SATMC: a SAT-based Model Checker forSecurity-critical Systems
Alessandro Armando
Security&Trust, CIT irst, Bruno Kessler Foundation, Trento, Italy
joint work withRoberto Carbone, Luca Compagna
Trento, March 19, 2014
(To be presented at TACAS’14.)
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 0 / 31
Outline
1 Introduction
2 Application Domains
3 Modeling Security-critical Systems
4 SAT-based Model Checking of Security-critical Systems
5 Conclusions
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 0 / 31
Motivations
Security protocols and services are key to securing theever-growing ecosystem of online applications (web, mobile, ...)But security solutions are notoriously difficult to get right.Many security-critical protocols and services have been designedand developed only to be found flawed years after theirdeployment.These flaws are usually due to the complex and unexpectedinterleaving of the protocols and services as well as to thepossible interference of malicious agents.Very difficult to spot by traditional verification techniques (e.g.,manual inspection and testing)Security-critical systems are a natural target for formal methodtechniques.
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 1 / 31
Motivations
Security protocols and services are key to securing theever-growing ecosystem of online applications (web, mobile, ...)But security solutions are notoriously difficult to get right.Many security-critical protocols and services have been designedand developed only to be found flawed years after theirdeployment.These flaws are usually due to the complex and unexpectedinterleaving of the protocols and services as well as to thepossible interference of malicious agents.Very difficult to spot by traditional verification techniques (e.g.,manual inspection and testing)Security-critical systems are a natural target for formal methodtechniques.
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 1 / 31
Model Checking Security Protocols
Since (both honest and malicious) agents can build and exchangemessages of finite, but arbitrary complexity (throughconcatenation and cryptographic primitives), most security-critical,distributed systems are inherently infinite state.For this reason general purpose model checkers (e.g., SPIN,NuSMV) are not suited for the analysis of a large and importantclass of security-critical systems.Special purpose tools (most notably, security protocol analyzers,e.g., CL-AtSe, OFMC, Proverif) are capable of very goodperformance on basic protocols.Yet, they do not support many features that are necessary totackle the complexity of many real-world protocols and services.
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 2 / 31
SATMC: a SAT-based Model Checker
GoalStrike a balance between general purpose model checkers andsecurity protocol analyzers.
SATMC is a SAT-based bounded model checker forsecurity-critical systems that combines encoding techniquesdeveloped for planning with techniques developed for the analysisof reactive systems.The model is specified through a (multi)set-rewriting formalismclosely related to (an extension of) the STRIPS planning language.Recently extended to support Horn clauses and (first-order) LTL.Supports the analysis of systems that exchange messages over awide range of secure channels, are subject to sophisticatedsecurity policies, and/or aim to achieve a variety of security goals.
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 3 / 31
SATMC: a SAT-based Model Checker
SATMC has been successfully applied toa variety of application domains (namely, security protocols,security-sensitive business processes, and cryptographic APIs)for different purposes (e.g., design-time security analysis andsecurity testing).
SATMC is integrated and used as a back-end in:research prototypes (the AVISPA Tool, Tookan, the AVANTSSARPlatform, and the SPaCIoS Tool) andindustrial-strength tools (the Security Validator plugin for SAPNetWeaver BPM)
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 4 / 31
Outline
1 Introduction
2 Application Domains
3 Modeling Security-critical Systems
4 SAT-based Model Checking of Security-critical Systems
5 Conclusions
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 4 / 31
Application Domains
User
Domain-specificConnector
SATMC
ASLanSpecification
OutputFormat
MiniSAT
NuSMV
BPMNConnector
Security APIConnector
Security Protocol
Connector
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 5 / 31
Security API Connector
User
Security APIConnector
SATMC
ASLanSpecification
OutputFormat
MiniSAT
NuSMV
1 // modifies the value of one or more object attributes2 void C_SetAttributeValue(long hSes, long hObj, CK_ATTRIBUTE[] pAtt)3 // initializes a decryption operation4 void C_DecryptInit(long hSes, CK_MECHANISM pMechanism, long hKey)5 // decrypt encrypted data6 byte[] C_Decrypt(long hSes, byte[] pEncryptedData)7 // wraps (i.e., encrypts) a key8 byte[] C_WrapKey(long hSes, CK_MECHANISM pMechanism, long hWrappingKey, long hKey)
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 6 / 31
Security API Connector: Some Results
SATMC lies at the core of Tookan, a tool capable to automaticallydetect and reproduce policy violations in commercially availablecryptographic security tokensa number of attacks detected on the PKCS#11 Security Tokens
M. Bortolozzo, M. Centenaro, R. Focardi and G. Steel. Attacking and Fixing PKCS#11Security Tokens. Proceedings of the 17th ACM Conference on Computer and CommunicationsSecurity (ACM CCS 2010).
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 7 / 31
BPMN Connector
User
BPMNConnector
SATMC
ASLanSpecification
OutputFormat
MiniSAT
NuSMV
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 8 / 31
BPMN Connector: Some Results
SATMC lies at the coreof a Security Validation prototype for BPsdeveloped by the Product Security Research unit at SAP
A. Armando and S. E. Ponta. Model Checking Authorization Requirements inBusiness Processes. In Computers & Security, vol. 40, no. 0, pp. 1 - 22, 2014.
W. Arsac, L. Compagna, G. Pellegrino, and S. E. Ponta. Security Validation of BusinessProcesses via Model-checking. In ESSoS 2011.
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 9 / 31
Security Protocol ConnectorUser
Security ProtocolConnector
SATMC
ASLanSpecification
OutputFormat
MiniSAT
NuSMVC IdP SP
1. GET URI
2. HTTP302 IdP?SAMLRequest=AReq(ID,SP)
3. GET IdP?SAMLRequest=AReq(ID,SP)
IdP builds an authentication assertionAA = AAssert(ID,C, IdP,SP)4. HTTP200 Form(. . .)
5. POST SP?SAMLResponse=AResp(ID,SP, IdP, {AA}K−1IdP
)
6. HTTP200 Resource(URI)
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 10 / 31
Security Protocol Connector: Some Results
SATMC played key role in the discovery of:Flaw in a version of the Asokan, Shoup, and Waidner protocol foronline contract signing “patched” by Mitchell & Shmatikov:
A. Armando, R. Carbone and L. Compagna. LTL Model Checking for SecurityProtocols. In the proceedings of the 20th IEEE Computer Security FoundationsSymposium (CSF20)
Flaw in a strong (i.e. two-factor and two-channel) authenticationprotocol.
A. Armando, R. Carbone and L. Zanetti. Formal Modeling and Automatic SecurityAnalysis of Two-Factor and Two-Channel Authentication Protocols. In theproceedings of the International Conference on Network and System Security (NSS 2013).June, 2013.
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 11 / 31
Security Protocol Connector: Some Results
Flaw detected in Google’s SAML-based SSO for Google Apps
Authentication flaw in the most common use-case scenario ofSAML 2.0 SSO Profile.(Errata by OASIS SecurityServices Technical Committee.)
Cross-Site Scripting (XSS) vulnerabilities detected in:SAML-based SSO for Google AppsSimpleSAMLphpNovell Access Manager v3.1
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 12 / 31
Responsible Disclosure of the Vulnerability
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 13 / 31
Responsible Disclosure of the Vulnerability
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 13 / 31
Responsible Disclosure of the Vulnerability
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 13 / 31
Responsible Disclosure of the Vulnerability
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 13 / 31
Responsible Disclosure of the Vulnerability
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 13 / 31
Responsible Disclosure of the Vulnerability
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 13 / 31
The News goes on the Press. . .
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 14 / 31
The News goes on the Press. . .
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 14 / 31
The News goes on the Press. . .
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 14 / 31
The News goes on the Press. . .
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 14 / 31
The News goes on the Blogs of Security Experts
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 15 / 31
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 16 / 31
A. Armando, R. Carbone, L. Compagna, J. Cuellar, G. Pellegrino, A. Sorniotti. Anauthentication flaw in browser-based Single Sign-On protocols: Impact andremediations. In Computers & Security, Volume 33, pages 41-58, 2013.
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 16 / 31
Outline
1 Introduction
2 Application Domains
3 Modeling Security-critical Systems
4 SAT-based Model Checking of Security-critical Systems
5 Conclusions
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 16 / 31
Model Checking Problem
Fact: atomic formula of a first-order languageModel: M = 〈I,R,H, C〉I: initial state,R: set of rewrite rulesH: set of Horn clausesC: set of constraints (closed formulae)
model︷ ︸︸ ︷ LTL formula︷ ︸︸ ︷MS‖MI |= G
MS = 〈IS,RS,HS, CS〉: model of the security-sensitive systemMI = 〈II ,RI ,HI , CI〉: model of the intruderG: LTL formula expressing the security properties that thecombined model must enjoy.
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 17 / 31
Model Checking Problem
Fact: atomic formula of a first-order languageModel: M = 〈I,R,H, C〉I: initial state,R: set of rewrite rulesH: set of Horn clausesC: set of constraints (closed formulae)
model︷ ︸︸ ︷ LTL formula︷ ︸︸ ︷MS‖MI |= G
MS = 〈IS,RS,HS, CS〉: model of the security-sensitive systemMI = 〈II ,RI ,HI , CI〉: model of the intruderG: LTL formula expressing the security properties that thecombined model must enjoy.
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 17 / 31
Facts
Fact MeaningDomain sent(s, b, a, m, c) s sent m on c to a pretending to be bIndependent rcvd(a, b, m, c) m (supposedly sent by b) has been received
on c by acontains(d , ds) d is member of ds
ik(m) the intruder knows mProtocols stater (j , a, ts) a plays r , has internal state ts, and can exe-
cute step jBusiness pa(r , t) r has the permission to perform tProcesses ua(a, r) a is assigned to r
executed(a, t) a executed tgranted(a, t) a is granted to execute t
APIs attrs(as) security token has attributes as
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 18 / 31
Initial State
MS = 〈IS,RS,HS, CS〉
security protocols: contains a state-fact stater (1,a, ts) for eachagent a.business processes: specifies which tasks are ready for executionas well as the access control policy (e.g., the user-role and therole-permission assignment relations).security APIs: specifies some attribute-value assignments
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 19 / 31
Rewriting Rules
MS = 〈IS,RS,HS, CS〉C IdP SP
1. GET URI
2. HTTP302 IdP?SAMLRequest=AReq(ID,SP)
3. GET IdP?SAMLRequest=AReq(ID,SP)
IdP builds an authentication assertionAA = AAssert(ID,C, IdP,SP)4. HTTP200 Form(. . .)
5. POST SP?SAMLResponse=AResp(ID,SP, IdP, {AA}K−1IdP
)
6. HTTP200 Resource(URI) Security Protocol
Connector
rcvd (C,SP,hRsp(c30x,IdP,AReq),CSP2C) �
statec(2,C, [SP, . . . ,CC2IdP])send2(C,...,CC2IdP)−−−−−−−−−−−→
statec(3,C, [Areq,SP, . . . ,CC2IdP]) �
sent (C,C,IdP,hReq(get,IdP,AReq),CC2IdP)
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 20 / 31
Horn Clauses
MS = 〈IS,RS,HS, CS〉
BPMNConnector
granted(A,T)grant(A,R,T)←−−−−−−−− ua(A,R),pa(R,T)
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 21 / 31
Behaviour of Principals
MS = 〈IS,RS,HS, CS〉
Security Protocol
Connector
Property LTL Formulaprogress(a, r , j) G ∀(stater (j ,a,ES)⇒F¬stater (j ,a,ES))availability(a, c) G ∀(rcvd(a,P,M, c)⇒F¬rcvd(a,P,M, c))
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 22 / 31
Formal modeling of the Intruder
MI = (MDY‖MI′)
MDY = 〈∅,RDY ,HDY , ∅〉
RDY : ability to overhear, divert, and intercept messagesHDY : inferential capabilities, e.g., the ability to decrypt messageswhen the key used for encryption is known to the intruder as wellas that to forge new messages.
MI′ = 〈II′ ,RI′ ,HI′ , CI′〉
II′ : initial knowledge in the scenario considered,RI′ and HI′ : domain specific behaviors of the intruder, andCI′ : constrains the otherwise allowed behaviors.
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 23 / 31
Formal modeling of the Intruder (Examples)
MI′ = 〈II′ ,RI′ ,HI′ , CI′〉Security APIConnector
Java method C Decrypt:
ik (crypt(K,R)) �ik (hand(N,inv(K))) �
attrs(KeyAttrs) �contains(attr(decrypt,true,N),KeyAttrs)
decrypt key asym(KeyAttrs,K,R,N)−−−−−−−−−−−−−−−−−−−−−−−→ ik(R) �LHS
MI′ = 〈II′ ,RI′ ,HI′ , CI′〉Security Protocol
ConnectorProperty LTL Formula
confidential to(c,p) G ∀(rcvd(A,B,M, c)⇒A = p)authentic on(c,p) G ∀(sent(RS,A,B,M, c)⇒(A = p∧RS = p))
weakly confidential(c) G ∀((rcvd(A,B,M, c) ∧Frcvd(A′,B′,M ′, c))⇒A = A′)
resilient(c) G ∀(sent(RS,A,B,M, c)⇒Frcvd(B,A,M, c))
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 24 / 31
Formal modeling of the Intruder (Examples)
MI′ = 〈II′ ,RI′ ,HI′ , CI′〉Security APIConnector
Java method C Decrypt:
ik (crypt(K,R)) �ik (hand(N,inv(K))) �
attrs(KeyAttrs) �contains(attr(decrypt,true,N),KeyAttrs)
decrypt key asym(KeyAttrs,K,R,N)−−−−−−−−−−−−−−−−−−−−−−−→ ik(R) �LHS
MI′ = 〈II′ ,RI′ ,HI′ , CI′〉Security Protocol
ConnectorProperty LTL Formula
confidential to(c,p) G ∀(rcvd(A,B,M, c)⇒A = p)authentic on(c,p) G ∀(sent(RS,A,B,M, c)⇒(A = p∧RS = p))
weakly confidential(c) G ∀((rcvd(A,B,M, c) ∧Frcvd(A′,B′,M ′, c))⇒A = A′)
resilient(c) G ∀(sent(RS,A,B,M, c)⇒Frcvd(B,A,M, c))
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 24 / 31
Security Goals
MS‖MI |= G
Complex properties involving temporal operators and first-orderquantifiers:
For instance, a fair exchange goal: Security Protocol
Connector
G∀nO.∀nR.(hasvc(r , txt ,nO,nR)⇒F ∃nR.hasvc(o, txt ,nO,nR))
stating that if an agent r has a valid contract, then we ask o topossess a valid contract relative to the same contractual text txtand secret commitment nO.Separation of duty property SoD3 BPMN
ConnectorG ∀(executed(A,approve travel)⇒
G¬executed(A,approve budget))
This goal states that if an agent A has executed the taskapprove travel then he should not execute the taskapprove budget.
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 25 / 31
Security Goals
MS‖MI |= G
Complex properties involving temporal operators and first-orderquantifiers:
For instance, a fair exchange goal: Security Protocol
Connector
G∀nO.∀nR.(hasvc(r , txt ,nO,nR)⇒F ∃nR.hasvc(o, txt ,nO,nR))
stating that if an agent r has a valid contract, then we ask o topossess a valid contract relative to the same contractual text txtand secret commitment nO.Separation of duty property SoD3 BPMN
ConnectorG ∀(executed(A,approve travel)⇒
G¬executed(A,approve budget))
This goal states that if an agent A has executed the taskapprove travel then he should not execute the taskapprove budget.
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 25 / 31
Outline
1 Introduction
2 Application Domains
3 Modeling Security-critical Systems
4 SAT-based Model Checking of Security-critical Systems
5 Conclusions
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 25 / 31
SAT-based Model Checking of Security-criticalSystems
SATMC
ASLanSpecification
OutputFormat
MiniSAT
NuSMV
SATMC: fully automatic security-critical systems analyser. Itreduces the security problem to propositional satisfiabilityproblems (SAT).Fruitful combination of
SAT-reduction techniques developed for AI-planningBounded model-checking techniques for reactive systems
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 26 / 31
SATMC Internals
DY Attacker(MDY )
G MI′ MS kmax
ModelEncoding
SATMC
Planning GraphGenerator
GoalGrounding
PLTL2SAT(NuSMV)
SAT Solver(MiniSAT)&
C
I R HM ′ =〈I,R,H, ∅〉
Φk
[[C⇒G]]k
[[M ′]]k
Output Format
Every truth-value assignment satisfying Φk corresponds to acounterexample of M |= G of length k and vice versa
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 27 / 31
DY Attacker module
DY Attacker(MDY )
G MI′ MS kmax
ModelEncoding
SATMC
Planning GraphGenerator
GoalGrounding
PLTL2SAT(NuSMV)
SAT Solver(MiniSAT)&
C
I R HM ′ =〈I,R,H, ∅〉
Φk
[[C⇒G]]k
[[M ′]]k
Output Format
Optimizing transformations on MS‖MDY .Produce a model MS-DY which is easier to analyze than (yetequivalent to) MS‖MDY .computes and yields the model MS-DY‖MI′ which is equivalent toMS‖MI with MI = (MDY‖MI′).
