Kanovich, M;
Kirigin, TB;
Nigam, V;
Scedrov, A;
Talcott, C;
(2017)
Time, computational complexity, and probability in the analysis of distance-bounding protocols.
Journal of Computer Security
, 25
(6)
pp. 585-630.
10.3233/JCS-0560.
Preview |
Text
post-journal-final(2).pdf - Published Version Download (453kB) | Preview |
Abstract
Many security protocols rely on the assumptions on the physical properties in which its protocol sessions will be carried out. For instance, Distance Bounding Protocols take into account the round trip time of messages and the transmission velocity to infer an upper bound of the distance between two agents. We classify such security protocols as Cyber-Physical. Time plays a key role in design and analysis of many of these protocols. This paper investigates the foundational differences and the impacts on the analysis when using models with discrete time and models with dense time. We show that there are attacks that can be found by models using dense time, but not when using discrete time. We illustrate this with an attack that can be carried out on most Distance Bounding Protocols. In this attack, one exploits the execution delay of instructions during one clock cycle to convince a verifier that he is in a location different from his actual position. We additionally present a probabilistic analysis of this novel attack. As a formal model for representing and analyzing Cyber-Physical properties, we propose a Multiset Rewriting model with dense time suitable for specifying cyber-physical security protocols. We introduce Circle-Configurations and show that they can be used to symbolically solve the reachability problem for our model, and show that for the important class of balanced theories the reachability problem is PSPACE-complete. We also show how our model can be implemented using the computational rewriting tool Maude, the machinery that automatically searches for such attacks.
| Type: | Article |
|---|---|
| Title: | Time, computational complexity, and probability in the analysis of distance-bounding protocols |
| Open access status: | An open access version is available from UCL Discovery |
| DOI: | 10.3233/JCS-0560 |
| Publisher version: | https://doi.org/10.3233/JCS-0560 |
| Language: | English |
| Additional information: | This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions. |
| Keywords: | Multiset Rewrite Systems, Cyber-Physical Security Protocols, protocol security, computational complexity, Maude |
| UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science |
| URI: | https://discovery.ucl.ac.uk/id/eprint/10077901 |
Archive Staff Only
 |
View Item |
