Model Checking the IKEv2 Protocol Using Spin

Tristan Ninet, Axel Legay, Romaric Maillard, Louis-Marie Traonouez, Olivier Zendra
2019 2019 17th International Conference on Privacy, Security and Trust (PST)  
Previous analyses of IKEv2 concluded that the protocol was suffering from two authentication vulnerabilities: the penultimate authentication flaw and a vulnerability that leads to a reflection attack. In this paper we analyze the IKEv2 protocol specification using the Spin model checker. To do so we extend and improve an existing modeling method that allows analyzing security protocols using Spin. For completeness we indicate each abstraction we make when writing the model. As a result we show
more » ... hat the reflection attack is actually not applicable. We further discuss two modifications of the protocol and prove that both of them do overcome the vulnerability the penultimate authentication flaw.
doi:10.1109/pst47121.2019.8949057 dblp:conf/pst/NinetLMTZ19 fatcat:nejckudjdnda7aqsqhe4vf6qa4