Date of this Version
In recent years, there have been strong interests in the networking community in designing new Internet architectures that provide strong security guarantees. However, none of these proposals back their security claims by formal analysis. In this paper, we use a reduction-based approach to prove the route authenticity property in secure routing protocols. These properties require routes accepted and announced by honest nodes in the network are not tampered with by the adversary. We focus on protocols that rely on layered signatures to provide security: each route announcement is associated with a list of signatures attesting the authenticity of its subpaths. Our approach combines manual proofs with automated analysis. We define several reduction steps to reduce proving route authenticity properties to simple checks that can be automatically done by an automated tool Proverif. We show that our analysis is correct with respect to the trace semantics of the routing protocols.
Date Posted: 25 July 2012