Formal Verification of the Authentication and Voice Communication Protocol Security on Device X Using Scyther Tool

Muhamad al Fikri, Kalamullah Ramli, Dodi Sudiana

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

In the current era, the ownership of strategic information and the ability to effectively manage it has become a significant advantage. Reflecting on the experience of attacks on strategic communications in Indonesia, including the tapping of the former President Susilo Bambang Yudhoyono's conversation through the cellular network and President Jokowi's official residence, Indonesia has begun paying more attention to security in this sector. Device X is one of the secret strategic communication tools used in Indonesia. The XYZ Agency initiated the use of this device. As of 2020, there have been 1,284 units of Device X widely used by the army, police officers, and other strategic agencies in Indonesia. In its 5 years of operation, the XYZ Agency has researched the algorithm security used in Device X. However, there has never been a study of thwe security regarding the authentication and communication protocols of this device. This research aims to make a security analysis of voice communication and authentication protocols of Device X. The research was implemented using Scyther Tool as a formal verification approach. The analysis focuses on guaranteeing the confidentiality of information and authentication with four criteria, namely, secrecy, aliveness, synchronization, and agreement. The experimental results demonstrate that the authentication and voice communication protocol of Device X satisfy the secrecy criteria for transmitted confidential information but does not satisfy the criteria of aliveness, synchronization, and agreement on several entities involved in the protocol. Thus, it can be claimed that the authentication and voice communication protocol of Device X is provably secure based on the confidentiality aspect of information but is not secure in terms of authentication.

Original languageEnglish
Title of host publicationThe 5th International Conference on Information Technology and Digital Applications (ICITDA 2020)
Pages012057
Volume1077
Edition1
DOIs
Publication statusPublished - 1 Feb 2021

Fingerprint

Dive into the research topics of 'Formal Verification of the Authentication and Voice Communication Protocol Security on Device X Using Scyther Tool'. Together they form a unique fingerprint.

Cite this