19,523 research outputs found
A Hybrid Analysis for Security Protocols with State
Cryptographic protocols rely on message-passing to coordinate activity among
principals. Each principal maintains local state in individual local sessions
only as needed to complete that session. However, in some protocols a principal
also uses state to coordinate its different local sessions. Sometimes the
non-local, mutable state is used as a means, for example with smart cards or
Trusted Platform Modules. Sometimes it is the purpose of running the protocol,
for example in commercial transactions.
Many richly developed tools and techniques, based on well-understood
foundations, are available for design and analysis of pure message-passing
protocols. But the presence of cross-session state poses difficulties for these
techniques.
In this paper we provide a framework for modeling stateful protocols. We
define a hybrid analysis method. It leverages theorem-proving---in this
instance, the PVS prover---for reasoning about computations over state. It
combines that with an "enrich-by-need" approach---embodied by CPSA---that
focuses on the message-passing part. As a case study we give a full analysis of
the Envelope Protocol, due to Mark Ryan
Composability in quantum cryptography
In this article, we review several aspects of composability in the context of
quantum cryptography. The first part is devoted to key distribution. We discuss
the security criteria that a quantum key distribution protocol must fulfill to
allow its safe use within a larger security application (e.g., for secure
message transmission). To illustrate the practical use of composability, we
show how to generate a continuous key stream by sequentially composing rounds
of a quantum key distribution protocol. In a second part, we take a more
general point of view, which is necessary for the study of cryptographic
situations involving, for example, mutually distrustful parties. We explain the
universal composability framework and state the composition theorem which
guarantees that secure protocols can securely be composed to larger
applicationsComment: 18 pages, 2 figure
Orthogonal-state-based cryptography in quantum mechanics and local post-quantum theories
We introduce the concept of cryptographic reduction, in analogy with a
similar concept in computational complexity theory. In this framework, class
of crypto-protocols reduces to protocol class in a scenario , if for
every instance of , there is an instance of and a secure
transformation that reproduces given , such that the security of
guarantees the security of . Here we employ this reductive framework to
study the relationship between security in quantum key distribution (QKD) and
quantum secure direct communication (QSDC). We show that replacing the
streaming of independent qubits in a QKD scheme by block encoding and
transmission (permuting the order of particles block by block) of qubits, we
can construct a QSDC scheme. This forms the basis for the \textit{block
reduction} from a QSDC class of protocols to a QKD class of protocols, whereby
if the latter is secure, then so is the former. Conversely, given a secure QSDC
protocol, we can of course construct a secure QKD scheme by transmitting a
random key as the direct message. Then the QKD class of protocols is secure,
assuming the security of the QSDC class which it is built from. We refer to
this method of deduction of security for this class of QKD protocols, as
\textit{key reduction}. Finally, we propose an orthogonal-state-based
deterministic key distribution (KD) protocol which is secure in some local
post-quantum theories. Its security arises neither from geographic splitting of
a code state nor from Heisenberg uncertainty, but from post-measurement
disturbance.Comment: 12 pages, no figure, this is a modified version of a talk delivered
by Anirban Pathak at Quantum 2014, INRIM, Turin, Italy. This version is
published in Int. J. Quantum. Info
Formally based semi-automatic implementation of an open security protocol
International audienceThis paper presents an experiment in which an implementation of the client side of the SSH Transport Layer Protocol (SSH-TLP) was semi-automatically derived according to a model-driven development paradigm that leverages formal methods in order to obtain high correctness assurance. The approach used in the experiment starts with the formalization of the protocol at an abstract level. This model is then formally proved to fulfill the desired secrecy and authentication properties by using the ProVerif prover. Finally, a sound Java implementation is semi-automatically derived from the verified model using an enhanced version of the Spi2Java framework. The resulting implementation correctly interoperates with third party servers, and its execution time is comparable with that of other manually developed Java SSH-TLP client implementations. This case study demonstrates that the adopted model-driven approach is viable even for a real security protocol, despite the complexity of the models needed in order to achieve an interoperable implementation
Knowledge Flow Analysis for Security Protocols
Knowledge flow analysis offers a simple and flexible way to find flaws in
security protocols. A protocol is described by a collection of rules
constraining the propagation of knowledge amongst principals. Because this
characterization corresponds closely to informal descriptions of protocols, it
allows a succinct and natural formalization; because it abstracts away message
ordering, and handles communications between principals and applications of
cryptographic primitives uniformly, it is readily represented in a standard
logic. A generic framework in the Alloy modelling language is presented, and
instantiated for two standard protocols, and a new key management scheme.Comment: 20 page
Recommended from our members
A framework for proving the correctness of cryptographic protocol properties by linear temporal logic
