A Program Logic for Verifying Secure Routing Protocols [chapter]

Chen Chen, Limin Jia, Hao Xu, Cheng Luo, Wenchao Zhou, Boon Thau Loo
2014 Lecture Notes in Computer Science  
The Internet, as it stands today, is highly vulnerable to attacks. However, little has been done to understand and verify the formal security guarantees of proposed secure inter-domain routing protocols, such as Secure BGP (S-BGP). In this paper, we develop a sound program logic for SANDLog-a declarative specification language for secure routing protocols-for verifying properties of these protocols. We prove invariant properties of SANDLog programs that run in an adversarial environment. As a
more » ... ep towards automated verification, we implement a verification condition generator (VCGen) to automatically extract proof obligations. VCGen is integrated into a compiler for SANDLog that can generate executable protocol implementations; and thus, both verification and empirical evaluation of secure routing protocols can be carried out in this unified framework. To validate our framework, we (1) encoded several proposed secure routing mechanisms in SANDLog, (2) verified variants of path authenticity properties by manually discharging the generated verification conditions in Coq, and (3) generated executable code based on SANDLog specification and ran the code in simulation. SANDlog(Program( Annota/ons( SANDlog(Compiler( Code(( genera/on( Verifica/on( condi/on( genera/on( Executable( protocol( Proof( obliga/ons( Theorem( prover( Simulator( (Emulator)( Fig. 1 . Architecture of a unified framework for implementing and verifying secure routing protocols. The round objects represent the inputs and outputs of the framework, which are either code or proofs. The rectangular objects are software components of the framework. not. These faults may lead to long periods of interruption of the Internet; best epitomized by recent high-profile attacks [10, 24] . In response to these vulnerabilities, several new Internet routing architectures and protocols for a more secure Internet have been proposed. These range from security extensions of BGP (Secure-BGP (S-BGP) [19] , ps-BGP [28], so-BGP [30]), to "clean-slate" Internet architectural redesigns such as SCION [31] and ICING [22] . However, none of the proposals formally analyzed their security properties. These protocols are implemented from scratch, evaluated primarily experimentally, and their security properties shown via informal reasoning. Existing protocol analysis tools [7, 12, 14] are rarely used in analyzing routing protocols because routing protocols are considerably more complicated than cryptographic protocols: they often compute local states, are recursive, and their security properties need to be shown to hold on arbitrary network topologies. As the number of models is infinite, model-checking-based tools, in general, cannot be used to prove the protocol secure.
doi:10.1007/978-3-662-43613-4_8 fatcat:vplnxqhqhrdwlg547ogjlvclka