Conference PaperPDF Available

On the Security Verification of a Short Message Service Protocol

April 2018

DOI:10.1109/WCNC.2018.8377349

Conference: IEEE Wireless Communications and Networking Conference (WCNC 2018)
At: Barcelona, Spain

Authors:

University College Dublin

Madhusanka Liyanage

University College Dublin

Cornelia Győrödi

University of Oradea

Show all 5 authorsHide

Short Message Service (SMS) is a text messaging service component of smart phones, web, or mobile communication systems which requires a high level of security to provide user authentication and data confidentiality. To provide such security features, a high security communication protocol for SMS, called Message Security Communication Protocol (MSCP) has proposed. In this paper, MSCP is formally analysed using an automated logic-based verification tool, which reveals that the protocol is susceptible to Denial of Service (DoS) attacks and parallel session attacks. Then, an amended version of the protocol is proposed to counter the identified attacks. Formal verification of the amended protocol provides confidence regarding the correctness and effectiveness of the proposed modifications.

Verification Results of the Amended Protocol

Figures - uploaded by Anca D Jurcut

Content may be subject to copyright.

Content uploaded by Anca D Jurcut

Content may be subject to copyright.

Content uploaded by Anca D Jurcut

Content may be subject to copyright.

Content uploaded by Anca D Jurcut

Content may be subject to copyright.

Content uploaded by Madhusanka Liyanage

Content may be subject to copyright.

A preview of the PDF is not available

Introduction to IoT Security

Chapter

Full-text available

Dec 2019

In a world with “things” and devices interconnected at every level, from wearables to home and building automation, to smart cities and infrastructure, to smart industries, and to smart‐everything, the Internet of Things (IoT) security plays a central role with no margin for error or shortage on supply. Securing, including authentication of these devices, will become everyone's priority, from manufacturers to silicon vendors (or IP developers), to software and application developers, and to the final consumer, the beneficiaries of the security “recipe” that will accompany these IoT products. Together, all consumers of these products need to adapt to the market demands, innovate, and improve processes, grasp new skills and learn new methods, raise awareness and embrace new training and curricula programs. In this article, we provide a thorough survey and classification of the existing vulnerabilities, exploitable attacks, possible countermeasures as well as access control mechanisms including authentication and authorization. These challenges are addressed in detail considering both the technologies and the architecture used. Furthermore, this work also focuses also on IoT intrinsic vulnerabilities as well as the security challenges at every layer. In addition, solutions for remediation of the compromised security, as well as methods for risk mitigation, with prevention and suggestions for improvement are discussed.

Capítulo 3 Introduçãoà Verificação Automática de Protoco- los de Segurança com Scyther

Chapter

Full-text available

Nov 2020

Resumo Os protocolos de segurança representam o alicerce das comunicações realiza-das na Internet. Um dos principais desafios no projeto desses protocolosé garantir a sua própria segurança. Para superar esses desafios, foram desenvolvidas ferramentas de verificação formal e automática de protocolos de segurança, como a Scyther, CryptoVerif, ProVerif, AVISPA e Tamarim Prover. Entretanto, essas ferramentas são ainda pouco co-nhecidas e utilizadas na prática por projetistas de protocolos e estudantes de computação. Este minicurso, cujo conteúdo está disponível no GitHub 1 , visa diminuir essa lacuna através da apresentação da ferramenta Scyther e sua aplicação na verificação de quatro protocolos de segurança. 3.1. Introdução Com o surgimento de novos instrumentos legais, como a Lei Geral de Proteção de Dados (LGPD) 2 , a segurança na Internet, mais especificamente a proteção dos dados em trânsito,é um dos assuntos que entrou na pauta de diver-sas nações. As entidades comunicantes e os dados em trânsito são autentica-dos e protegidos através de protocolos de segurança como o Needham-Schroeder (NS) [Needham and Schroeder 1978], Diffie-Hellman (DH) [Steiner et al. 1996], Inter-net Key Exchange (IKE) [Carrel and Harkins 1998], Internet Protocol Security (IP-sec) [Atkinson 1995], Secure Shell (SSH) [Lonvick and Ylonen 2006], Transport Layer Security (TLS) [Rescorla 2018] e Signal Protocol 3. Um dos principais desafios de projeto e implementação de sistemas e protoco-los de segurança da informaçãoé garantir a corretude e a resistência a ataques com 1 https://github.com/scyther-lea/errc2020 2

