Analysing TLS Using the Strand Spaces Model
نویسندگان
چکیده
In this paper, we analyse the Transport Layer Security (TLS) protocol within the strand spaces setting. In [BL03] Broadfoot and Lowe suggested an abstraction of TLS. The abstraction models the security services that appear to be provided by the protocol to the high-level security layers. The outcome of our analysis provides a formalisation of the security services provided by TLS and proves that, under reasonable assumptions, the abstract model suggested by Broadfoot and Lowe is correct. To that end, we reduce the complexity of the protocol using safe simplifying transformations. We extend the strand spaces model in order to include the cryptographic operations used in TLS and facilitate its analysis. Finally, we use the extended strand spaces model to fully analyse TLS with its two main components: the Handshake and Record Layer Protocols. ∗Authors’ address: Oxford University Computing Laboratory, Wolfson Building, Parks Road, Oxford, OX1 3QD, UK; {allaa.kamil, gavin.lowe}@comlab.ox.ac.uk.
منابع مشابه
Analysing TLS in the strand spaces model
In this paper, we analyse the Transport Layer Security (TLS) protocol (in particular, bilateral TLS in public-key mode) within the strand spaces setting. In [BL03] Broadfoot and Lowe suggested an abstraction of TLS. The abstraction models the security services that appear to be provided by the protocol to the high-level security layers. The outcome of our analysis provides a formalisation of th...
متن کاملAnalysing layered security protocols
Many security protocols are built as the composition of an applicationlayer protocol and a secure transport protocol, such as TLS. There are many approaches to proving the correctness of such protocols. One popular approach is verification by abstraction, in which the correctness of the application-layer protocol is proven under the assumption that the transport layer satisfies certain properti...
متن کاملAnalysing Applications Layered on Unilaterally Authenticating Protocols
There are many approaches to proving the correctness of application-layer protocols that are layered on secure transport protocols, such as TLS. One popular approach is verification by abstraction, in which the correctness of the application-layer protocol is proven under the assumption that the transport layer satisfies certain properties. Following this approach, we adapt the strand spaces mo...
متن کاملSpecifying and Modelling Secure Channels in Strand Spaces
We adapt the Strand Spaces model to reason abstractly about layered security protocols, where an Application Layer protocol is layered on top of a secure transport protocol. The model abstracts away from the implementation of the secure transport protocol and just captures the properties that it provides to the Application Layer. We illustrate the usefulness of the model by using it to verify a...
متن کاملSpice Compatible Model for Multiple Coupled Nonuniform Transmission Lines Application in Transient Analysis of VLSI Circuits
An SPICE compatible model for multiple coupled nonuniform lossless transmission lines (TL's) is presented. The method of the modeling is based on the steplines approximation of the nonuniform TLs and quasi-TEM assumptions. Using steplines approximation the system of coupled nonuniform TLs is subdivided into arbitrary large number of coupled uniform lines (steplines) with different characteristi...
متن کامل