In this paper, a framework for cryptographic protocol analysis using linear temporal logic is proposed. The framework can be used to specify and analyse security protocols. It aims to investigate and analyse the security protocols properties that are secure or have any flaws. The framework extends the linear temporal logic by including the knowledge of participants in each status that may change over the time. It includes two main parts, the Language of Temporal Logic (LTL) and the domain knowledge. The ability of the framework is demonstrated by analysing the Needham-Schroeder public key protocol and the Andrew Secure RPC protocol as examples
Formal Verification of Security Protocol Implementations: A Survey
Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implementations. This paper surveys these attempts, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography. According to these approaches, libraries are assumed to correctly implement some models. The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approac
A Security Framework for JXTA-Overlay
En l'actualitat, la maduresa del camp de la investigació P2P empès a través de nous problemes, relacionats amb la seguretat. Per aquesta raó, la seguretat comença a convertir-se en una de les qüestions clau en l'avaluació d'un sistema P2P, i és important proporcionar mecanismes de seguretat per a sistemes P2P. El projecte JXTAOverlay fa un esforç per utilitzar la tecnologia JXTA per proporcionar un conjunt genèric de funcions que poden ser utilitzades pels desenvolupadors per desplegar aplicacions P2P. No obstant això, encara que el seu disseny es va centrar en qüestions com ara l'escalabilitat o el rendiment general, no va tenir en compte la seguretat. Aquest treball proposa un marc de seguretat, adaptat específicament a la idiosincràsia del JXTAOverlay.At present time, the maturity of P2P research field has pushed through new problems such us those related with security. For that reason, security starts to become one of the key issues when evaluating a P2P system and it is important to provide security mechanisms to P2P systems. The JXTAOverlay project is an effort to use JXTA technology to provide a generic set of functionalities that can be used by developers to deploy P2P applications. However, since its design focused on issues such as scalability or overall performance, it did not take security into account. This work proposes a security framework specifically suited to JXTAOverlay¿s idiosyncrasies.En la actualidad, la madurez del campo de la investigación P2P empujado a través de nuevos problemas, relacionados con la seguridad. Por esta razón, la seguridad comienza a convertirse en una de las cuestiones clave en la evaluación de un sistema P2P, y es importante proporcionar mecanismos de seguridad para sistemas P2P. El proyecto JXTAOverlay hace un esfuerzo por utilizar la tecnología JXTA para proporcionar un conjunto genérico de funciones que pueden ser utilizadas por los desarrolladores para desplegar aplicaciones P2P. Sin embargo, aunque su diseño se centró en cuestiones como la escalabilidad o el rendimiento general, no tuvo en cuenta la seguridad. Este trabajo propone un marco de seguridad, adaptado específicamente a la idiosincrasia del JXTAOverlay
Advanced Features in Protocol Verification: Theory, Properties, and Efficiency in Maude-NPA
The area of formal analysis of cryptographic protocols has been an active
one since the mid 80’s. The idea is to verify communication protocols
that use encryption to guarantee secrecy and that use authentication of
data to ensure security. Formal methods are used in protocol analysis to
provide formal proofs of security, and to uncover bugs and security flaws
that in some cases had remained unknown long after the original protocol
publication, such as the case of the well known Needham-Schroeder
Public Key (NSPK) protocol. In this thesis we tackle problems regarding
the three main pillars of protocol verification: modelling capabilities,
verifiable properties, and efficiency.
This thesis is devoted to investigate advanced features in the analysis
of cryptographic protocols tailored to the Maude-NPA tool. This tool
is a model-checker for cryptographic protocol analysis that allows for
the incorporation of different equational theories and operates in the
unbounded session model without the use of data or control abstraction.
An important contribution of this thesis is relative to theoretical aspects
of protocol verification in Maude-NPA. First, we define a forwards
operational semantics, using rewriting logic as the theoretical framework
and the Maude programming language as tool support. This is the first
time that a forwards rewriting-based semantics is given for Maude-NPA.
Second, we also study the problem that arises in cryptographic protocol
analysis when it is necessary to guarantee that certain terms generated
during a state exploration are in normal form with respect to the protocol
equational theory.
We also study techniques to extend Maude-NPA capabilities to support
the verification of a wider class of protocols and security properties.
First, we present a framework to specify and verify sequential protocol
compositions in which one or more child protocols make use of information obtained from running a parent protocol. Second, we present a
theoretical framework to specify and verify protocol indistinguishability
in Maude-NPA. This kind of properties aim to verify that an attacker
cannot distinguish between two versions of a protocol: for example, one
using one secret and one using another, as it happens in electronic voting
protocols.
Finally, this thesis contributes to improve the efficiency of protocol
verification in Maude-NPA. We define several techniques which drastically
reduce the state space, and can often yield a finite state space,
so that whether the desired security property holds or not can in fact
be decided automatically, in spite of the general undecidability of such
problems.Santiago Pinazo, S. (2015). Advanced Features in Protocol Verification: Theory, Properties, and Efficiency in Maude-NPA [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/4852
- …