A SURVEY OF THE BLOCKCHAIN CONCEPT AND MITIGATION CHALLENGES IN DIFFERENT NETWORKS

Article

Full-text available

Oct 2021

Recent Development, Trends and Challenges in IoT Security

Chapter

Jul 2021
Lect Notes Comput Sci

A large amount of data that IoT applications deal, is users’ Private data, and their privacy is a significant issue. However, if users are not sure about the security of their data, they will not desire to use such applications. The goal of this study is to improve the security and privacy of users in the Internet of Things (IoTs) setting. Since, the application of IoT technology is growing day by day. Also, the importance of users’ data security is always top of the list and difficult to achieve. In this study, we studied latest development in the security of Internet of Things (IoTs) so that we can use it to investigate its challenges and advantages.

Detection and Prevention of New Attacks for ID-based Authentication Protocols

Conference Paper

Full-text available

Feb 2021

The rapid development of information and network technologies motivates the emergence of various new computing paradigms, such as distributed computing, and edge computing. This also enables more and more network enterprises to provide multiple different services simultaneously. To ensure these services can conveniently be accessed only by authorized users, many password and smart card-based authentication schemes for multi-server architecture have been proposed. In this paper, we review several dynamic ID-based password authentication schemes for multi-server environments. New attacks against four of these schemes are presented, demonstrating that an adversary can impersonate either legitimate or fictitious users. The impact of these attacks is the failure to achieve the main security requirement: authentication. Thus, the security of the analyzed schemes is proven to be compromised. We analyze these four dynamic ID-based schemes and discuss the reasons for the success of the new attacks. Additionally, we propose a new set of design guidelines to prevent such exploitable weaknesses on dynamic ID-based authentication protocols. Finally, we apply the proposed guidelines to the analyzed protocols and demonstrate that violation of these guidelines leads to insecure protocols. Additional

Detection and Prevention of New Attacks for ID-based Authentication Protocols

Preprint

Full-text available

Jan 2021

The rapid development of information and network technologies motivates the emergence of various new computing paradigms, such as distributed computing, and edge computing. This also enables more and more network enterprises to provide multiple different services simultaneously. To ensure these services can conveniently be accessed only by authorized users, many password and smart card-based authentication schemes for multi-server architecture have been proposed. In this paper, we review several dynamic ID-based password authentication schemes for multi-server environments. New attacks against four of these schemes are presented, demonstrating that an adversary can impersonate either legitimate or fictitious users. The impact of these attacks is the failure to achieve the main security requirement: authentication. Thus, the security of the analyzed schemes is proven to be compromised. We analyze these four dynamic ID-based schemes and discuss the reasons for the success of the new attacks. Additionally, we propose a new set of design guidelines to prevent such exploitable weaknesses on dynamic ID-based authentication protocols. Finally, we apply the proposed guidelines to the analyzed protocols and demonstrate that violation of these guidelines leads to insecure protocols.

A Breach into the Authentication with Built-in Camera (ABC) Protocol

Chapter

Full-text available

Aug 2020
Lect Notes Comput Sci

In this paper, we propose a simple and effective attack on the recently introduced Smartphone Authentication with Built-in Camera Protocol, called ABC. The ABC protocol uses the photo-response non-uniformity (PRNU) as the main authentication factor in combination with anti-forgery detection systems. The ABC protocol interprets the PRNU as a fingerprint of the camera sensor built-in a smartphone device. The protocol works as follows: during the authentication process, the user is challenged with two QR codes (sent by the server) that need to be photographed with a pre-registered device. In each QR code, the server embeds a unique pattern noise (not visible to the naked eye), called probe signal, that is used to identify potential forgeries. The inserted probe signal is very similar to a genuine fingerprint. The photos of QR codes taken by the user are then sent to the server for verification. The server checks (i) if the photos contain the user’s camera fingerprint (used to authenticate the pre-registered device) and (ii) if the photos contain the embedded probe signal.

