Verifying the Security Characteristics of a Secure Physical Access Control Protocol

Abstract

Physical access control protocols provide a structured method of controlling the behavior of physical devices which in many cases are not only remotely located with respect to the accessing entity, but require the exchange of messages over one or more untrusted networks, such as the internet. Therefore, if it is necessary to prevent unauthorized access to the controlled physical devices, it is essential that the physical access control protocol exhibit certain verifiable security properties. We studied the Universal Physical Access Control System (UPACS) and used the formal protocol verification tool Proverif to verify that it possesses several key security properties. We also conducted a security analysis of the protocol and verified that it was resilient or otherwise invulnerable to several known forms of security attack, including Attacks on User Privacy and Anonymity, Session Key Security Attacks, Password Guessing Attacks, De-Synchronization Attacks, Replay Attacks, Eavesdropping Attacks, Denial-of-Service Attacks, User and Server Masquerade Attacks, Stolen Verifier Attacks and Stolen Password Attacks.