Section: New Results

Modelling

Symbolic models for security protocol verification, following the seminal ideas of Dolev and Yao, come in many flavors, even though they share the same ideas. A common assumption is that the attacker has complete control over the network: he can therefore intercept any message. Depending on the precise model this may be reflected either by the fact that any protocol output is directly routed to the adversary, or communications may be among any two participants, including the attacker—the scheduling between which exact parties the communication happens is left to the attacker. These two models may seem equivalent at first glance and, depending on the verification tools, either one or the other semantics is implemented. In collaboration with Babel (IIT Bombay) we show that, unsurprisingly, they indeed coincide for reachability properties. However, when we consider equivalence properties, we prove that these two semantics are incomparable. We also introduce a new semantics, where internal communications are allowed but messages are always eavesdropped by the attacker. We show that this new semantics yields strictly stronger equivalence relations and identify two subclasses of protocols for which the three semantics coincide. These results were presented at POST'17 [16].

Isolated Execution Environments (IEEs), such as ARM TrustZone and Intel SGX, offer the possibility to execute sensitive code in isolation from other, potentially malicious programs, running on the same machine, or a potentially corrupted OS. A key feature of IEEs is the ability to produce reports binding cryptographically a message to the program that produced it, typically ensuring that this message is the result of the given program running on an IEE. In collaboration with Jacomme (ENS Cachan) and Scerri (Univ Bristol), Kremer presented a symbolic model for specifying and verifying applications that make use of such features. For this they introduced the S$\ell$APiC process calculus to reason about reports issued at given locations. They also provide tool support, extending the SAPIC/TAMARIN toolchain and demonstrate the applicability of their framework on several examples implementing secure outsourced computation (SOC), a secure licensing protocol and a one-time password protocol that all rely on such IEEs. This work has been published and presented at EuroS&P'17 [30].

Modern security protocols may involve humans in order to compare or copy short strings between different devices. Multi-factor authentication protocols, such as Google 2-factor or 3D-secure are typical examples of such protocols. However, such short strings may be subject to brute force attacks. In collaboration with Delaune (IRISA), we propose a symbolic model which includes attacker capabilities for both guessing short strings, and producing collisions when short strings result from an application of weak hash functions. We propose a new decision procedure for analysing (a bounded number of sessions of) protocols that rely on short strings. The procedure has been integrated in the Akiss tool and tested on protocols from the ISO/IEC 9798-6:2010 standard. This work has been published and presented at CSF'17 [26].

Most security properties are modelled as safety properties (“bad things do not happen”). Another important class of properties is that of liveness properties (“eventually, good things happen”). Reasoning about the class of liveness properties of cryptographic protocols, has received little attention in the literature, even though this class is vital in many security-sensitive applications, such as fair exchange protocols, or security layers in industrial control systems. In collaboration with Backes and Künnemann (Univ Saarland, Germany), Dreier and Kremer have designed a protocol and adversary model that are suitable for reasoning about liveness properties. Tool support is also provided by extending the SAPIC/TAMARIN tool chain and several case studies demonstrate the effectiveness of the approach. This work has been published and presented at EuroS&P'17 [17].

Industrial systems are nowadays regularly the target of cyberattacks, the most famous being Stuxnet(Stuxnet. https://en.wikipedia.org/wiki/Stuxnet). At the same time such systems are increasingly interconnected with other systems and insecure media such as Internet. In contrast to other IT systems, industrial systems often do not only require classical properties like data confidentiality or authentication of the communication, but have special needs due to their interaction with the physical world. For example, the reordering or deletion of some commands sent to a machine can cause the system to enter an unsafe state with potentially catastrophic effects. To prevent such attacks, the integrity of the message flow is necessary.

In joint work with Lafourcade (Univ Clermont-Ferrand), Potet, and Puys (Univ Grenoble Alpes), Dreier developed a formal definition of Flow Integrity in the context of industrial systems. The framework is applied to two well-known industrial protocols: OPC-UA and MODBUS. Using TAMARIN, they identified several design flaws in some of the different versions of these protocols. They also discussed how to efficiently model counters and timestamps in TAMARIN, as they are key ingredients of the analyzed protocols. This work was presented at SECRYPT'17 [32], and won a Best Student Paper Award.