@inproceedings{1d7a7c15bda4482a8059cac4bb5e2917,
title = "Mechanized network origin and path authenticity proofs",
abstract = "A secure routing infrastructure is vital for secure and reliable Internet services. Source authentication and path validation are two fundamental primitives for building a more secure and reliable Internet. Although several protocols have been proposed to implement these primitives, they have not been formally analyzed for their security guarantees. In this paper, we apply proof techniques for verifying cryptographic protocols (e.g., key exchange protocols) to analyzing network protocols. We encode LS2, a program logic for reasoning about programs that execute in an adversarial environment, in Coq. We also encode protocol-specific data structures, predicates, and axioms. To analyze a source-routing protocol that uses chained MACs to provide origin and path validation, we construct Coq proofs to show that the protocol satisfies its desired properties. To the best of our knowledge, we are the first to formalize origin and path authenticity properties, and mechanize proofs that chained MACs can provide the desired authenticity properties.",
keywords = "Formal methods, Mechanized proofs, Origin authenticity, Path authenticity, Secrecy",
author = "Fuyuan Zhang and Limin Jia and Cristina Basescu and Kim, {Tiffany Hyun Jin} and Hu, {Yih Chun} and Adrian Perrig",
year = "2014",
month = nov,
day = "3",
doi = "10.1145/2660267.2660349",
language = "English (US)",
isbn = "9781450329576",
series = "Proceedings of the ACM Conference on Computer and Communications Security",
publisher = "Association for Computing Machinery",
pages = "346--357",
booktitle = "Proceedings of the ACM Conference on Computer and Communications Security",
address = "United States",
note = "21st ACM Conference on Computer and Communications Security, CCS 2014 ; Conference date: 03-11-2014 Through 07-11-2014",
}