A Security Formal Verification Method for Protocols Using Cryptographic Contactless Smart Cards

Thumbnail Image
Files
16_01_0132_0139.pdf(259.4 KB)
Date
2016-04
Authors
Henzl, Martin
Hanacek, Petr
ORCID
Advisor
Referee
Mark
Journal Title
Journal ISSN
Volume Title
Publisher
Společnost pro radioelektronické inženýrství
Altmetrics
Abstract
We present a method of contactless smart card protocol modeling suitable for finding vulnerabilities using model checking. Smart cards are used in applications that require high level of security, such as payment applications, therefore it should be ensured that the implementation does not contain any vulnerabilities. High level application specifications may lead to different implementations. Protocol that is proved to be secure on high level and that uses secure smart card can be implemented in more than one way, some of these implementations are secure, some of them introduce vulnerabilities to the application. The goal of this paper is to provide a method that can be used to create a model of arbitrary smart card, with focus on contactless smart cards, to create a model of the protocol, and to use model checking to find attacks in this model. AVANTSSAR Platform was used for the formal verification, the models are written in the ASLan++ language. Examples demonstrate the usability of the proposed method.
Description
Keywords
Security, Smart Card, Model Checking, ASLan++, Formal Verification, Protocol
Citation
Radioengineering. 2016 vol. 25, č. 1, s. 132-139. ISSN 1210-2512
http://www.radioeng.cz/fulltexts/2016/16_01_0073_0080.pdf
Document type
Peer-reviewed
Document version
Published version
Date of access to the full text
Language of document
en
Study field
Comittee
Date of acceptance
Defence
Result of defence
Document licence
Creative Commons Attribution 3.0 Unported License
http://creativecommons.org/licenses/by/3.0/
DOI
10.13164/re.2016.0132
URI
http://hdl.handle.net/11012/57919
Collections
2016/1
Citace PRO