A breach into the Authentication with Built-in Camera (ABC) Protocol

Preprint

Full-text available

Mar 2020

div>[Paper accepted at ACNS 2020] In this paper, we propose a simple and effective attack on the recently introduced Smartphone Authentication with Built-in Camera Protocol, called ABC. The ABC protocol uses the photo-response non-uniformity (PRNU) as the main authentication factor in combination with anti-forgery detection systems. The ABC protocol interprets the PRNU as a fingerprint of the camera sensor built-in a smartphone device. The protocol works as follows: during the authentication process, the user is challenged with two QR codes (sent by the server) that need to be photographed with a pre-registered device. In each QR code, the server embeds a unique pattern noise (not visible to the naked eye), called probe signal, that is used to identify potential forgeries. The inserted probe signal is very similar to a genuine fingerprint. The photos of QR codes taken by the user are then sent to the server for verification. The server checks (i) if the photos contain the user's camera fingerprint (used to authenticate the pre-registered device) and (ii) if the photos contain the embedded probe signal. If an adversary tries to remove (subtract) his own camera fingerprint and replace it with the victim's camera fingerprint (computed from photos shared on social media), then he will implicitly remove the embedded probe signal and the attack will fail. The ABC protocol is able to detect these attacks with a false acceptance rate (FAR) of 0.5%. However, the ABC protocol wrongly assumes that the attacker can only determine his own camera fingerprint from the photos of the presented QR codes. The attack proposed in our work is able to get past the anti-forgery detection system with a FAR of 54.1%, simply by estimating the attacker's camera fingerprint from a different set of photos (e.g. five photos) owned by the attacker. This set of photos can be trivially obtained before the attack, allowing the adversary to compute his camera fingerprint independently of the attack. The key to the success of our attack is that the independently computed adversary's camera fingerprint does not contain the probe signal embedded in the QR codes. Therefore, when we subtract the adversary's camera fingerprint and add the victim's camera fingerprint, the embedded probe signal will remain in place. For this reason, the proposed attack can successfully pass through the anti-forgery detection system of the ABC protocol. In this paper, we also propose a potential fix based on analyzing signals from built-in motion sensors, which are not typically shared on social media.</div

A breach into the Authentication with Built-in Camera (ABC) Protocol

Preprint

Full-text available

Mar 2020

div>[Paper accepted at ACNS 2020] In this paper, we propose a simple and effective attack on the recently introduced Smartphone Authentication with Built-in Camera Protocol, called ABC. The ABC protocol uses the photo-response non-uniformity (PRNU) as the main authentication factor in combination with anti-forgery detection systems. The ABC protocol interprets the PRNU as a fingerprint of the camera sensor built-in a smartphone device. The protocol works as follows: during the authentication process, the user is challenged with two QR codes (sent by the server) that need to be photographed with a pre-registered device. In each QR code, the server embeds a unique pattern noise (not visible to the naked eye), called probe signal, that is used to identify potential forgeries. The inserted probe signal is very similar to a genuine fingerprint. The photos of QR codes taken by the user are then sent to the server for verification. The server checks (i) if the photos contain the user's camera fingerprint (used to authenticate the pre-registered device) and (ii) if the photos contain the embedded probe signal. If an adversary tries to remove (subtract) his own camera fingerprint and replace it with the victim's camera fingerprint (computed from photos shared on social media), then he will implicitly remove the embedded probe signal and the attack will fail. The ABC protocol is able to detect these attacks with a false acceptance rate (FAR) of 0.5%. However, the ABC protocol wrongly assumes that the attacker can only determine his own camera fingerprint from the photos of the presented QR codes. The attack proposed in our work is able to get past the anti-forgery detection system with a FAR of 54.1%, simply by estimating the attacker's camera fingerprint from a different set of photos (e.g. five photos) owned by the attacker. This set of photos can be trivially obtained before the attack, allowing the adversary to compute his camera fingerprint independently of the attack. The key to the success of our attack is that the independently computed adversary's camera fingerprint does not contain the probe signal embedded in the QR codes. Therefore, when we subtract the adversary's camera fingerprint and add the victim's camera fingerprint, the embedded probe signal will remain in place. For this reason, the proposed attack can successfully pass through the anti-forgery detection system of the ABC protocol. In this paper, we also propose a potential fix based on analyzing signals from built-in motion sensors, which are not typically shared on social media.</div

