3,913 research outputs found
Computationally Sound Compositional Logic for Security Protocols
We have been developing a cryptographically sound formal logic for proving protocol security properties without explicitly reasoning about probability, asymptotic complexity, or the actions of a malicious attacker. The approach rests on a probabilistic, polynomial-time semantics for a protocol security logic that was originally developed using nondeterministic symbolic semantics. This workshop presentation will discuss ways in which the computational semantics lead to different reasoning methods and report our progress to date in several directions. One significant difference between the symbolic and computational settings results from the computational difference between efficiently recognizing and efficiently producing a value. Among the more recent developments are a compositional method for proving cryptographically sound properties of key exchange protocols, and some work on secrecy properties that illustrates the computational interpretation of inductive properties of protocol roles
A mechanized proof of loop freedom of the (untimed) AODV routing protocol
The Ad hoc On-demand Distance Vector (AODV) routing protocol allows the nodes
in a Mobile Ad hoc Network (MANET) or a Wireless Mesh Network (WMN) to know
where to forward data packets. Such a protocol is 'loop free' if it never leads
to routing decisions that forward packets in circles. This paper describes the
mechanization of an existing pen-and-paper proof of loop freedom of AODV in the
interactive theorem prover Isabelle/HOL. The mechanization relies on a novel
compositional approach for lifting invariants to networks of nodes. We exploit
the mechanization to analyse several improvements of AODV and show that
Isabelle/HOL can re-establish most proof obligations automatically and identify
exactly the steps that are no longer valid.Comment: The Isabelle/HOL source files, and a full proof document, are
available in the Archive of Formal Proofs, at
http://afp.sourceforge.net/entries/AODV.shtm
Proceedings of International Workshop "Global Computing: Programming Environments, Languages, Security and Analysis of Systems"
According to the IST/ FET proactive initiative on GLOBAL COMPUTING, the goal is to obtain techniques (models, frameworks, methods, algorithms) for constructing systems that are flexible, dependable, secure, robust and efficient.
The dominant concerns are not those of representing and manipulating data efficiently but rather those of handling the co-ordination and interaction, security, reliability, robustness, failure modes, and control of risk of the entities in the system and the overall design, description and performance of the system itself.
Completely different paradigms of computer science may have to be developed to tackle these issues effectively. The research should concentrate on systems having the following characteristics: • The systems are composed of autonomous computational entities where activity is not centrally controlled, either because global control is impossible or impractical, or because the entities are created or controlled by different owners.
• The computational entities are mobile, due to the movement of the physical platforms or by movement of the entity from one platform to another.
• The configuration varies over time. For instance, the system is open to the introduction of new computational entities and likewise their deletion.
The behaviour of the entities may vary over time.
• The systems operate with incomplete information about the environment.
For instance, information becomes rapidly out of date and mobility requires information about the environment to be discovered.
The ultimate goal of the research action is to provide a solid scientific foundation for the design of such systems, and to lay the groundwork for achieving effective principles for building and analysing such systems.
This workshop covers the aspects related to languages and programming environments as well as analysis of systems and resources involving 9 projects (AGILE , DART, DEGAS , MIKADO, MRG, MYTHS, PEPITO, PROFUNDIS, SECURE) out of the 13 founded under the initiative. After an year from the start of the projects, the goal of the workshop is to fix the state of the art on the topics covered by the two clusters related to programming environments and analysis of systems as well as to devise strategies and new ideas to profitably continue the research effort towards the overall objective of the initiative.
We acknowledge the Dipartimento di Informatica and Tlc of the University of Trento, the Comune di Rovereto, the project DEGAS for partially funding the event and the Events and Meetings Office of the University of Trento for the valuable collaboration
Mechanizing a Process Algebra for Network Protocols
This paper presents the mechanization of a process algebra for Mobile Ad hoc
Networks and Wireless Mesh Networks, and the development of a compositional
framework for proving invariant properties. Mechanizing the core process
algebra in Isabelle/HOL is relatively standard, but its layered structure
necessitates special treatment. The control states of reactive processes, such
as nodes in a network, are modelled by terms of the process algebra. We propose
a technique based on these terms to streamline proofs of inductive invariance.
This is not sufficient, however, to state and prove invariants that relate
states across multiple processes (entire networks). To this end, we propose a
novel compositional technique for lifting global invariants stated at the level
of individual nodes to networks of nodes.Comment: This paper is an extended version of arXiv:1407.3519. The
Isabelle/HOL source files, and a full proof document, are available in the
Archive of Formal Proofs, at http://afp.sourceforge.net/entries/AWN.shtm
Actor Network Procedures as Psi-calculi for Security Ceremonies
The actor network procedures of Pavlovic and Meadows are a recent graphical
formalism developed for describing security ceremonies and for reasoning about
their security properties. The present work studies the relations of the actor
network procedures (ANP) to the recent psi-calculi framework. Psi-calculi is a
parametric formalism where calculi like spi- or applied-pi are found as
instances. Psi-calculi are operational and largely non-graphical, but have
strong foundation based on the theory of nominal sets and process algebras. One
purpose of the present work is to give a semantics to ANP through psi-calculi.
Another aim was to give a graphical language for a psi-calculus instance for
security ceremonies. At the same time, this work provides more insight into the
details of the ANPs formalization and the graphical representation.Comment: In Proceedings GraMSec 2014, arXiv:1404.163
A Hybrid Analysis for Security Protocols with State
Cryptographic protocols rely on message-passing to coordinate activity among
principals. Each principal maintains local state in individual local sessions
only as needed to complete that session. However, in some protocols a principal
also uses state to coordinate its different local sessions. Sometimes the
non-local, mutable state is used as a means, for example with smart cards or
Trusted Platform Modules. Sometimes it is the purpose of running the protocol,
for example in commercial transactions.
Many richly developed tools and techniques, based on well-understood
foundations, are available for design and analysis of pure message-passing
protocols. But the presence of cross-session state poses difficulties for these
techniques.
In this paper we provide a framework for modeling stateful protocols. We
define a hybrid analysis method. It leverages theorem-proving---in this
instance, the PVS prover---for reasoning about computations over state. It
combines that with an "enrich-by-need" approach---embodied by CPSA---that
focuses on the message-passing part. As a case study we give a full analysis of
the Envelope Protocol, due to Mark Ryan
- …