Addressing synchrony issues of dynamic shared secrets in security protocols

This research addresses synchronisation issues in security protocols for wireless communications. A new class of attacks, termed Suppress-and-Desynchronise (SD) attacks, is introduced. This attack uses the vulnerabilities of the wireless links to exploit a weakness in the security protocols that use dynamic shared secrets for authentication purposes. To avoid problems with the long-term storage of shared secrets, these protocols use dynamic shared secrets that are updated to new values in each session by an underlying online update mechanism. A successful SD attack disables the affected parties from authenticating each other in future protocol runs, causing a permanent Denial of Service (DoS) condition. A formal system to model update mechanisms for shared secrets is introduced that expresses actions of principals, their storing strategies for shared secrets and the principals’ roles in the different types of update mechanism. Based on this formal system attack detection rules are developed that are able to detect synchrony weaknesses that can be exploited by Suppress-and-Desynchronise attacks. Further, within the same formal system, a solution to the synchronisation problem is identified. A new approach to the security systems design is proposed for the wireless communications environment to avoid facilitating occurrence of the presented DoS condition. A guide to the formalisation process of security protocols prior to application of detection rules is presented. Finally, five security protocols are formalized, analysed and corrected using the proposed formal system.