DESIGNING OF SMS BASED DISTANCE LEARNING PLATFORM FOR HIGH- ER LEARNING INSTITUTIONS IN DEVELOPING COUNTRIES: EDUCATION IN PANDEMIC CASES

Article

Full-text available

Oct 2020

Distance learning is education and training resulting from the technological separation of learners and instructors that gives learners freedom from traveling, time and place in order to learn. Higher learning institutions from developing countries suffer from suitable low cost solution to offer a distance education especially when it is needed as temporary way out. The web based solution increases challenges in side of students due to network coverage issues from telecommunications providers and many students own handheld device with no in-ternet capability. Major existing and applicable approach to deliver class based lectures is by using presentation slides. According to this study these slides can be re-formatted in SMS and enabling a distance education to take place. The Short Message Service (SMS) stated with GSM a 2G technology and has being adopted by its successor technologies like 4G and 5G; the SMS provides electronic text services between Mobile Station (MS). SMS bundles in country like Tanzania is less expensive when compared with Internet bundles. This study investigate chances of offering SMS based education and gives a blueprint of how SMS can be used to facilitate distance learning in developing countries.

Aspects of Mobility of e-Marketing from Customer Perspective

Conference Paper

Full-text available

Sep 2019

A Novel Security Protocol Attack Detection Logic with Unique Fault Discovery Capability for Freshness Attacks and Interleaving Session Attacks

Article

Full-text available

Jul 2017

This paper introduces a new logic-based technique for detecting security protocol weaknesses that are exploitable by freshness and interleaving session attacks. This technique is realised as a special purpose logic to be used throughout the protocol design stage, where a draft of the protocol is subjected to formal analysis prior to its publication or deployment. For any detected failures the analysis also reveals their cause, facilitating design corrections.

Establishing and Fixing Security Protocols Weaknesses Using a Logic-based Verification Tool

Article

Full-text available

Nov 2013

Formal verification aims at providing a rigid and thorough means of evaluating the correctness of security protocols and also establishing that the protocols are free of weaknesses that can be exploited by attacks. This paper discusses the process of formal verification using a logic-based verification tool. The verification tool with attack detection capabilities is introduced, and the verification process is demonstrated by way of a case study on two published security protocols that provide mutual authentication using smart cards. The performed verification reveals new weaknesses in the protocols that can be exploited by a replay attack and a parallel session attack. The impact of these attacks is that an attacker is able to masquerade as a legitimate remote user to cheat the system. The reasoning why these attacks are possible is detailed and an amended protocol, resistant to these attacks is proposed. Formal verification of the amended protocol provides confidence in the correctness and effectiveness of the proposed modifications.

Design Guidelines for Security Protocols to Prevent Replay & Parallel Session Attacks

Article

Full-text available

Sep 2014
COMPUT SECUR

This work is concerned with the design of security protocols. These protocols are susceptible to intruder attacks and their security compromised if weaknesses in the protocols’ design are evident. In this paper a new analysis is presented on the reasons why security protocols are vulnerable to replay and parallel session attack and based on this analysis a new set of design guidelines to ensure resistance to these attacks is proposed. The guidelines are general purpose so as to encompass a wide spectrum of security protocols. Further, an empirical study on the effectiveness of the proposed guidelines is carried out on a set of protocols, incorporating those that are known to be vulnerable to replay or parallel session attacks as well as some amended versions that are known to be free of these weaknesses. The goal of this study is to establish conformance of the set of protocols with the proposed design guidelines. The results of the study show that any protocol following the design guidelines can be considered free of weaknesses exploitable by replay or parallel session attacks. On the other hand, if non-conformance of a protocol with the design guidelines is determined, then the protocol is vulnerable to replay or parallel session attacks.

