Modelling Identity-Based Authentication and Key Exchange Protocol Using the Tamarin Prover

Srijanee Mookherji; Vanga Odelu; Rajendra Prasath; Alavalapati Goutham Reddy; Basker Palaniswamy

doi:10.1007/978-981-99-5091-1_9

Modelling Identity-Based Authentication and Key Exchange Protocol Using the Tamarin Prover

Srijanee Mookherji
, Vanga Odelu
, Rajendra Prasath
, Alavalapati Goutham Reddy
, Basker Palaniswamy

Research output: Chapter in Book/Report/Conference proceedings › Conference proceeding › peer-review

Abstract

In real-time applications, authentication plays a vital role in enabling secure communications. The authentication protocols need to be formally verified under a defined threat model. Unless the protocols are verified for the intended security, the purpose of employing such protocols may eventually fail. There are multiple ways to formally verify the security of the authentication protocols including the use of automatic verification tools like the Tamarin Prover. The Tamarin Prover tool supports equational theories along with built-in functions. However, this tool does not support some mathematical operations such as elliptic curve point addition. It is necessary to have point addition in Identity-Based Encryption (IBE)-based authentication protocols. Chen–Kudla modelled the point addition operation in the Tamarin Prover using a technique based on concatenation. However, this technique is not applicable to all identity-based protocols including IBE-based authentication protocols. In this paper, we present a modelling technique known as normalised precomputation for point addition using a hash function. We analyse the security of a simple identity-based encryption-based key exchange protocol under extended Canetti and Krawczyk’s (eCK) adversary model. Our analysis shows that the proposed technique is secure and retains the properties of point addition. Therefore, the technique can be applied to different IBE-based authentication protocols where point addition operation is necessary.

Original language	English
Title of host publication	Information Security, Privacy and Digital Forensics - Select Proceedings of the International Conference, ICISPD 2022
Editors	Sankita J. Patel, Naveen Kumar Chaudhary, Bhavesh N. Gohil, S. S. Iyengar
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	107-122
Number of pages	16
ISBN (Print)	9789819950904
DOIs	https://doi.org/10.1007/978-981-99-5091-1_9
Publication status	Published - 2024
Externally published	Yes
Event	International Conference on Information Security, Privacy, and Digital Forensics, 2022 - Goa, India Duration: 2 Dec 2022 → 3 Dec 2022

Publication series

Name	Lecture Notes in Electrical Engineering
Volume	1075 LNEE
ISSN (Print)	1876-1100
ISSN (Electronic)	1876-1119

Conference

Conference	International Conference on Information Security, Privacy, and Digital Forensics, 2022
Country/Territory	India
City	Goa
Period	2/12/22 → 3/12/22

Keywords

Authentication protocol
eCK-Adversary model
Elliptic curve point addition
Key exchange
The Tamarin Prover

Access to Document

10.1007/978-981-99-5091-1_9

Cite this

Mookherji, S., Odelu, V., Prasath, R., Reddy, A. G., & Palaniswamy, B. (2024). Modelling Identity-Based Authentication and Key Exchange Protocol Using the Tamarin Prover. In S. J. Patel, N. K. Chaudhary, B. N. Gohil, & S. S. Iyengar (Eds.), Information Security, Privacy and Digital Forensics - Select Proceedings of the International Conference, ICISPD 2022 (pp. 107-122). (Lecture Notes in Electrical Engineering; Vol. 1075 LNEE). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-981-99-5091-1_9

Mookherji, Srijanee ; Odelu, Vanga ; Prasath, Rajendra et al. / Modelling Identity-Based Authentication and Key Exchange Protocol Using the Tamarin Prover. Information Security, Privacy and Digital Forensics - Select Proceedings of the International Conference, ICISPD 2022. editor / Sankita J. Patel ; Naveen Kumar Chaudhary ; Bhavesh N. Gohil ; S. S. Iyengar. Springer Science and Business Media Deutschland GmbH, 2024. pp. 107-122 (Lecture Notes in Electrical Engineering).

