10,620 research outputs found
Knowledge Flow Analysis for Security Protocols
Knowledge flow analysis offers a simple and flexible way to find flaws in
security protocols. A protocol is described by a collection of rules
constraining the propagation of knowledge amongst principals. Because this
characterization corresponds closely to informal descriptions of protocols, it
allows a succinct and natural formalization; because it abstracts away message
ordering, and handles communications between principals and applications of
cryptographic primitives uniformly, it is readily represented in a standard
logic. A generic framework in the Alloy modelling language is presented, and
instantiated for two standard protocols, and a new key management scheme.Comment: 20 page
Formal Verification of Security Protocol Implementations: A Survey
Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implementations. This paper surveys these attempts, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography. According to these approaches, libraries are assumed to correctly implement some models. The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approac
High-level Cryptographic Abstractions
The interfaces exposed by commonly used cryptographic libraries are clumsy,
complicated, and assume an understanding of cryptographic algorithms. The
challenge is to design high-level abstractions that require minimum knowledge
and effort to use while also allowing maximum control when needed.
This paper proposes such high-level abstractions consisting of simple
cryptographic primitives and full declarative configuration. These abstractions
can be implemented on top of any cryptographic library in any language. We have
implemented these abstractions in Python, and used them to write a wide variety
of well-known security protocols, including Signal, Kerberos, and TLS.
We show that programs using our abstractions are much smaller and easier to
write than using low-level libraries, where size of security protocols
implemented is reduced by about a third on average. We show our implementation
incurs a small overhead, less than 5 microseconds for shared key operations and
less than 341 microseconds (< 1%) for public key operations. We also show our
abstractions are safe against main types of cryptographic misuse reported in
the literature
Analysis of the Security of BB84 by Model Checking
Quantum Cryptography or Quantum key distribution (QKD) is a technique that
allows the secure distribution of a bit string, used as key in cryptographic
protocols. When it was noted that quantum computers could break public key
cryptosystems based on number theory extensive studies have been undertaken on
QKD. Based on quantum mechanics, QKD offers unconditionally secure
communication. Now, the progress of research in this field allows the
anticipation of QKD to be available outside of laboratories within the next few
years. Efforts are made to improve the performance and reliability of the
implemented technologies. But several challenges remain despite this big
progress. The task of how to test the apparatuses of QKD For example did not
yet receive enough attention. These devises become complex and demand a big
verification effort. In this paper we are interested in an approach based on
the technique of probabilistic model checking for studying quantum information.
Precisely, we use the PRISM tool to analyze the security of BB84 protocol and
we are focused on the specific security property of eavesdropping detection. We
show that this property is affected by the parameters of quantum channel and
the power of eavesdropper.Comment: 12 Pages, IJNS
Shake well before use: Authentication based on Accelerometer Data
Small, mobile devices without user interfaces, such as Bluetooth headsets, often need to communicate securely over wireless networks. Active attacks can only be prevented by authenticating wireless communication, which is problematic when devices do not have any a priori information about each other. We introduce a new method for device-to-device authentication by shaking devices together. This paper describes two protocols for combining cryptographic authentication techniques with known methods of accelerometer data analysis to the effect of generating authenticated, secret keys. The protocols differ in their design, one being more conservative from a security point of view, while the other allows more dynamic interactions. Three experiments are used to optimize and validate our proposed authentication method
- ā¦