Bank adoption of mobile banking: stakeholder perspective

Article

Aug 2017
Int J Bank Market

Purpose Bank adoption of mobile banking globally remains sporadic. Factors influencing this remain under researched. The purpose of this paper was to explore drivers and barriers of bank adoption of mobile banking from a stakeholder perspective. Design/methodology/approach Using Diffusion of Innovation (DOI) a mixed method study was conducted. Data was collected using blogging to inform a 2 round modified Delphi study. The opinion of 72 members from 6 stakeholder industries was sought. Findings The results indicate that DOI theory is still applicable within mobile environments in helping to understand the diffusion of mobile banking. Key drivers of bank adoption were global mobile phone penetration, competitive advantage, customer convenience, strategic importance, customer demand, low perceived risk/security concerns and stakeholder partnerships. Findings suggest low levels of customer demand and lack of Return on Investment (ROI) are key barriers for banks. The findings have strategic implications for industry players highlighting the importance of mobile banking to maintain market share and customer relations. These influences will inform successful mobile banking strategies by raising awareness of major barriers. Originality/value This study concentrates on a bank/stakeholder perspective. It confirms that DOI theory is still applicable within mobile environments. It extends understanding of bank adoption providing useful information for all stakeholders. It has implications for banks regarding multi-channel banking and the motivators and challenges influencing its adoption.

SMS Security Issues

Chapter

Feb 2012

Iosif Androulidakis

Short messaging service is one of the most widely used services of mobile telephony. As we will see in this chapter, there are threats to its confidentiality, integrity, and availability. Even worse, the advent of more advanced capabilities and services, including mobile shopping and mobile banking transactions, which largely rely on the ability to send and receive short text messages to authenticate the user, will raise even stronger security concerns.

Formal verification: An imperative step in the design of security protocols

Article

Dec 2003
COMPUT NETW

Traditionally, security protocols have been designed and verified using informal techniques. However, the absence of formal verification can lead to security errors remaining undetected. Formal verification techniques, on the other hand, provide a systematic way of discovering protocol flaws.This paper discusses the process of formal verification using modal logics. The verification process is demonstrated by way of case studies on three security protocols, which are designed for use in mobile communications. Our formal analysis discovers all known flaws in the three chosen protocols. Further, a hitherto unknown flaw is identified in these protocols. This flaw causes a protocol failure, which can be exploited in an attack where an adversary impersonates a legitimate protocol participant. A new protocol, resistant to this attack, is proposed and formally verified, giving confidence in the correctness of the protocol.The result of these case studies, where formal verification successfully discovers all these flaws, demonstrates that using formal verification techniques is an imperative step in the design of security protocols.

The concept of layered proving trees and its application to the automation of security protocol verification

Article

Aug 2005

Security protocols are one of the most critical elements in enabling the secure communication and processing of information. The presence of flaws in published protocols highlights the complexity of security protocol design. Only formal verification can provide strong confidence in the correctness of security protocols and is considered an imperative step in their design. This paper presents a new theoretical concept, called Layered Proving Trees, for automatically applying logical postulates in logic-based security protocol verification.An algorithm for the new concept is introduced and the soundness and completeness of the technique is proved. Empirical results on the performance of the algorithm are presented. The presented proofs and empirical results demonstrate the feasibility and effectiveness of the Layered Proving Tree approach.

GSM Security Issues and Challenges

Conference Paper

Jul 2006

This paper addresses the current GSM security system. It presents the terminology, operation including principals and features. It also discusses the flaws and weaknesses of GSM security algorithms in the light of attacks already made on these algorithms. This paper primarily reviews the security solutions implemented in this area for further applications.

