Quantitative analysis of a certified e-mail protocol in mobile environments: A probabilistic model checking approach

Basagiannis, Stylianos; Petridou, Sophia; Αλεξίου, Νικόλαος; Papadimitriou, Georgios I.; Katsaros, Panagiotis

doi:10.1016/j.cose.2011.02.001

Cited by 19 publications

(12 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These results define cost in line with hardware specifications i.e. actual CPU cycles needed for RSA encryption and decryption operations, instead of clear numbers used in the model described in [14]. Thus, the new method constitutes a resource-aware approach towards studying protocols' cost under hardware specifications.…”

Section: Introductionmentioning

confidence: 60%

See 1 more Smart Citation

Quantitative model checking of an RSA-based email protocol on mobile devices

Petridou

Basagiannis

Αλεξίου

et al. 2011

2011 IEEE Symposium on Computers and Communications (ISCC)

View full text Add to dashboard Cite

Abstract-The current proliferation of mobile devices has resulted in a large diversity of hardware specifications, each designed for different services and applications (e.g. cell phones, smart phones, PDAs). At the same time, e-mail message delivery has become a vital part of everyday communications. This article provides a cost-aware study of an RSA-based e-mail protocol executed upon the widely used Apple iPhone1,2 with ARM1176JZF-S, operating in an High Speed Downlink Packet Access (HSDPA) mobile environment. The proposed study employs formal analysis techniques, such as probabilistic model checking, and proceeds to a quantitative analysis of the email protocol, taking into account computational parameters derived by the devices' specifications. The value of this study is to form a computer-aided framework which balances the tradeoff between gaining in security, using high-length RSA keys, and conserving CPU resources, due to hardware limitations of mobile devices. To the best of our knowledge, this is the first time that probabilistic model checking is utilized towards verifying a secure e-mail protocol under hardware constrains. In fact, the proposed analysis can be widely exploited by protocol designers in order to verify their products in conjunction with specific mobile devices.

show abstract

Section: Introductionmentioning

confidence: 60%

“…A primitive model of this idea was firstly proposed by the authors in [14]. This early work employs the Texas Instruments TMS320C55x Family operating at 200M Hz.…”

Section: Introductionmentioning

confidence: 99%

Quantitative model checking of an RSA-based email protocol on mobile devices

Petridou

Basagiannis

Αλεξίου

et al. 2011

2011 IEEE Symposium on Computers and Communications (ISCC)

View full text Add to dashboard Cite

show abstract

“…Quantitative verification has previously been applied to analyse dynamic power management schemes for mobile devices [43] and energy harvesters [46]. Here, we highlight a recent case study that applied quantitative verification with PRISM to analyse the computational and transmission cost of an electronic email protocol [4], with the view to provide tool-assisted systematic analysis of the protocol for a variety of mobile environments.…”

Section: Constrained Resourcesmentioning

confidence: 99%

“…The Certified E-mail Message Delivery (CEMD) protocol studied in [4] is used on mobile devices such as smartphones and PDAs, including low-cost hardware, frequently operating in noisy environments with high bit error rate. The CEMD protocol provides a number of security features, such as fairness (neither sender nor recipient should gain advantage upon interruption), timeliness (all participants should be able to exit the protocol in a given finite time), and confidentiality (only the intended participant should learn the contents of an email message, implemented using RSA encryption).…”

Section: Constrained Resourcesmentioning

confidence: 99%

Advances in Quantitative Verification for Ubiquitous Computing

Kwiatkowska

2013

Theoretical Aspects of Computing – ICTAC 2013

View full text Add to dashboard Cite

Abstract. Ubiquitous computing, where computers 'disappear' and instead sensor-enabled and software-controlled devices assist us in everyday tasks, has become an established trend. To ensure the safety and reliability of software embedded in these devices, rigorous model-based design methodologies are called for. Quantitative verification, a powerful technique for analysing system models against quantitative properties such as "the probability of a data packet being delivered within 1ms to a nearby Bluetooth device is at least 0.98", has proved useful by detecting and correcting flaws in a number of ubiquitous computing applications. In this paper, we focus on three key aspects of ubiquitous computing: autonomous behaviour, constrained resources and adaptiveness. We summarise recent advances of quantitative verification in relation to these aspects, illustrating each with a case study analysed using the probabilistic model checker PRISM. The paper concludes with an outline of future challenges that remain in this area.

show abstract

“…Because of the popularity, e-mail systems become an adversary's or a malicious user's targets. Among e-mail security issues, basic and primary concerns are e-mails' confidentiality and authentication [1]. Some of data cryptosystems can satisfy these concerns.…”

Section: Introductionmentioning

confidence: 99%

Secure multicast key protocol for electronic mail systems with providing perfect forward secrecy

Chen

2012

Security Comm Networks

View full text Add to dashboard Cite

Electronic mail (e-mail) systems are widely used in the Internet. A user usually needs to send an e-mail to a group of users. In this paper, a secure multicast key protocol for e-mail systems with providing perfect forward secrecy is proposed to ensure confidentiality and authentication of this kind of e-mail system. The protocol employs the Chinese Remainder Theorem, RSA public key cryptosystems, and one-way hash functions. The protocol can save redundant key materials used for the e-mails. Via the security analysis, the protocol can satisfy the security requirements. In addition, we analyze the computation complexity of the protocol. The result showed that the protocol can save the computation cost for each e-mail sender.

show abstract

Quantitative analysis of a certified e-mail protocol in mobile environments: A probabilistic model checking approach

Cited by 19 publications

References 24 publications

Quantitative model checking of an RSA-based email protocol on mobile devices

Quantitative model checking of an RSA-based email protocol on mobile devices

Advances in Quantitative Verification for Ubiquitous Computing

Secure multicast key protocol for electronic mail systems with providing perfect forward secrecy

Contact Info

Product

Resources

About