FVF-AKA: A Formal Verification Framework of AKA Protocols for Multi-server IoT-Reference-Cited by-同舟云学术

FVF-AKA: A Formal Verification Framework of AKA Protocols for Multi-server IoT

Published:2023-11-20 Issue:4 Volume:35 Page:1-36
ISSN:0934-5043
Container-title:Formal Aspects of Computing
language:en
Short-container-title:Form. Asp. Comput.

Author:

Fei Yuan¹^ORCID,Zhu Huibiao²^ORCID,Yin Jiaqi³^ORCID

Affiliation:

1. Shanghai Normal University, China

2. East China Normal University, China

3. Northwestern Polytechnical University, China

Abstract

As IoT in a multi-server environment increases resources’ utilization, more and more problems of IoT authentication and key agreement are being revealed. The Authentication and Key Agreement (AKA) protocol plays an important role in solving these problems. Many AKA protocols have been proposed, and some of them support their own verifications. However, a unifying verification framework for multi-server IoT is lacking. In this article, we propose a formal verification framework of AKA protocols for multi-server IoT (FVF-AKA). It supports the construction of CSP models for the AKA protocol, the implementation of the CSP models in PAT with C#, and the verification of formal models. With the help of C#, many complex functions in the AKA protocol can be implemented. We also design an algorithm to support automatic conversion from the CSP model to the PAT model. FVF-AKA can verify four fundamental properties (deadlock freedom, entity legitimacy, timeout delay, and session key consistency). It also supports the verification of security properties for the AKA protocol suffering from four different attacks (relay attacks, denial of service attacks, server spoofing attacks, and session key attacks). Our approach can be applied to most AKA protocols for multi-server IoT generally. By applying FVF-AKA to two AKA protocols, we can verify whether they satisfy the fundamental properties and analyze their security properties in vulnerable environments. Our work would help to analyze the AKA protocol for multi-server IoT and provide the foundation for the analysis of enhancing its security and robustness.

Publisher

Association for Computing Machinery (ACM)

Subject

Theoretical Computer Science,Software

Link

https://dl.acm.org/doi/pdf/10.1145/3599731

Reference60 articles.

1. Yang Liu, Jun Sun, and Jin Song Dong. 2010. Developing model checkers using PAT. In ATVA. 371–377.

2. Third Generation Partnership Project (3GPP). 2000. 3G Security: Formal Analysis of the 3G Authentication Protocol. Technical Report TS 33.902 v3.1.0.

3. Mahdi Aiash. 2013. A formally verified initial authentication and key agreement protocol in heterogeneous environments using Casper/FDR. In Network and System Security - 7th International Conference (NSS’13). Proceedings (Lecture Notes in Computer Science), Javier López, Xinyi Huang, and Ravi S. Sandhu (Eds.), Vol. 7873. Springer, 742–748.

4. Kamal Ali Alezabi, Fazirulhisyam Hashim, Shaiful Jahari Hashim, and Borhanuddin M. Ali. 2014. An efficient authentication and key agreement protocol for 4G (LTE) networks. In 2014 IEEE REGION 10 SYMPOSIUM.

5. Myrto Arapinis, Loretta Ilaria Mancini, Eike Ritter, Mark Ryan, Nico Golde, Kevin Redon, and Ravishankar Borgaonkar. 2012. New privacy issues in mobile telephony: Fix and verification. In the ACM Conference on Computer and Communications Security (CCS’12), Ting Yu, George Danezis, and Virgil D. Gligor (Eds.). ACM, 205–216.

Cited by 1 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Formalization and Analysis of Aeolus-based File System from Process Algebra Perspective;Mobile Networks and Applications;2024-09-13