Analysing Routing Protocols: Four Nodes Topologies Are Sufficient

Cortier, Véronique; Degrieck, Jan; Delaune, Stéphanie

doi:10.1007/978-3-642-28641-4_3

Cited by 15 publications

(20 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Another direction is the enrichment of our attacker model, so as to model fully compromised nodes which disclose their long-term keys or fresh nonces generated during the execution of the protocols, and active attackers able to forge messages and interact with honest agents. Finally, from the point of view of the verification, a reduction result on network topologies as presented in [11] would make the perspective of automated proofs of anonymity easier.…”

Section: Resultsmentioning

confidence: 99%

See 1 more Smart Citation

Formal Analysis of Privacy for Routing Protocols in Mobile Ad Hoc Networks

Chrétien

Delaune

2013

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. Routing protocols aim at establishing a route between distant nodes in ad hoc networks. Secured versions of routing protocols have been proposed to provide more guarantees on the resulting routes, and some of them have been designed to protect the privacy of the users. In this paper, we propose a framework for analysing privacy-type properties for routing protocols. We use a variant of the applied-pi calculus as our basic modelling formalism. More precisely, using the notion of equivalence between traces, we formalise three security properties related to privacy, namely indistinguishability, unlinkability, and anonymity. We study the relationship between these definitions and we illustrate them using two versions of the ANODR routing protocol.

show abstract

Section: Resultsmentioning

confidence: 99%

“…Our calculus is actually inspired from some other calculi (e.g. [17,6,11]) which allow mobile wireless networks and their security properties to be formally described and analysed. We adapt those formalisms in order to be able to express privacy-type properties such as those studied in this paper.…”

Section: Models For Protocolsmentioning

confidence: 99%

Formal Analysis of Privacy for Routing Protocols in Mobile Ad Hoc Networks

Chrétien

Delaune

2013

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…We use the CBS [12] calculus to model routing protocol, and the transition rules introduced in [2] to model the communications between nodes, after updating them to handle the behaviour of the non-cooperative malicious nodes instead of the cooperative ones. Then, we revisit the work presented by Cortier et al in [6], where they show that when looking for attacks on route validity under the cooperative model it is enough to check only five particular small topologies. We show that the same result is also valid in case the of non-cooperative model: first, we show that if there is an attack on a routing protocol in a certain topology under the non-cooperative model, then there is an attack on this protocol in a smaller topology obtained from the original one by a simple reduction.…”

Section: Contributionsmentioning

confidence: 98%

“…It can control only a finite number of nodes (typically one or two), and thus it can listen to the communication of its neighbours but it is not possible to listen beyond the neighbouring nodes. Cortier et al [6] proposed a reduction proof when looking for route validity property under the cooperative attacker model, i.e. a model that allows distant malicious nodes to communicate using out-of-band resources, and thus to share their knowledge.…”

Section: Introductionmentioning

confidence: 99%

A More Realistic Model for Verifying Route Validity in Ad-Hoc Networks

Kassem

Lafourcade

Lakhnech

2014

Foundations and Practice of Security

View full text Add to dashboard Cite

Many cryptographic protocols aim at ensuring the route validity in ad-hoc networks, i.e. the established route representing an exists path in the network. However, flaws have been found in some protocols that are claimed secure (e.g. the attack on SRP applied to DSR). Some formal models and reduction proofs have been proposed to give more guarantees when verifying route validity and facilitate verification process. The existing approaches assume the cooperative attacker model. In this paper, we consider the non-cooperative attacker model, and we show that verifying the route validity under the non-cooperative model requires to verify only five topologies, each containing four nodes, and to consider only three malicious (compromised) nodes. Furthermore, we prove that a protocol is secure for any topology under the non-cooperative model, if and only if, it is secure for any topology under the cooperative model.

show abstract

“…Networking Protocol Verification. Recently, several papers have investigated the verification of route authenticity properties on specific wireless routing protocols for mobile networks [2,3,11]. They have showed that identifying attacks on route authenticity can be reduced to constraint solving, and that the security analysis of a specific route authenticity property that depends on the topologies of network instances can be reduced to checking these properties on several four-node topologies.…”

Section: Related Workmentioning

confidence: 99%

A Program Logic for Verifying Secure Routing Protocols

Chen

Jia

et al. 2014

Formal Techniques for Distributed Objects, Components, and Systems

View full text Add to dashboard Cite

Abstract. The Internet, as it stands today, is highly vulnerable to attacks. However, little has been done to understand and verify the formal security guarantees of proposed secure inter-domain routing protocols, such as Secure BGP (S-BGP). In this paper, we develop a sound program logic for SANDLog-a declarative specification language for secure routing protocols-for verifying properties of these protocols. We prove invariant properties of SANDLog programs that run in an adversarial environment. As a step towards automated verification, we implement a verification condition generator (VCGen) to automatically extract proof obligations. VCGen is integrated into a compiler for SANDLog that can generate executable protocol implementations; and thus, both verification and empirical evaluation of secure routing protocols can be carried out in this unified framework. To validate our framework, we encoded several proposed secure routing mechanisms in SANDLog, verified variants of path authenticity properties by manually discharging the generated verification conditions in Coq, and generated executable code based on SANDLog specification and ran the code in simulation.

show abstract

Analysing Routing Protocols: Four Nodes Topologies Are Sufficient

Cited by 15 publications

References 25 publications

Formal Analysis of Privacy for Routing Protocols in Mobile Ad Hoc Networks

Formal Analysis of Privacy for Routing Protocols in Mobile Ad Hoc Networks

A More Realistic Model for Verifying Route Validity in Ad-Hoc Networks

A Program Logic for Verifying Secure Routing Protocols

Contact Info

Product

Resources

About