing timed security protocols using extended timed csp." Secure Software Integration and Reliability Improvement (SSIRI), 2010 Fourth International Conference on. IEEE, 2010.
Distribution Statement
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.