{"title":"安全设备配对协议形式化分析","authors":"Trung Nguyen, J. Leneutre","doi":"10.1109/NCA.2014.50","DOIUrl":null,"url":null,"abstract":"The need to secure communications between personal devices is increasing nowadays, especially in the context of Internet of Things. Authentication between devices which have no prior common knowledge is a challenging problem. One solution consists in using a pre-authenticated auxiliary channel, human assisted or location limited, usually called out-of-band channel. A large number of device pairing protocols using an out-of-band channel were proposed, but they usually suffer from a lack of formal analysis. In this paper, we introduce a formal model, conceived as an extension of Strand Spaces, to analyze such protocols. We use it to analyze a device pairing protocol with unilateral out-of-band channel proposed by Wong & Stajano. This leads us to discover some vulnerabilities in this protocol. We propose a modified version of the protocol together with a correctness proof in our model.","PeriodicalId":399462,"journal":{"name":"2014 IEEE 13th International Symposium on Network Computing and Applications","volume":"5 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-08-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"Formal Analysis of Secure Device Pairing Protocols\",\"authors\":\"Trung Nguyen, J. Leneutre\",\"doi\":\"10.1109/NCA.2014.50\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The need to secure communications between personal devices is increasing nowadays, especially in the context of Internet of Things. Authentication between devices which have no prior common knowledge is a challenging problem. One solution consists in using a pre-authenticated auxiliary channel, human assisted or location limited, usually called out-of-band channel. A large number of device pairing protocols using an out-of-band channel were proposed, but they usually suffer from a lack of formal analysis. In this paper, we introduce a formal model, conceived as an extension of Strand Spaces, to analyze such protocols. We use it to analyze a device pairing protocol with unilateral out-of-band channel proposed by Wong & Stajano. This leads us to discover some vulnerabilities in this protocol. We propose a modified version of the protocol together with a correctness proof in our model.\",\"PeriodicalId\":399462,\"journal\":{\"name\":\"2014 IEEE 13th International Symposium on Network Computing and Applications\",\"volume\":\"5 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-08-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 IEEE 13th International Symposium on Network Computing and Applications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NCA.2014.50\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE 13th International Symposium on Network Computing and Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NCA.2014.50","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Formal Analysis of Secure Device Pairing Protocols
The need to secure communications between personal devices is increasing nowadays, especially in the context of Internet of Things. Authentication between devices which have no prior common knowledge is a challenging problem. One solution consists in using a pre-authenticated auxiliary channel, human assisted or location limited, usually called out-of-band channel. A large number of device pairing protocols using an out-of-band channel were proposed, but they usually suffer from a lack of formal analysis. In this paper, we introduce a formal model, conceived as an extension of Strand Spaces, to analyze such protocols. We use it to analyze a device pairing protocol with unilateral out-of-band channel proposed by Wong & Stajano. This leads us to discover some vulnerabilities in this protocol. We propose a modified version of the protocol together with a correctness proof in our model.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
