Formalization and Verification of the PKMv3 Protocol Using CSP

Yuanmin Xu; Huibiao Zhu; Xiaoran Zhu; Xi Wu; Jian Guo; Gang Lu

doi:10.1109/COMPSAC.2017.133

Formalization and Verification of the PKMv3 Protocol Using CSP

Yuanmin Xu
, Huibiao Zhu
, Xiaoran Zhu
, Xi Wu
, Jian Guo
, Gang Lu^*

^*Corresponding author for this work

Software Engineering Institute

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

2 Scopus citations

Abstract

IEEE 802.16m, aiming at providing secure communication pathways between the base station (BS) and the mobile station (MS), is a broadband wireless MAN (Metropolitan Area Network) standard. Its security sublayer contains a Privacy Key Management (PKM) protocol, which achieves authentication and key management in the communication process. In this paper, we apply Communicating Sequential Processes (CSP) to formally analyze the latest version of the PKM (PKMv3) protocol. Both communication entities, i.e., the mobile station and the base station, are modelled as processes in our modelling framework. Besides, we introduce intruders in our formalization who have capabilities of intercepting, faking and overhearing. Furthermore, we employ the Process Analysis Toolkit (PAT), a model checker for CSP, to implement the entire model and then verify some non-trivial properties, such as secrecy violation and timeout freedom. With respect to the verification results, we discuss some cases where intruders may take place. Consequently, through our framework, a better understanding of the PKMv3 protocol can be achieved.

Original language	English
Title of host publication	Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference, COMPSAC 2017
Editors	Claudio Demartini, Thomas Conte, Motonori Nakamura, Chung-Horng Lung, Zhiyong Zhang, Kamrul Hasan, Sorel Reisman, Ling Liu, William Claycomb, Hiroki Takakura, Ji-Jiang Yang, Edmundo Tovar, Stelvio Cimato, Sheikh Iqbal Ahamed, Toyokazu Akiyama
Publisher	IEEE Computer Society
Pages	499-504
Number of pages	6
ISBN (Electronic)	9781538603673
DOIs	https://doi.org/10.1109/COMPSAC.2017.133
State	Published - 7 Sep 2017
Event	41st IEEE Annual Computer Software and Applications Conference, COMPSAC 2017 - Torino, Italy Duration: 4 Jul 2017 → 8 Jul 2017

Publication series

Name	Proceedings - International Computer Software and Applications Conference
Volume	1
ISSN (Print)	0730-3157

Conference

Conference	41st IEEE Annual Computer Software and Applications Conference, COMPSAC 2017
Country/Territory	Italy
City	Torino
Period	4/07/17 → 8/07/17

Keywords

CSP
Formalization
PAT
PKMv3 protocol
Verification

Access to Document

10.1109/COMPSAC.2017.133

Cite this

Xu, Y., Zhu, H., Zhu, X., Wu, X., Guo, J., & Lu, G. (2017). Formalization and Verification of the PKMv3 Protocol Using CSP. In C. Demartini, T. Conte, M. Nakamura, C.-H. Lung, Z. Zhang, K. Hasan, S. Reisman, L. Liu, W. Claycomb, H. Takakura, J.-J. Yang, E. Tovar, S. Cimato, S. I. Ahamed, & T. Akiyama (Eds.), Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference, COMPSAC 2017 (pp. 499-504). Article 8029650 (Proceedings - International Computer Software and Applications Conference; Vol. 1). IEEE Computer Society. https://doi.org/10.1109/COMPSAC.2017.133

Xu, Yuanmin ; Zhu, Huibiao ; Zhu, Xiaoran et al. / Formalization and Verification of the PKMv3 Protocol Using CSP. Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference, COMPSAC 2017. editor / Claudio Demartini ; Thomas Conte ; Motonori Nakamura ; Chung-Horng Lung ; Zhiyong Zhang ; Kamrul Hasan ; Sorel Reisman ; Ling Liu ; William Claycomb ; Hiroki Takakura ; Ji-Jiang Yang ; Edmundo Tovar ; Stelvio Cimato ; Sheikh Iqbal Ahamed ; Toyokazu Akiyama. IEEE Computer Society, 2017. pp. 499-504 (Proceedings - International Computer Software and Applications Conference).