@inproceedings{05488b6c89a648cd922339d101e052d3,

title = "Modelling Identity-Based Authentication and Key Exchange Protocol Using the Tamarin Prover",

abstract = "In real-time applications, authentication plays a vital role in enabling secure communications. The authentication protocols need to be formally verified under a defined threat model. Unless the protocols are verified for the intended security, the purpose of employing such protocols may eventually fail. There are multiple ways to formally verify the security of the authentication protocols including the use of automatic verification tools like the Tamarin Prover. The Tamarin Prover tool supports equational theories along with built-in functions. However, this tool does not support some mathematical operations such as elliptic curve point addition. It is necessary to have point addition in Identity-Based Encryption (IBE)-based authentication protocols. Chen–Kudla modelled the point addition operation in the Tamarin Prover using a technique based on concatenation. However, this technique is not applicable to all identity-based protocols including IBE-based authentication protocols. In this paper, we present a modelling technique known as normalised precomputation for point addition using a hash function. We analyse the security of a simple identity-based encryption-based key exchange protocol under extended Canetti and Krawczyk{\textquoteright}s (eCK) adversary model. Our analysis shows that the proposed technique is secure and retains the properties of point addition. Therefore, the technique can be applied to different IBE-based authentication protocols where point addition operation is necessary.",

keywords = "Authentication protocol, eCK-Adversary model, Elliptic curve point addition, Key exchange, The Tamarin Prover",

author = "Srijanee Mookherji and Vanga Odelu and Rajendra Prasath and Reddy, \{Alavalapati Goutham\} and Basker Palaniswamy",

note = "Publisher Copyright: {\textcopyright} 2024, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.; International Conference on Information Security, Privacy, and Digital Forensics, 2022 ; Conference date: 02-12-2022 Through 03-12-2022",

year = "2024",

doi = "10.1007/978-981-99-5091-1\_9",

language = "English",

isbn = "9789819950904",

series = "Lecture Notes in Electrical Engineering",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "107--122",

editor = "Patel, \{Sankita J.\} and Chaudhary, \{Naveen Kumar\} and Gohil, \{Bhavesh N.\} and Iyengar, \{S. S.\}",

booktitle = "Information Security, Privacy and Digital Forensics - Select Proceedings of the International Conference, ICISPD 2022",

address = "Germany",

}

Mookherji, S, Odelu, V, Prasath, R, Reddy, AG & Palaniswamy, B 2024, Modelling Identity-Based Authentication and Key Exchange Protocol Using the Tamarin Prover. in SJ Patel, NK Chaudhary, BN Gohil & SS Iyengar (eds), Information Security, Privacy and Digital Forensics - Select Proceedings of the International Conference, ICISPD 2022. Lecture Notes in Electrical Engineering, vol. 1075 LNEE, Springer Science and Business Media Deutschland GmbH, pp. 107-122, International Conference on Information Security, Privacy, and Digital Forensics, 2022, Goa, India, 2/12/22. https://doi.org/10.1007/978-981-99-5091-1_9

Modelling Identity-Based Authentication and Key Exchange Protocol Using the Tamarin Prover. / Mookherji, Srijanee; Odelu, Vanga; Prasath, Rajendra et al.
Information Security, Privacy and Digital Forensics - Select Proceedings of the International Conference, ICISPD 2022. ed. / Sankita J. Patel; Naveen Kumar Chaudhary; Bhavesh N. Gohil; S. S. Iyengar. Springer Science and Business Media Deutschland GmbH, 2024. p. 107-122 (Lecture Notes in Electrical Engineering; Vol. 1075 LNEE).

