Abstract:
Many security protocols rely on the assumptions on the physical properties in which its protocol sessions will be carried out. For instance, Distance Bounding Protocols take into account the round trip time of messages and the transmission velocity to infer an upper bound of the distance between two agents. We classify such security protocols as cyber-physical. Time plays a key role in design and analysis of many of these protocols. We investigate the foundational differences and the impacts on the analysis when using models with discrete time and models with dense time. We show that there are attacks that can be found by models using dense time, but not when using discrete time. We illustrate this with a novel attack that can be carried out on most distance bounding protocols. In this attack, the prover exploits the execution delay of instructions during one clock cycle to convince the verifier that the prover is in a location diff erent from its actual position. We propose a model for specifying cyber-physical security protocols which extends Multiset Rewriting with dense times. We introduce Circle-Configurations and show that they can be used to symbolically solve the reachability problem for our model. Finally, we show that for the important class of balanced transition systems the reachability problem is PSPACE-complete. This is joint work with Max Kanovich, Tajana Ban Kirigin, Vivek Nigam, and Carolyn Talcott.
|