An investigation of the military applications of commercial personal satellite-communications systems

Conference Paper

Feb 1999

This paper provides a summary of the results of a four-nation workshop that investigated the military use of commercial satellite-based personal communications systems (SPCS). Military considerations and nine potential application areas are described. Of the fifteen vulnerability of SPCS examined in the workshop, six of the more important vulnerabilities (jamming, detection, position location, interception, communications security, and system and network control), and four limitations (capacity, coverage, user terminals, and regulatory) are discussed. A method for comparing and rating SPCS systems for military purposes is presented followed by an example comparing six planned or operational SPCS systems

Conference Paper

Cost evaluation on secure routing over powerlines for WMNs

January 2008

In Wireless Mesh Networks (WMNs), wireless nodes exchange routing messages among themselves to build routing tables. Since routing messages are sensitive and critical information, they should be kept confidential and protected. However, the existing WMNs convey the routing messages in an open medium (air) where the messages can be accessed publicly. By abusing the messages, attackers could launch ... [Show full abstract] various kinds of attack such as black hole, wormhole, reply, denial of services, and routing table poisoning. In this paper, we present a secure routing architecture for WMNs in which the routing messages are protected by making use of powerline as the routing medium. We also propose three routing protocols for the proposed architecture. The implementation costs of these protocols are evaluated under different scenarios.

Conference Paper

Motion Based Communication Channels between Mobile Robots - A Novel Paradigm for Bandwidth Informati...

November 2009

A formal notion of gesturing defined as the modulation of relative separation between mobile robots has been explored in. We extend this work by developing a peer-to-peer communication channel and an associated distributed communication protocol based exclusively on the modulation of relative motion and its observation. Protocols that enable two unicycle vehicles modulating their relative ... [Show full abstract] separation in the plane to effectively exchange information, as well as nonlinear control laws that enable these protocols are presented. Only local information is assumed for the control action. We illustrate the contextual nature of such signaling by showing applications to secure communication as well as robot formation motion. Simulations are presented to validate the work.

Article

On the detection of desynchronisation attacks against security protocols that use dynamic shared sec...

February 2013 · Computers & Security

Many peer-to-peer security protocols in mobile communications utilise shared secrets. Synchronous storage of shared secrets is imperative for the successful operation of security protocols, as asynchronous storage of shared secrets may lead to service unavailability. Hence, update mechanisms must not only guarantee the secrecy of shared secrets, but also their synchrony.This paper addresses ... [Show full abstract] synchronisation weaknesses in security protocols for wireless communications. It is demonstrated that a wide range of protocols contain such weaknesses. A new class of attack, called suppress-and-desynchronise attack, is introduced that exploit these weaknesses. These new attacks desynchronise the shared secrets of principals by suppressing messages, resulting in a permanent denial of service condition.A verification system to model update mechanisms for shared secrets is introduced. Based on this verification system detection rules are developed that are able to detect synchronisation weaknesses that can be exploited by suppress-and-desynchronise attacks. Application of the detection rules to three security protocols results in the detection of hitherto unknown weaknesses. Consequently, these security protocols are susceptible to suppress-and-desynchronise attacks and details of mounting the attacks are presented. Finally, amendments to one of these protocols are proposed and application of the introduced formal system establishes the immunity of the amended protocol against suppress-and-desynchronise attacks.

Article

SMS-based traffic information processing system and its implementation

April 2008

As the developing of transportation scale and being popular of the conveyances in modern society illegal traffic affair happened more frequently. The transportation intelligentalization and informationalization are more and more urgent to be required. A structure of illegal traffic information processing and communication system is proposed based on public mobile communication system. The related ... [Show full abstract] mobile communication protocols of GPRS, mainly SMS system and protocols between computer interference and communication ends are introduced, the flow diagrams of their main implementation routines are then given in this paper. The realization results are also shown.