loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Mario Lilli ; Chiara Braghin and Elvinia Riccobene

Affiliation: Computer Science Department, Università degli Studi di Milano, Italy

Keyword(s): Z-Wave Protocol, IoT Security, MITM, Formal Verification, Abstract State Machine, ASMETA.

Abstract: Nowadays, IoT (Internet of Things) devices are becoming part of our daily life. Unfortunately, many of them do not use standardized communication protocols with a provable security guarantee. The use of formal methods is, therefore, highly demanded in order to perform property verification and to prevent possible threats and accidents to users. In this paper, we propose a formal verification of the Z-Wave protocol, claimed to be one of the most secure IoT communication protocols thanks to the new S2 Security class, recently added. Specifically, our analysis targets the joining procedure of a device to the Z-Wave net. We exploit the ASMETA formal framework to model the protocol and to perform formal analysis in terms of model validation against informal documented requirements and verification of the protocol correct behaviour with respect to its security goals. The verification process revealed a vulnerability that could be used to perform a successful Man-In-The-Middle (MITM) attack compromising the secrecy of the exchanged symmetric keys. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.128.200.68

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Lilli, M.; Braghin, C. and Riccobene, E. (2021). Formal Proof of a Vulnerability in Z-Wave IoT Protocol. In Proceedings of the 18th International Conference on Security and Cryptography - SECRYPT; ISBN 978-989-758-524-1; ISSN 2184-7711, SciTePress, pages 198-209. DOI: 10.5220/0010553301980209

@conference{secrypt21,
author={Mario Lilli. and Chiara Braghin. and Elvinia Riccobene.},
title={Formal Proof of a Vulnerability in Z-Wave IoT Protocol},
booktitle={Proceedings of the 18th International Conference on Security and Cryptography - SECRYPT},
year={2021},
pages={198-209},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010553301980209},
isbn={978-989-758-524-1},
issn={2184-7711},
}

TY - CONF

JO - Proceedings of the 18th International Conference on Security and Cryptography - SECRYPT
TI - Formal Proof of a Vulnerability in Z-Wave IoT Protocol
SN - 978-989-758-524-1
IS - 2184-7711
AU - Lilli, M.
AU - Braghin, C.
AU - Riccobene, E.
PY - 2021
SP - 198
EP - 209
DO - 10.5220/0010553301980209
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic