Study of Tools Interoperability

Interoperability of tools usually refers to a combination of methods and techniques that address the problem of making a collection of tools to work together. In this study we survey different notions that are used in this context: interoperability, interaction and integration. We point out relation between these notions, and how it maps to the interoperability problem. We narrow the problem area to the tools development in academia. Tools developed in such environment have a small basis for development, documentation and maintenance. We scrutinise some of the problems and potential solutions related with tools interoperability in such environment. Moreover, we look at two tools developed in the Formal Methods and Tools group1, and analyse the use of different integration techniques

An example of proving UC-realization with formal methods

In the universal composability framework we consider ideal functionalities for secure messaging and signcryption. Using traditional formal methods techniques we show that the secure messaging functionality can be UC-realized by a hybrid protocol that uses the signcryption functionality and a public key infrastructure functionality. We also discuss that the signcryption functionality can be UC-realized by a secure signcryption scheme

How to Work with Honest but Curious Judges? (Preliminary Report)

The three-judges protocol, recently advocated by Mclver and Morgan as an example of stepwise refinement of security protocols, studies how to securely compute the majority function to reach a final verdict without revealing each individual judge's decision. We extend their protocol in two different ways for an arbitrary number of 2n+1 judges. The first generalisation is inherently centralised, in the sense that it requires a judge as a leader who collects information from others, computes the majority function, and announces the final result. A different approach can be obtained by slightly modifying the well-known dining cryptographers protocol, however it reveals the number of votes rather than the final verdict. We define a notion of conditional anonymity in order to analyse these two solutions. Both of them have been checked in the model checker MCMAS

Cones and foci for protocol verification revisited

We define a cones and foci proof method, which rephrases the question whether two system specifications are branching bisimilar in terms of proof obligations on relations between data objects. Compared to the original cones and foci method from Groote and Springintveld cite{GroSpr01}, our method is more generally applicable, and does not require a preprocessing step to eliminate $au$-loops. We prove soundness of our approach and give an application

08332 Abstracts Collection -- Distributed Verification and Grid Computing

From 08/10/2008 to 08/14/2008 the Dagstuhl Seminar 08332 ``Distributed Verification and Grid Computing\u27\u27 was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available

A linear process algebraic format for probabilistic systems with data

This paper presents a novel linear process algebraic format for probabilistic automata. The key ingredient is a symbolic transformation of probabilistic process algebra terms that incorporate data into this linear format while preserving strong probabilistic bisimulation. This generalises similar techniques for traditional process algebras with data, and — more importantly — treats data and data-dependent probabilistic choice in a fully symbolic manner, paving the way to the symbolic analysis of parameterised probabilistic systems

Formell Modellering och Verifiering av EAP-NOOB Protokollet

The expansion of the Internet of Things (IoT) has resulted in an increasing number of new devices communicating independently over the network with each other and with servers. This has created a need for protocols to manage the swiftly growing network. Consequently, formal verification methods have become an important part of the development process of network systems and protocols. Before implementation, the specification itself has to be shown to be reliable and secure. Nimble out-of-band authentication for EAP (EAP-NOOB) is a protocol for bootstrapping IoT devices with a minimal user interface and no pre-configured credentials. In this thesis, we create a symbolic model of the EAP-NOOB protocol with the mCRL2 modelling language and verify both its correct operation and its liveness properties with exhaustive state space exploration and model checking. Major findings relate to the recovery of the protocol after lost or corrupted messages, which could be exploited for denial-of-service attacks. We contribute to the standardisation process of the protocol by model checking the current draft specification and by suggesting improvements and clarifications to the next version. Finally, we verify the changes made to the protocol and show that they improve the overall reliability and fix the detected issues. Moreover, while modelling the protocol, we found various underspecified features and ambiguities that needed to be clarified. Furthermore, we create a test suite for testing the cryptographic implementation. By comparing message logs from the implementation with output generated by our test script, we find that incompatibilities between cryptographic libraries sometimes resulted in protocol failures.Utvidgandet av sakernas internet (IoT) har resulterat i en ökning av nya fristående apparater som kommunicerar med varandra och med servrar. Detta har skapat ett behov av protokoll för att upprätthålla det växande nätverket. Följaktligen har användning av formell verifiering blivit en viktig del av utvecklingsprocessen av nätverkssystem och protokoll. Innan ett protokoll implementeras, måste själva specifikationen bevisas vara pålitlig och säker. Nimble out-of-band authentication for EAP (EAP-NOOB) är ett protokoll för koppling av IoT-apparater med ett minimalt användargränssnitt och inga förhandskonfigurerade kreditiv. I detta examensarbete skapar vi en symbolisk modell av EAP-NOOB-protokollet med mCRL2 språket och verifierar diverse egenskaper genom tillståndsutforskning. Vi bidrar till protokollets standardiseringsprocess med förändringsförslag, visar att de förbättrar protokollets tillförlitlighet och korrigerar de upptäckta problemen. I samband med verifieringsprocessen hittade vi diverse tvetydigheter i specifikationen som korrigerades. Ytterligare presenterar vi ett testprogram för kryptografisk verifiering och datagenerering. Genom att jämföra loggfiler från implementeringen med våra genererade data visar vi att det existerar inkompatibiliteter mellan kryptografiska programbibliotek

Keeping Fairness Alive : Design and formal verification of optimistic fair exchange protocols

Fokkink, W.J. [Promotor]Pol, J.C. van de [Promotor