Conference Paper

A Formally Verified Device Authentication Protocol Using Casper/FDR

DOI: 10.1109/TrustCom.2012.27 Conference: Trust comm

ABSTRACT For communication in Next Generation Networks,
highly-developed mobile devices will enable users to store and
manage a lot of credentials on their terminals. Furthermore,
these terminals will represent and act on behalf of users when
accessing different networks and connecting to a wide variety
of services. In this situation, it is essential for users to trust
their terminals and for all transactions using them to be
secure. This paper analyses a number of the Authentication
and Key Agreement protocols between the users and mobile
terminals, then proposes a novel device authentication protocol.
The proposed protocol is analysed and verified using a formal
methods approach based on Casper/FDR compiler


Available from: Mahdi Aiash, May 30, 2015
  • [Show abstract] [Hide abstract]
    ABSTRACT: Next Generation Networks comprise a wide variety of access technologies such as 2G/3G, WLAN as well as the Long-Term Evolution (LTE) networks. In this environment, mobile devices are expected to store sensitive data and represent users to access the underlying networks and connect to a wide variety of sensitive servers. It is crucial, in this sense, for end users to trust their mobile devices and for all transactions using them to be secure. Therefore, a number of communication frameworks in Next Generation Networks have been working on designing device authentication protocols that achieve mutual authentication between users and mobile terminals. This paper analyses some of these protocols and introduces two new device authentication protocols, verifies them using formal methods approach and discusses how they achieved desired security proprieties. The performance analysis highlights another advantage of the proposed protocols.
    Concurrency and Computation Practice and Experience 03/2014; DOI:10.1002/cpe.3260 · 0.78 Impact Factor
  • Source
    03/2012, Degree: Doctor of Philosophy- PhD
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Over-the-air dissemination of code updates in wireless sensor networks have been researchers' point of interest in the last few years, and, more importantly, security challenges toward the remote propagation of code updating have occupied the majority of efforts in this context. Many security models have been proposed to establish a balance between the energy consumption and security strength, having their concentration on the constrained nature of wireless sensor network (WSN) nodes. For authentication purposes, most of them have used a Merkle hash tree to avoid using multiple public cryptography operations. These models mostly have assumed an environment in which security has to be at a standard level. Therefore, they have not investigated the tree structure for mission-critical situations in which security has to be at the maximum possible level (e.g., military applications, healthcare). Considering this, we investigate existing security models used in over-the-air dissemination of code updates for possible vulnerabilities, and then, we provide a set of countermeasures, correspondingly named Security Model Requirements. Based on the investigation, we concentrate on Seluge, one of the existing over-the-air programming schemes, and we propose an improved version of it, named Seluge++, which complies with the Security Model Requirements and replaces the use of the inefficient Merkle tree with a novel method. Analytical and simulation results show the improvements in Seluge++ compared to Seluge.
    Sensors 03/2014; 14(3):5004-40. DOI:10.3390/s140305004 · 2.05 Impact Factor