Skip to Main content Skip to Navigation

Formal verification of the Internet Key Exchange (IKEv2) security protocol

Abstract : In this thesis, we analyze the IKEv2 protocol specification using three formal verification tools: Spin, ProVerif and Tamarin. To perform the analysis with Spin, we extend and improve an existing modeling method with a simpler adversary model and a model for common cryptographic primitives and Lowe's authentication properties. As a result we show that the reflection attack, an attack found by a previous analysis, is actually not applicable. Moreover, our analysis using ProVerif and Tamarin provides new results regarding non-injective agreement and injective agreement guaranties of IKEv2 in the unbounded model. We then show that the penultimate authentication flaw, a vulnerability that was considered harmless by previous analyses, actually allows for a new type of Denial-of-Service attack, which works against IKEv2: the Deviation Attack. The Deviation Attack is harder to detect than existing DoS attacks, but is also harder to perform. To concretely demonstrate the attack, we successfully implement it against a popular open-source implementation of IKEv2. Finally, we study the use of existing DoS countermeasures and existing configuration options to defeat the attack, but we only find mitigations or incomplete workarounds. We therefore tackle the problem at a higher level: we propose two possible inexpensive modifications of the protocol, and formally prove that they both prevent the attack.
Document type :
Complete list of metadatas

Cited literature [88 references]  Display  Hide  Download
Contributor : Abes Star :  Contact
Submitted on : Friday, June 26, 2020 - 2:50:09 PM
Last modification on : Wednesday, August 5, 2020 - 3:42:39 AM


Version validated by the jury (STAR)


  • HAL Id : tel-02882167, version 1


Tristan Ninet. Formal verification of the Internet Key Exchange (IKEv2) security protocol. Cryptography and Security [cs.CR]. Université Rennes 1, 2020. English. ⟨NNT : 2020REN1S002⟩. ⟨tel-02882167⟩



Record views


Files downloads