Thus the problem of checking whether MS‖MDY‖MI′ |= G is reduced tochecking whether MS-DY‖MI′ |= G.
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 28 / 31
Model Encoding and Planning Graph Generator
I(f 0,hc0) ∧∧k−1
i=0 Ti(f i ,ρi ,hci , f i+1,hci+1)
DY Attacker(MDY )
G MI′ MS kmax
ModelEncoding
SATMC
Planning GraphGenerator
GoalGrounding
PLTL2SAT(NuSMV)
SAT Solver(MiniSAT)&
C
I R HM ′ =〈I,R,H, ∅〉
Φk
[[C⇒G]]k
[[M ′]]k
Output Format
Idea: Use knowledge about the initial state to simplify the Tk ’s.Approach: Propagate information provided by the initial state forbuilding a finite over-approximation of the forward search tree.
Linear Encoding
T T T
I
T
G
Graphplan-based encoding [2,3]
I
G
T T2 T1 3T0
[1] H. Kautz, H. McAllester, and B. Selman. Encoding Plans in Propositional Logic (KR’96)[2] A. Blum, and M. Furst. Fast Planning through Planning Graph Analysis (IJCAI’95)[3] H. Kautz, and B. Selman. Unifying SAT-based and Graph-based Planning (IJCAI’99)
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 29 / 31
Model Encoding and Planning Graph Generator
I(f 0,hc0) ∧∧k−1
i=0 Ti(f i ,ρi ,hci , f i+1,hci+1)
DY Attacker(MDY )
G MI′ MS kmax
ModelEncoding
SATMC
Planning GraphGenerator
GoalGrounding
PLTL2SAT(NuSMV)
SAT Solver(MiniSAT)&
C
I R HM ′ =〈I,R,H, ∅〉
Φk
[[C⇒G]]k
[[M ′]]k
Output Format
Idea: Use knowledge about the initial state to simplify the Tk ’s.Approach: Propagate information provided by the initial state forbuilding a finite over-approximation of the forward search tree.
Linear Encoding
T T T
I
T
G
Graphplan-based encoding [2,3]
I
G
T T2 T1 3T0
[1] H. Kautz, H. McAllester, and B. Selman. Encoding Plans in Propositional Logic (KR’96)[2] A. Blum, and M. Furst. Fast Planning through Planning Graph Analysis (IJCAI’95)[3] H. Kautz, and B. Selman. Unifying SAT-based and Graph-based Planning (IJCAI’99)
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 29 / 31
Grounding First-order LTL Formulae
DY Attacker(MDY )
G MI′ MS kmax
ModelEncoding
SATMC
Planning GraphGenerator
GoalGrounding
PLTL2SAT(NuSMV)
SAT Solver(MiniSAT)&
C
I R HM ′ =〈I,R,H, ∅〉
Φk
[[C⇒G]]k
[[M ′]]k
Output Format
Planning graphs are also key to turn any first-order LTL formula ψ intoa propositional LTL formula ψ0 such that if π is an execution path of M ′
with k or less states that violates ψ0, then π violates also ψ, and viceversa.
Goal Grounding: reduce the BMC problem for any first-order LTLformula ψ to the BMC for a propositional LTL formula ψ0
PLTL2SAT: reduction to SAT by using the techniques available inthe literature (functionalities currently given by the NuSMV modelchecker, used as a plugin by SATMC)
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 30 / 31
Outline
1 Introduction
2 Application Domains
3 Modeling Security-critical Systems
4 SAT-based Model Checking of Security-critical Systems
5 Conclusions
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 30 / 31
Conclusions
SATMC 3.0: SAT-based Model Checker for security-criticalsystemsProblem: determine the existence of an attack of bounded lengthviolating a given security goalSuccessfully combines techniques:
from AI planning andfor the analysis of reactive systems
to reduce the problem to SATSATMC supports the specification of security policies as Hornclauses and of security assumptions and goals as first-order LTLformulae.Its flexibility and effectiveness is demonstrated by:
successful usage within three industrial relevant applicationdomains (security protocols, business processes, and securityAPIs)integration within a number of research prototypes andindustrial-strength tools.
Alessandro Armando (FBK) SATMC Trento, March 19, 2014 31 / 31