A formal analysis of IKEv2’s post-quantum extension

S. Gazdag, Sophia Grundner-Culemann, T. Guggemos, T. Heider, Daniel Loebenberger
{"title":"A formal analysis of IKEv2’s post-quantum extension","authors":"S. Gazdag, Sophia Grundner-Culemann, T. Guggemos, T. Heider, Daniel Loebenberger","doi":"10.1145/3485832.3485885","DOIUrl":null,"url":null,"abstract":"Many security protocols used for daily Internet traffic have been used for decades and standardization bodies like the IETF often provide extensions for legacy protocols to deal with new requirements. Even though the security aspects for extensions are carefully discussed, automated reasoning has proven to be a valuable tool to uncover security holes that would otherwise have gone unnoticed. Therefore, Automated Theorem Proving (ATP) is already a customary procedure for the development of some new protocols, e.g., TLS 1.3 and MLS. IKEv2, the key exchange for the IPsec protocol suite, is expected to undergo significant changes to facilitate the integration of Post-Quantum Cryptography. We present the first formal security model for the IKEv2-handshake in a quantum setting together with an automated proof using the Tamarin Prover. Our model focuses on the core state machine, is therefore easily extendable, and aims to promote the use of ATP in IPsec-standardization. The security model captures gaps in the protocol, but treats the specific implementation (like fragmentation mechanisms, for example) as a black box. With IKE_INTERMEDIATE we showcase this approach on a recently proposed extension that significantly changes the protocol’s state machine.","PeriodicalId":175869,"journal":{"name":"Annual Computer Security Applications Conference","volume":"367 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Annual Computer Security Applications Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3485832.3485885","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 5

Abstract

Many security protocols used for daily Internet traffic have been used for decades and standardization bodies like the IETF often provide extensions for legacy protocols to deal with new requirements. Even though the security aspects for extensions are carefully discussed, automated reasoning has proven to be a valuable tool to uncover security holes that would otherwise have gone unnoticed. Therefore, Automated Theorem Proving (ATP) is already a customary procedure for the development of some new protocols, e.g., TLS 1.3 and MLS. IKEv2, the key exchange for the IPsec protocol suite, is expected to undergo significant changes to facilitate the integration of Post-Quantum Cryptography. We present the first formal security model for the IKEv2-handshake in a quantum setting together with an automated proof using the Tamarin Prover. Our model focuses on the core state machine, is therefore easily extendable, and aims to promote the use of ATP in IPsec-standardization. The security model captures gaps in the protocol, but treats the specific implementation (like fragmentation mechanisms, for example) as a black box. With IKE_INTERMEDIATE we showcase this approach on a recently proposed extension that significantly changes the protocol’s state machine.
IKEv2后量子扩展的形式化分析
许多用于日常互联网流量的安全协议已经使用了几十年,像IETF这样的标准化机构经常为遗留协议提供扩展,以处理新的需求。尽管对扩展的安全方面进行了仔细的讨论,但自动推理已被证明是一种有价值的工具,可以发现原本可能被忽视的安全漏洞。因此,自动定理证明(Automated Theorem Proving, ATP)已经成为一些新协议开发的习惯过程,例如TLS 1.3和MLS。IKEv2是IPsec协议套件的密钥交换协议,预计将发生重大变化,以促进后量子加密的集成。我们提出了量子环境下ikev2握手的第一个正式安全模型,并使用Tamarin证明器进行了自动证明。我们的模型专注于核心状态机,因此易于扩展,旨在促进ATP在ipsec标准化中的使用。安全模型捕获协议中的漏洞,但将特定的实现(例如碎片机制)视为黑盒。通过IKE_INTERMEDIATE,我们在最近提出的扩展中展示了这种方法,该扩展显著地改变了协议的状态机。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信