Mobile values, new names, and secure communication
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Handbook of Applied Cryptography
Handbook of Applied Cryptography
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Increasing Attack Resiliency of Wireless Ad Hoc and Sensor Networks
ICDCSW '05 Proceedings of the Second International Workshop on Security in Distributed Computing Systems (SDCS) (ICDCSW'05) - Volume 02
Interleaved hop-by-hop authentication against false data injection attacks in sensor networks
ACM Transactions on Sensor Networks (TOSN)
Automatic verification of correspondences for security protocols
Journal of Computer Security
Protocol analysis for concrete environments
EUROCAST'05 Proceedings of the 10th international conference on Computer Aided Systems Theory
The AVISPA tool for the automated validation of internet security protocols and applications
CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
Exploring message authentication in sensor networks
ESAS'04 Proceedings of the First European conference on Security in Ad-hoc and Sensor Networks
Discrete Applied Mathematics
On computing the minimum 3-path vertex cover and dissociation number of graphs
Theoretical Computer Science
Discrete Applied Mathematics
Hi-index | 0.00 |
The Canvas protocol was developed by Harald Vogt [10] and should provide data integrity in Wireless Sensor Networks. However, Dieter Gollmann published [5] an attack on the protocol. This example supports a widespread belief that design of security protocols is notoriously error-prone. Therefore, it is required to use formal methods to analyze their security properties. In the paper we present design and analysis of a generalized Canvas protocol. We consider the fallacy of the Canvas scheme in different models of the attacker and present a solution for correcting the scheme. We discuss a motivation for generalization of the Canvas protocol and introduce a k-generalized version of the scheme for some parameter k≥2. We build a formal model of the k-generalized Canvas protocol in the applied pi-calculus. This model includes a model of the network topology, communication channels, captured nodes, and capabilities of the attacker. In the semantic model of the applied pi-calculus we specify the data integrity property of the scheme. We prove that the proposed k-generalized Canvas scheme, in the presence of an active adversary, provides data integrity of messages assuming that at least one honest node exists on each path of the length k−1 in the communication graph of a sensor network. Finally, we discuss the usability of the proposed formal model for other WSN security protocols.