Metric Strand Spaces for Locale Authentication Protocols
نویسندگان
چکیده
Location-dependent services are services that adapt their behavior based on the locations of mobile devices. For many applications, it is critical that location-dependent services use trustworthy device locations, namely locations that are both accurate and recent. These properties are captured by a security goal called locale authentication whereby an entity can authenticate the physical location of a device, even in the presence of malicious adversaries. In this paper, we present a systematic technique for verifying that location discovery protocols satisfy this security goal. We base our work on the strand space theory which provides a framework for determining which security goals a cryptographic protocol achieves. We extend this theory with a metric that captures the geometric properties of time and space. We use the extended theory to prove that several prominent location discovery protocols including GPS do not satisfy the locale authentication goal. We also analyze a location discovery protocol that does satisfy the goal under some reasonable assumptions.
منابع مشابه
Fairness analysis of e-commerce protocols based on strand spaces
Strand space logic is a formal method for analysing the security protocol. The electronic commerce protocols are of more complex structures, for example, branch structures, or a protocol is composite of multiple sub-protocols, so the analysis of electronic commerce protocols is far more complex than the analysis of authentication protocols. Fairness is a very important feature in ecommerce prot...
متن کاملKey Compromise, Strand Spaces, and the Authentication Tests
Some cryptographic protocols are vulnerable to replay attacks, a type of weakness that was a focus of attention in the Burroughs-Abadi-Needham logic. Newer, more operational approaches to protocol analysis have not concentrated on this type of attack. This paper fills the gap for the strand space theory. The main technical point is to provide a definition of recency. Our candidate is convenient...
متن کاملMixed Strand Spaces
Strand space analysis [13, 12] is a method for stating and proving correctness properties for cryptographic protocols. In this paper we apply the same method to the related problem of mixed protocols, and show that a protocol can remain correct even when used in combination with a range of other protocols. We illustrate the method with the familiar OtwayRees [10, 1] protocol. We identify a simp...
متن کاملFair Exchange in Strand Spaces
Many cryptographic protocols are intended to coordinate state changes among principals. Exchange protocols coordinate delivery of new values to the participants, e.g. additions to the set of values they possess. An exchange protocol is fair if it ensures that delivery of new values is balanced: If one participant obtains a new possession via the protocol, then all other participants will, too. ...
متن کاملProcess algebraic modeling of authentication protocols for analysis of parallel multi-session executions
Many security protocols have the aim of authenticating one agent acting as initiator to another agent acting as responder and vice versa. Sometimes, the authentication fails because of executing several parallel sessions of a protocol, and because an agent may play both the initiator and responder role in parallel sessions. We take advantage of the notion of transition systems to specify authen...
متن کامل