Verifying Mutual Authentication for the DLK Protocol using ProVerif tool
نویسندگان
چکیده
This paper adopts the Distributed Lightweight Kerberos (DLK) protocol, which is a result of enhancing the well-known Kerberos protocol. One of the advantages of the DLK protocol is that it addresses mutual authentication and confidentiality challenges while reducing the required number of messages to securely communicate with multiple service providers. In this paper we formally analyze and verify the DLK protocol that has been designed for multi-agent based systems. We use the ProVerif formal model checker in order to model and verify the DLK protocol. Using ProVerif exposed essential security problems in the DLK protocol as non-formal analysis had shown. ProVerif enabled us to detect that mutual authentication is compromised between the DLK participants. We propose a nonce-based authentication technique in order to redesign the protocol and fix this flaw. We then verified the correctness of the proposed protocol using the ProVerif tool. Keywords─ Formal Method; ProVerif; DLK protocol; Agent technology; Mutual authentication; Confidentiality; Integrity; Authorization
منابع مشابه
A TESLA-based mutual authentication protocol for GSM networks
The widespread use of wireless cellular networks has made security an ever increasing concern. GSM is the most popular wireless cellular standard, but security is an issue. The most critical weakness in the GSM protocol is the use of one-way entity authentication, i.e., only the mobile station is authenticated by the network. This creates many security problems including vulnerability against m...
متن کاملVerification of secure biometric authentication protocols
The thesis presents verification of biometric authentication protocols. ProVerif is used as the verification tool for verifying and analysing the protocols. The protocol are analysed in ProVerif model. Various attacks to the protocols are generated in order to verify whether the protocols hold their intended properties. We have selected three biometric authentication protocols and proposed a re...
متن کاملA method for unbounded verification of privacy-type properties
In this paper, we consider the problem of verifying anonymity and unlinkability in the symbolic model,where protocols are represented as processes in a variant of the applied pi calculus, notably used in the ProVeriftool. Existing tools and techniques do not allow to verify directly these properties, expressed as behavioral equiv-alences. We propose a di erent approach: we design tw...
متن کاملBiometric Transaction Authentication Protocol: Formal Model Verification and "Four-Eyes" Principle Extension
The BTA protocol for biometric authentication of online banking transactions is extended to allow for multiple person authenticated transactions. In addition a formal specification is given, the protocol is modelled in the applied pi calculus and the security properties of data and person authentication as well as non-repudiation are verified using the tool ProVerif.
متن کاملFormal Verification of the mERA-Based eServices with Trusted Third Party Protocol
Internet services such as online banking, social networking and other web services require identification and authentication means. The European Citizen card can be used to provide a privacy-preserving authentication for Internet services enabling e.g. an anonymous age verification or other forms of anonymous attribute verification. The Modular Enhanced Symmetric Role Authentication (mERA) base...
متن کامل