154 research outputs found
A framework for proving the correctness of cryptographic protocol properties by linear temporal logic
In this paper, a framework for cryptographic protocol analysis using linear temporal logic is proposed. The framework can be used to specify and analyse security protocols. It aims to investigate and analyse the security protocols properties that are secure or have any flaws. The framework extends the linear temporal logic by including the knowledge of participants in each status that may change over the time. It includes two main parts, the Language of Temporal Logic (LTL) and the domain knowledge. The ability of the framework is demonstrated by analysing the Needham-Schroeder public key protocol and the Andrew Secure RPC protocol as examples
On non-abelian homomorphic public-key cryptosystems
An important problem of modern cryptography concerns secret public-key
computations in algebraic structures. We construct homomorphic cryptosystems
being (secret) epimorphisms f:G --> H, where G, H are (publically known) groups
and H is finite. A letter of a message to be encrypted is an element h element
of H, while its encryption g element of G is such that f(g)=h. A homomorphic
cryptosystem allows one to perform computations (operating in a group G) with
encrypted information (without knowing the original message over H).
In this paper certain homomorphic cryptosystems are constructed for the first
time for non-abelian groups H (earlier, homomorphic cryptosystems were known
only in the Abelian case). In fact, we present such a system for any solvable
(fixed) group H.Comment: 15 pages, LaTe
Homomorphic public-key cryptosystems and encrypting boolean circuits
In this paper homomorphic cryptosystems are designed for the first time over
any finite group. Applying Barrington's construction we produce for any boolean
circuit of the logarithmic depth its encrypted simulation of a polynomial size
over an appropriate finitely generated group
Modeling Adversaries in a Logic for Security Protocol Analysis
Logics for security protocol analysis require the formalization of an
adversary model that specifies the capabilities of adversaries. A common model
is the Dolev-Yao model, which considers only adversaries that can compose and
replay messages, and decipher them with known keys. The Dolev-Yao model is a
useful abstraction, but it suffers from some drawbacks: it cannot handle the
adversary knowing protocol-specific information, and it cannot handle
probabilistic notions, such as the adversary attempting to guess the keys. We
show how we can analyze security protocols under different adversary models by
using a logic with a notion of algorithmic knowledge. Roughly speaking,
adversaries are assumed to use algorithms to compute their knowledge; adversary
capabilities are captured by suitable restrictions on the algorithms used. We
show how we can model the standard Dolev-Yao adversary in this setting, and how
we can capture more general capabilities including protocol-specific knowledge
and guesses.Comment: 23 pages. A preliminary version appeared in the proceedings of
FaSec'0
Nondeterministic functions and the existence of optimal proof systems
We provide new characterizations of two previously studied questions on nondeterministic function classes: Q1: Do nondeterministic functions admit efficient deterministic refinements? Q2: Do nondeterministic function classes contain complete functions? We show that Q1 for the class is equivalent to the question whether the standard proof system for SAT is p-optimal, and to the assumption that every optimal proof system is p-optimal. Assuming only the existence of a p-optimal proof system for SAT, we show that every set with an optimal proof system has a p-optimal proof system. Under the latter assumption, we also obtain a positive answer to Q2 for the class . An alternative view on nondeterministic functions is provided by disjoint sets and tuples. We pursue this approach for disjoint -pairs and its generalizations to tuples of sets from and with disjointness conditions of varying strength. In this way, we obtain new characterizations of Q2 for the class . Question Q1 for is equivalent to the question of whether every disjoint -pair is easy to separate. In addition, we characterize this problem by the question of whether every propositional proof system has the effective interpolation property. Again, these interpolation properties are intimately connected to disjoint -pairs, and we show how different interpolation properties can be modeled by -pairs associated with the underlying proof system
Discovering, quantifying, and displaying attacks
In the design of software and cyber-physical systems, security is often
perceived as a qualitative need, but can only be attained quantitatively.
Especially when distributed components are involved, it is hard to predict and
confront all possible attacks. A main challenge in the development of complex
systems is therefore to discover attacks, quantify them to comprehend their
likelihood, and communicate them to non-experts for facilitating the decision
process. To address this three-sided challenge we propose a protection analysis
over the Quality Calculus that (i) computes all the sets of data required by an
attacker to reach a given location in a system, (ii) determines the cheapest
set of such attacks for a given notion of cost, and (iii) derives an attack
tree that displays the attacks graphically. The protection analysis is first
developed in a qualitative setting, and then extended to quantitative settings
following an approach applicable to a great many contexts. The quantitative
formulation is implemented as an optimisation problem encoded into
Satisfiability Modulo Theories, allowing us to deal with complex cost
structures. The usefulness of the framework is demonstrated on a national-scale
authentication system, studied through a Java implementation of the framework.Comment: LMCS SPECIAL ISSUE FORTE 201
The Art of Tokenization: Blockchain Affordances and the Invention of Future Milieus
International audienceTen years after the introduction of the Bitcoin protocol, an increasing number of art-tech startups and more or less independent initiatives have begun to explore second-generation blockchains such as Ethereum and the emergent practice of tokenization (i.e., the issuance of new cryptoassets primarily to self-fund decentralized projects) as a means to intervene in the structures and processes underlying the rampant financialization of art. Yet amidst the volatility of the cryptocurrency market, tokenization has been critiqued as a way to reinscribe and proliferate current financial logics in this new space. Acknowledging such critiques, in this essay I foreground the novelty of cryptotokens and blockchains by exploring different examples of how tokenization has been deployed in the art market-milieu. In spite of recent attempts to extend the scarcity-based paradigm to blockchains, I argue that cryptotokens do introduce differences in kind in the ways in which value generation and distribution are expressed and accounted for in digital environments. In this context, artistic approaches to tokenization can illuminate new aspects of the affordances of these technologies, toward the disintermediation of art production and its networked value from the current institutional-financial milieu. This can open up new ways to reimagine and reprogram financial and social relations, and gesture toward new opportunities and challenges for a practice of digital design focused on the ideation and realization of cryptoeconomic systems
- …