S. Gazdag, Sophia Grundner-Culemann, T. Guggemos, T. Heider, Daniel Loebenberger
{"title":"IKEv2后量子扩展的形式化分析","authors":"S. Gazdag, Sophia Grundner-Culemann, T. Guggemos, T. Heider, Daniel Loebenberger","doi":"10.1145/3485832.3485885","DOIUrl":null,"url":null,"abstract":"Many security protocols used for daily Internet traffic have been used for decades and standardization bodies like the IETF often provide extensions for legacy protocols to deal with new requirements. Even though the security aspects for extensions are carefully discussed, automated reasoning has proven to be a valuable tool to uncover security holes that would otherwise have gone unnoticed. Therefore, Automated Theorem Proving (ATP) is already a customary procedure for the development of some new protocols, e.g., TLS 1.3 and MLS. IKEv2, the key exchange for the IPsec protocol suite, is expected to undergo significant changes to facilitate the integration of Post-Quantum Cryptography. We present the first formal security model for the IKEv2-handshake in a quantum setting together with an automated proof using the Tamarin Prover. Our model focuses on the core state machine, is therefore easily extendable, and aims to promote the use of ATP in IPsec-standardization. The security model captures gaps in the protocol, but treats the specific implementation (like fragmentation mechanisms, for example) as a black box. With IKE_INTERMEDIATE we showcase this approach on a recently proposed extension that significantly changes the protocol’s state machine.","PeriodicalId":175869,"journal":{"name":"Annual Computer Security Applications Conference","volume":"367 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"A formal analysis of IKEv2’s post-quantum extension\",\"authors\":\"S. Gazdag, Sophia Grundner-Culemann, T. Guggemos, T. Heider, Daniel Loebenberger\",\"doi\":\"10.1145/3485832.3485885\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Many security protocols used for daily Internet traffic have been used for decades and standardization bodies like the IETF often provide extensions for legacy protocols to deal with new requirements. Even though the security aspects for extensions are carefully discussed, automated reasoning has proven to be a valuable tool to uncover security holes that would otherwise have gone unnoticed. Therefore, Automated Theorem Proving (ATP) is already a customary procedure for the development of some new protocols, e.g., TLS 1.3 and MLS. IKEv2, the key exchange for the IPsec protocol suite, is expected to undergo significant changes to facilitate the integration of Post-Quantum Cryptography. We present the first formal security model for the IKEv2-handshake in a quantum setting together with an automated proof using the Tamarin Prover. Our model focuses on the core state machine, is therefore easily extendable, and aims to promote the use of ATP in IPsec-standardization. The security model captures gaps in the protocol, but treats the specific implementation (like fragmentation mechanisms, for example) as a black box. With IKE_INTERMEDIATE we showcase this approach on a recently proposed extension that significantly changes the protocol’s state machine.\",\"PeriodicalId\":175869,\"journal\":{\"name\":\"Annual Computer Security Applications Conference\",\"volume\":\"367 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-12-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Annual Computer Security Applications Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3485832.3485885\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Annual Computer Security Applications Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3485832.3485885","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A formal analysis of IKEv2’s post-quantum extension
Many security protocols used for daily Internet traffic have been used for decades and standardization bodies like the IETF often provide extensions for legacy protocols to deal with new requirements. Even though the security aspects for extensions are carefully discussed, automated reasoning has proven to be a valuable tool to uncover security holes that would otherwise have gone unnoticed. Therefore, Automated Theorem Proving (ATP) is already a customary procedure for the development of some new protocols, e.g., TLS 1.3 and MLS. IKEv2, the key exchange for the IPsec protocol suite, is expected to undergo significant changes to facilitate the integration of Post-Quantum Cryptography. We present the first formal security model for the IKEv2-handshake in a quantum setting together with an automated proof using the Tamarin Prover. Our model focuses on the core state machine, is therefore easily extendable, and aims to promote the use of ATP in IPsec-standardization. The security model captures gaps in the protocol, but treats the specific implementation (like fragmentation mechanisms, for example) as a black box. With IKE_INTERMEDIATE we showcase this approach on a recently proposed extension that significantly changes the protocol’s state machine.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