Research output: Chapter in Book/Report/Conference proceedings › Conference proceeding › peer-review

TY - GEN

T1 - Modelling Identity-Based Authentication and Key Exchange Protocol Using the Tamarin Prover

AU - Mookherji, Srijanee

AU - Odelu, Vanga

AU - Prasath, Rajendra

AU - Reddy, Alavalapati Goutham

AU - Palaniswamy, Basker

PY - 2024

Y1 - 2024

N2 - In real-time applications, authentication plays a vital role in enabling secure communications. The authentication protocols need to be formally verified under a defined threat model. Unless the protocols are verified for the intended security, the purpose of employing such protocols may eventually fail. There are multiple ways to formally verify the security of the authentication protocols including the use of automatic verification tools like the Tamarin Prover. The Tamarin Prover tool supports equational theories along with built-in functions. However, this tool does not support some mathematical operations such as elliptic curve point addition. It is necessary to have point addition in Identity-Based Encryption (IBE)-based authentication protocols. Chen–Kudla modelled the point addition operation in the Tamarin Prover using a technique based on concatenation. However, this technique is not applicable to all identity-based protocols including IBE-based authentication protocols. In this paper, we present a modelling technique known as normalised precomputation for point addition using a hash function. We analyse the security of a simple identity-based encryption-based key exchange protocol under extended Canetti and Krawczyk’s (eCK) adversary model. Our analysis shows that the proposed technique is secure and retains the properties of point addition. Therefore, the technique can be applied to different IBE-based authentication protocols where point addition operation is necessary.

AB - In real-time applications, authentication plays a vital role in enabling secure communications. The authentication protocols need to be formally verified under a defined threat model. Unless the protocols are verified for the intended security, the purpose of employing such protocols may eventually fail. There are multiple ways to formally verify the security of the authentication protocols including the use of automatic verification tools like the Tamarin Prover. The Tamarin Prover tool supports equational theories along with built-in functions. However, this tool does not support some mathematical operations such as elliptic curve point addition. It is necessary to have point addition in Identity-Based Encryption (IBE)-based authentication protocols. Chen–Kudla modelled the point addition operation in the Tamarin Prover using a technique based on concatenation. However, this technique is not applicable to all identity-based protocols including IBE-based authentication protocols. In this paper, we present a modelling technique known as normalised precomputation for point addition using a hash function. We analyse the security of a simple identity-based encryption-based key exchange protocol under extended Canetti and Krawczyk’s (eCK) adversary model. Our analysis shows that the proposed technique is secure and retains the properties of point addition. Therefore, the technique can be applied to different IBE-based authentication protocols where point addition operation is necessary.

KW - Authentication protocol

KW - eCK-Adversary model

KW - Elliptic curve point addition

KW - Key exchange

KW - The Tamarin Prover

UR - https://www.scopus.com/pages/publications/85177212659

U2 - 10.1007/978-981-99-5091-1_9

DO - 10.1007/978-981-99-5091-1_9

M3 - Conference proceeding

AN - SCOPUS:85177212659

SN - 9789819950904

T3 - Lecture Notes in Electrical Engineering

SP - 107

EP - 122

BT - Information Security, Privacy and Digital Forensics - Select Proceedings of the International Conference, ICISPD 2022

A2 - Patel, Sankita J.

A2 - Chaudhary, Naveen Kumar

A2 - Gohil, Bhavesh N.

A2 - Iyengar, S. S.

PB - Springer Science and Business Media Deutschland GmbH

T2 - International Conference on Information Security, Privacy, and Digital Forensics, 2022

Y2 - 2 December 2022 through 3 December 2022

ER -

Mookherji S, Odelu V, Prasath R, Reddy AG, Palaniswamy B. Modelling Identity-Based Authentication and Key Exchange Protocol Using the Tamarin Prover. In Patel SJ, Chaudhary NK, Gohil BN, Iyengar SS, editors, Information Security, Privacy and Digital Forensics - Select Proceedings of the International Conference, ICISPD 2022. Springer Science and Business Media Deutschland GmbH. 2024. p. 107-122. (Lecture Notes in Electrical Engineering). doi: 10.1007/978-981-99-5091-1_9