@inproceedings{aa1dae872eb545deb45e91b6bff53785,

title = "Formalization and Verification of the PKMv3 Protocol Using CSP",

abstract = "IEEE 802.16m, aiming at providing secure communication pathways between the base station (BS) and the mobile station (MS), is a broadband wireless MAN (Metropolitan Area Network) standard. Its security sublayer contains a Privacy Key Management (PKM) protocol, which achieves authentication and key management in the communication process. In this paper, we apply Communicating Sequential Processes (CSP) to formally analyze the latest version of the PKM (PKMv3) protocol. Both communication entities, i.e., the mobile station and the base station, are modelled as processes in our modelling framework. Besides, we introduce intruders in our formalization who have capabilities of intercepting, faking and overhearing. Furthermore, we employ the Process Analysis Toolkit (PAT), a model checker for CSP, to implement the entire model and then verify some non-trivial properties, such as secrecy violation and timeout freedom. With respect to the verification results, we discuss some cases where intruders may take place. Consequently, through our framework, a better understanding of the PKMv3 protocol can be achieved.",

keywords = "CSP, Formalization, PAT, PKMv3 protocol, Verification",

author = "Yuanmin Xu and Huibiao Zhu and Xiaoran Zhu and Xi Wu and Jian Guo and Gang Lu",

note = "Publisher Copyright: {\textcopyright} 2017 IEEE.; 41st IEEE Annual Computer Software and Applications Conference, COMPSAC 2017 ; Conference date: 04-07-2017 Through 08-07-2017",

year = "2017",

month = sep,

day = "7",

doi = "10.1109/COMPSAC.2017.133",

language = "英语",

series = "Proceedings - International Computer Software and Applications Conference",

publisher = "IEEE Computer Society",

pages = "499--504",

editor = "Claudio Demartini and Thomas Conte and Motonori Nakamura and Chung-Horng Lung and Zhiyong Zhang and Kamrul Hasan and Sorel Reisman and Ling Liu and William Claycomb and Hiroki Takakura and Ji-Jiang Yang and Edmundo Tovar and Stelvio Cimato and Ahamed, \{Sheikh Iqbal\} and Toyokazu Akiyama",

booktitle = "Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference, COMPSAC 2017",

address = "美国",

}

Xu, Y, Zhu, H, Zhu, X, Wu, X, Guo, J & Lu, G 2017, Formalization and Verification of the PKMv3 Protocol Using CSP. in C Demartini, T Conte, M Nakamura, C-H Lung, Z Zhang, K Hasan, S Reisman, L Liu, W Claycomb, H Takakura, J-J Yang, E Tovar, S Cimato, SI Ahamed & T Akiyama (eds), Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference, COMPSAC 2017., 8029650, Proceedings - International Computer Software and Applications Conference, vol. 1, IEEE Computer Society, pp. 499-504, 41st IEEE Annual Computer Software and Applications Conference, COMPSAC 2017, Torino, Italy, 4/07/17. https://doi.org/10.1109/COMPSAC.2017.133

Formalization and Verification of the PKMv3 Protocol Using CSP. / Xu, Yuanmin; Zhu, Huibiao; Zhu, Xiaoran et al.
Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference, COMPSAC 2017. ed. / Claudio Demartini; Thomas Conte; Motonori Nakamura; Chung-Horng Lung; Zhiyong Zhang; Kamrul Hasan; Sorel Reisman; Ling Liu; William Claycomb; Hiroki Takakura; Ji-Jiang Yang; Edmundo Tovar; Stelvio Cimato; Sheikh Iqbal Ahamed; Toyokazu Akiyama. IEEE Computer Society, 2017. p. 499-504 8029650 (Proceedings - International Computer Software and Applications Conference; Vol. 1).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Formalization and Verification of the PKMv3 Protocol Using CSP

