5,124 research outputs found
Proof Theory, Transformations, and Logic Programming for Debugging Security Protocols
We define a sequent calculus to formally specify, simulate, debug and verify security protocols. In our sequents we distinguish between the current knowledge of principals and the current global state of the session. Hereby, we can describe the operational semantics of principals and of an intruder in a simple and modular way. Furthermore, using proof theoretic tools like the analysis of permutability of rules, we are able to find efficient proof strategies that we prove complete for special classes of security protocols including Needham-Schroeder. Based on the results of this preliminary analysis, we have implemented a Prolog meta-interpreter which allows for rapid prototyping and for checking safety properties of security protocols, and we have applied it for finding error traces and proving correctness of practical examples
Key Substitution in the Symbolic Analysis of Cryptographic Protocols (extended version)
Key substitution vulnerable signature schemes are signature schemes that
permit an intruder, given a public verification key and a signed message, to
compute a pair of signature and verification keys such that the message appears
to be signed with the new signature key. A digital signature scheme is said to
be vulnerable to destructive exclusive ownership property (DEO) If it is
computationaly feasible for an intruder, given a public verification key and a
pair of message and its valid signature relatively to the given public key, to
compute a pair of signature and verification keys and a new message such that
the given signature appears to be valid for the new message relatively to the
new verification key. In this paper, we prove decidability of the insecurity
problem of cryptographic protocols where the signature schemes employed in the
concrete realisation have this two properties
Compiling symbolic attacks to protocol implementation tests
Recently efficient model-checking tools have been developed to find flaws in
security protocols specifications. These flaws can be interpreted as potential
attacks scenarios but the feasability of these scenarios need to be confirmed
at the implementation level. However, bridging the gap between an abstract
attack scenario derived from a specification and a penetration test on real
implementations of a protocol is still an open issue. This work investigates an
architecture for automatically generating abstract attacks and converting them
to concrete tests on protocol implementations. In particular we aim to improve
previously proposed blackbox testing methods in order to discover automatically
new attacks and vulnerabilities. As a proof of concept we have experimented our
proposed architecture to detect a renegotiation vulnerability on some
implementations of SSL/TLS, a protocol widely used for securing electronic
transactions.Comment: In Proceedings SCSS 2012, arXiv:1307.802
Heuristic Methods for Security Protocols
Model checking is an automatic verification technique to verify hardware and
software systems. However it suffers from state-space explosion problem. In
this paper we address this problem in the context of cryptographic protocols by
proposing a security property-dependent heuristic. The heuristic weights the
state space by exploiting the security formulae; the weights may then be used
to explore the state space when searching for attacks
- …