1 / 24

Protocol Design and Verification Methods in Network Communication

Explore communication abstractions, protocol layering, and formal methods for network protocol specification and verification in network systems. Learn about BAN logic and abstract protocol notations to analyze and uncover protocol weaknesses effectively.

williamskathryn
Download Presentation

Protocol Design and Verification Methods in Network Communication

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Protocols Network Systems Security Mort Anvari

  2. Network Protocols • Abstractions of communication between two processes over a network • Define message formats • Define legitimate sequence of messages • Take care of physical details of different network hardware and machines • Separate tasks in complex communication networks • For example, FTP and ARP

  3. Protocol Layering • Many problems need to be solved in a communication network • These problems can be divided into smaller sets and different protocols are designed for each set of problem • Protocols can be organized into layers to keep them easy to manage

  4. Properties of Protocol Layer • Functions of each layer are independent of functions of other layers • Thus each layer is like a module and can be developed independently • Each layer builds on services provided by lower layers • Thus no need to worry about details of lower layers -- transparent to this layer

  5. Protocol Stack: OSI Model Application Presentation Session Transport Network Data link Physical

  6. Communicating End Hosts Host Host Application Application Presentation Presentation Session Session Transport Router Transport Network Network Network Data link Data link Data link Physical Physical Physical

  7. Verification of Network Protocols • Many complex protocols performs multiple functions with multiple messages • It is desirable to verify that a protocol can correctly perform functions that it was designed for • Particularly important for security protocols

  8. Traditional Ways of Network Protocol Specification • Plain English • Time charts • Programming languages

  9. Shortcomings of Plain English • Ambiguity • Different words can have similar meanings process p sends message m to process q process p transmits message m to process q process p forwards message m to process q process p delivers message m to process q • Same word can have different meanings process p sends message m to process q process p sends file f to process q

  10. Shortcoming of Time Chart • Not scalable • Many legitimate sequences of messages • Cannot list all possible legitimate sequences when the number of sequences grows exponentially

  11. Shortcoming of UsingProgramming Language • Hard to prove correctness of protocol specification • For example, protocol specified in C language may involve overlap, and may involve transmission delay

  12. Formal Ways of Network Protocol Specification • BAN logic • Abstract Protocol Notation

  13. BAN Logic • Invented by Burrows, Abadi, and Needham • Use logical constructs and postulates to analyze authentication protocols and uncover various protocol weaknesses

  14. Logical Constructs • Assume P and Q are network agents, X is a message, and K is an encryption key • P believes X: P acts as if X is true, and may assert X in other messages • P has jurisdiction over X: P's beliefs about X should be trusted • P said X: At one time, P transmitted (and believed) message X, although P might no longer believe X • P sees X: P receives message X, and can read and repeat X • {X}K: X is encrypted with key K • fresh(X): X was sent recently • key(K, P<->Q): P and Q may communicate with shared key K

  15. Examples of Postulates • If P believes key(K, P<->Q), and P sees {X}K, then P believes (Q said X) • If P believes (Q said X) and P believes fresh(X), then P believes (Q believes X) • If P believes (Q has jurisdiction over X) and P believes (Q believes X), then P believes X • If P believes that Q said <X, Y>, the concatenation of X and Y, then P also believes that Q said X, and P also believes that Q said Y

  16. Shortcomings of BAN Logic • High level of abstraction • Need for a protocol idealization step, in which user is required to transform each message in a protocol into formulas • Can only verify a round everytime

  17. Abstract Protocol Notation • Presented by Mohamed Gouda in the book Elements of Network Protocol Design • Formal and scalable • Proof of correctness of protocol specification can be easily done using state transition diagram

  18. Communication Model • A network of processes and two unbounded FIFO channels between every two processes Set of messages process p … process q … - - - - - - -

  19. Process Specification • Each process in a protocol is specified as follows process px inp <name of input> : <type of input> … <name of input> : <type of input> var <name of variable> : <type of variable> … <name of variable> : <type of variable> begin <action> [] <action> … [] <action> end

  20. Action Execution • Specified as <guard> -> <statement> • Satisfy three conditions • Atomic: actions in the whole protocol are executed one at a time; one action cannot start while another action execution is in progress • Non-deterministic: an action is executed only when its guard is true • Fair: if guard of an action is continuously true, then the action is eventually executed

  21. State Transition Diagram • Define semantic of a protocol • State is defined by a value for each variable in protocol and by a message set for each channel in protocol • Transition is movement from current state to next state triggered by an action execution

  22. Adversary Model • Adversary can change contents of protocol channels by executing the following actions a finite number of times • Message loss: lose an original message • Message modification: modify the field of an original message to cause a modified message • Message replay: replace an original message by another original message to cause a replayed message • Message insertion: add to a channel a finite number of arbitrary messages

  23. Prove Correctness of Secure Protocol • Execution of adversary actions may lead the protocol to a bad state • Protocol is said to be correct if it converges to its good cycle in a finite number of steps after adversary finishes executing its actions

  24. Next Class • Network security tools to counter the effects of adversary actions • Cryptography backgrounds of network security tools

More Related