AU - Xu, Yuanmin

AU - Zhu, Huibiao

AU - Zhu, Xiaoran

AU - Wu, Xi

AU - Guo, Jian

AU - Lu, Gang

PY - 2017/9/7

Y1 - 2017/9/7

N2 - IEEE 802.16m, aiming at providing secure communication pathways between the base station (BS) and the mobile station (MS), is a broadband wireless MAN (Metropolitan Area Network) standard. Its security sublayer contains a Privacy Key Management (PKM) protocol, which achieves authentication and key management in the communication process. In this paper, we apply Communicating Sequential Processes (CSP) to formally analyze the latest version of the PKM (PKMv3) protocol. Both communication entities, i.e., the mobile station and the base station, are modelled as processes in our modelling framework. Besides, we introduce intruders in our formalization who have capabilities of intercepting, faking and overhearing. Furthermore, we employ the Process Analysis Toolkit (PAT), a model checker for CSP, to implement the entire model and then verify some non-trivial properties, such as secrecy violation and timeout freedom. With respect to the verification results, we discuss some cases where intruders may take place. Consequently, through our framework, a better understanding of the PKMv3 protocol can be achieved.

AB - IEEE 802.16m, aiming at providing secure communication pathways between the base station (BS) and the mobile station (MS), is a broadband wireless MAN (Metropolitan Area Network) standard. Its security sublayer contains a Privacy Key Management (PKM) protocol, which achieves authentication and key management in the communication process. In this paper, we apply Communicating Sequential Processes (CSP) to formally analyze the latest version of the PKM (PKMv3) protocol. Both communication entities, i.e., the mobile station and the base station, are modelled as processes in our modelling framework. Besides, we introduce intruders in our formalization who have capabilities of intercepting, faking and overhearing. Furthermore, we employ the Process Analysis Toolkit (PAT), a model checker for CSP, to implement the entire model and then verify some non-trivial properties, such as secrecy violation and timeout freedom. With respect to the verification results, we discuss some cases where intruders may take place. Consequently, through our framework, a better understanding of the PKMv3 protocol can be achieved.

KW - CSP

KW - Formalization

KW - PAT

KW - PKMv3 protocol

KW - Verification

UR - https://www.scopus.com/pages/publications/85031900856

U2 - 10.1109/COMPSAC.2017.133

DO - 10.1109/COMPSAC.2017.133

M3 - 会议稿件

AN - SCOPUS:85031900856

T3 - Proceedings - International Computer Software and Applications Conference

SP - 499

EP - 504

BT - Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference, COMPSAC 2017

A2 - Demartini, Claudio

A2 - Conte, Thomas

A2 - Nakamura, Motonori

A2 - Lung, Chung-Horng

A2 - Zhang, Zhiyong

A2 - Hasan, Kamrul

A2 - Reisman, Sorel

A2 - Liu, Ling

A2 - Claycomb, William

A2 - Takakura, Hiroki

A2 - Yang, Ji-Jiang

A2 - Tovar, Edmundo

A2 - Cimato, Stelvio

A2 - Ahamed, Sheikh Iqbal

A2 - Akiyama, Toyokazu

PB - IEEE Computer Society

T2 - 41st IEEE Annual Computer Software and Applications Conference, COMPSAC 2017

Y2 - 4 July 2017 through 8 July 2017

ER -

Xu Y, Zhu H, Zhu X, Wu X, Guo J, Lu G. Formalization and Verification of the PKMv3 Protocol Using CSP. In Demartini C, Conte T, Nakamura M, Lung CH, Zhang Z, Hasan K, Reisman S, Liu L, Claycomb W, Takakura H, Yang JJ, Tovar E, Cimato S, Ahamed SI, Akiyama T, editors, Proceedings - 2017 IEEE 41st Annual Computer Software and Applications Conference, COMPSAC 2017. IEEE Computer Society. 2017. p. 499-504. 8029650. (Proceedings - International Computer Software and Applications Conference). doi: 10.1109/COMPSAC.2017.133

Formalization and Verification of the PKMv3 Protocol Using CSP

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this