Protocol Analysis with Time
This work addresses the need for formal analysis of time-dependent cryptographic protocols, which is incremental as it builds on existing protocol analysis tools.
The authors tackled the problem of analyzing cryptographic protocols that incorporate time, by developing a timed protocol framework with a process algebra and transition semantics that accounts for time properties. They demonstrated feasibility by implementing it in Maude-NPA with an SMT solver, successfully analyzing attacks like Mafia fraud and distance hijacking on distance-bounding protocols.
We present a framework suited to the analysis of cryptographic protocols that make use of time in their execution. We provide a process algebra syntax that makes time information available to processes, and a transition semantics that takes account of fundamental properties of time. Additional properties can be added by the user if desirable. This timed protocol framework can be implemented either as a simulation tool or as a symbolic analysis tool in which time references are represented by logical variables, and in which the properties of time are implemented as constraints on those time logical variables. These constraints are carried along the symbolic execution of the protocol. The satisfiability of these constraints can be evaluated as the analysis proceeds, so attacks that violate the laws of physics can be rejected as impossible. We demonstrate the feasibility of our approach by using the Maude-NPA protocol analyzer together with an SMT solver that is used to evaluate the satisfiability of timing constraints. We provide a sound and complete protocol transformation from our timed process algebra to the Maude-NPA syntax and semantics, and we prove its soundness and completeness. We then use the tool to analyze Mafia fraud and distance hijacking attacks on a suite of distance-bounding protocols.