82 research outputs found
Study of Tools Interoperability
Interoperability of tools usually refers to a combination of methods and techniques that address the problem of making a collection of tools to work together. In this study we survey different notions that are used in this context: interoperability, interaction and integration. We point out relation between these notions, and how it maps to the interoperability problem.
We narrow the problem area to the tools development in academia. Tools developed in such environment have a small basis for development, documentation and maintenance. We scrutinise some of the problems and potential solutions related with tools interoperability in such environment. Moreover, we look at two tools developed in the Formal Methods and Tools group1, and analyse the use of different integration techniques
An example of proving UC-realization with formal methods
In the universal composability framework we consider ideal functionalities for secure messaging and signcryption. Using traditional formal methods techniques we show that the secure messaging functionality can be UC-realized by a hybrid protocol that uses the signcryption functionality and a public key infrastructure functionality. We also discuss that the signcryption functionality can be UC-realized by a secure signcryption scheme
How to Work with Honest but Curious Judges? (Preliminary Report)
The three-judges protocol, recently advocated by Mclver and Morgan as an
example of stepwise refinement of security protocols, studies how to securely
compute the majority function to reach a final verdict without revealing each
individual judge's decision. We extend their protocol in two different ways for
an arbitrary number of 2n+1 judges. The first generalisation is inherently
centralised, in the sense that it requires a judge as a leader who collects
information from others, computes the majority function, and announces the
final result. A different approach can be obtained by slightly modifying the
well-known dining cryptographers protocol, however it reveals the number of
votes rather than the final verdict. We define a notion of conditional
anonymity in order to analyse these two solutions. Both of them have been
checked in the model checker MCMAS
Cones and foci for protocol verification revisited
We define a cones and foci proof method, which rephrases the question whether two system specifications are branching bisimilar in terms of proof obligations on relations between data objects. Compared to the original cones and foci method from Groote and Springintveld cite{GroSpr01}, our method is more generally applicable, and does not require a preprocessing step to eliminate -loops. We prove soundness of our approach and give an application
08332 Abstracts Collection -- Distributed Verification and Grid Computing
From 08/10/2008 to 08/14/2008 the Dagstuhl Seminar 08332 ``Distributed Verification and Grid Computing\u27\u27 was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl.
During the seminar, several participants presented their current
research, and ongoing work and open problems were discussed. Abstracts of
the presentations given during the seminar as well as abstracts of
seminar results and ideas are put together in this paper. The first section
describes the seminar topics and goals in general.
Links to extended abstracts or full papers are provided, if available
A linear process algebraic format for probabilistic systems with data
This paper presents a novel linear process algebraic format for probabilistic automata. The key ingredient is a symbolic transformation of probabilistic process algebra terms that incorporate data into this linear format while preserving strong probabilistic bisimulation. This generalises similar techniques for traditional process algebras with data, and â more importantly â treats data and data-dependent probabilistic choice in a fully symbolic manner, paving the way to the symbolic analysis of parameterised probabilistic systems
Formell Modellering och Verifiering av EAP-NOOB Protokollet
The expansion of the Internet of Things (IoT) has resulted in an increasing number of new devices communicating independently over the network with each other and with servers. This has created a need for protocols to manage the swiftly growing network. Consequently, formal verification methods have become an important part of the development process of network systems and protocols. Before implementation, the specification itself has to be shown to be reliable and secure.
Nimble out-of-band authentication for EAP (EAP-NOOB) is a protocol for bootstrapping IoT devices with a minimal user interface and no pre-configured credentials. In this thesis, we create a symbolic model of the EAP-NOOB protocol with the mCRL2 modelling language and verify both its correct operation and its liveness properties with exhaustive state space exploration and model checking. Major findings relate to the recovery of the protocol after lost or corrupted messages, which could be exploited for denial-of-service attacks. We contribute to the standardisation process of the protocol by model checking the current draft specification and by suggesting improvements and clarifications to the next version. Finally, we verify the changes made to the protocol and show that they improve the overall reliability and fix the detected issues. Moreover, while modelling the protocol, we found various underspecified features and ambiguities that needed to be clarified. Furthermore, we create a test suite for testing the cryptographic implementation. By comparing message logs from the implementation with output generated by our test script, we find that incompatibilities between cryptographic libraries sometimes resulted in protocol failures.Utvidgandet av sakernas internet (IoT) har resulterat i en ökning av nya fristÄende apparater som kommunicerar med varandra och med servrar. Detta har skapat ett behov av protokoll för att upprÀtthÄlla det vÀxande nÀtverket. Följaktligen har anvÀndning av formell verifiering blivit en viktig del av utvecklingsprocessen av nÀtverkssystem och protokoll. Innan ett protokoll implementeras, mÄste sjÀlva specifikationen bevisas vara pÄlitlig och sÀker.
Nimble out-of-band authentication for EAP (EAP-NOOB) Àr ett protokoll för koppling av IoT-apparater med ett minimalt anvÀndargrÀnssnitt och inga förhandskonfigurerade kreditiv. I detta examensarbete skapar vi en symbolisk modell av EAP-NOOB-protokollet med mCRL2 sprÄket och verifierar diverse egenskaper genom tillstÄndsutforskning. Vi bidrar till protokollets standardiseringsprocess med förÀndringsförslag, visar att de förbÀttrar protokollets tillförlitlighet och korrigerar de upptÀckta problemen. I samband med verifieringsprocessen hittade vi diverse tvetydigheter i specifikationen som korrigerades. Ytterligare presenterar vi ett testprogram för kryptografisk verifiering och datagenerering. Genom att jÀmföra loggfiler frÄn implementeringen med vÄra genererade data visar vi att det existerar inkompatibiliteter mellan kryptografiska programbibliotek
Keeping Fairness Alive : Design and formal verification of optimistic fair exchange protocols
Fokkink, W.J. [Promotor]Pol, J.C. van de [Promotor
- âŠ