Analysing ZigBee Key Establishment Protocols
Ender Y\"uksel
TL;DR
This paper models and analyzes the ZigBee-2007 key establishment protocol using formal methods, uncovering an unknown flaw and verifying a proposed fix through control flow analysis.
Contribution
It introduces a formal analysis approach for wireless sensor network protocols, identifying and fixing a previously unknown security flaw in ZigBee.
Findings
Discovered an unknown flaw in the ZigBee protocol
Proposed and verified a fix for the identified flaw
Demonstrated effectiveness of formal methods in protocol analysis
Abstract
In this report, we present our approach for protocol analysis together with a real example where we find an important flow in a contemporary wireless sensor network security protocol. We start by modelling protocols using a specific process algebraic formalism called LySa process calculus. We then apply an analysis based on a special program analysis technique called control flow analysis. We apply this technique to the ZigBee-2007 End-to-End Application Key Establishment Protocol and with the help of the analysis discover an unknown flaw. Finally we suggest a fix for the protocol, and verify that the fix works by using the same technique.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Authentication Protocols Security · Formal Methods in Verification · Security and Verification in Computing