Verifying SeVeCom Using Set-based Abstraction

    Research output: Book/ReportReportResearch

    227 Downloads (Pure)

    Abstract

    We formally analyze the Secure Vehicle Communication system developed by the EU-project SeVeCom, using the AIF framework which is based on a novel set-abstraction technique. The model involves the hardware security modules (HSMs) of a number of cars, a certification authority, and the protocols executed between them. Each participant stores a database of keys that can be added or deleted depending on the different operations. The AIF-framework allows us to model and automatically analyze such databases with- out bounding the number of steps that the system can make and, in contrast to previous approaches in protocol abstraction, can handle databases that do not monotonically grow (and thus allow for revocation of keys). We report on two new attacks found and verify that under some reasonable assumptions, the system is secure in a black-box cryptography model.
    Original languageEnglish
    Place of PublicationKgs. Lyngby, Denmark
    PublisherTechnical University of Denmark, DTU Informatics, Building 321
    Publication statusPublished - 2011
    SeriesIMM-Technical Report-2011-01

    Cite this

    Mödersheim, S. A., & Modesti, P. (2011). Verifying SeVeCom Using Set-based Abstraction. Technical University of Denmark, DTU Informatics, Building 321. IMM-Technical Report-2011-01