4,756 research outputs found
Automatic Methods for Analyzing Non-repudiation Protocole with an Active Intruder
International audienceNon-repudiation protocols have an important role in many areas where secured transactions with proofs of participation are necessary. Formal methods are clever and without error, therefore using them for verifying such protocols is crucial. In this purpose, we show how to partially represent non-repudiation as a combination of authentications on the Fair Zhou-Gollmann protocol. After discussing the limitations of this method, we define a new one based on the handling of the knowledge of protocol participants. This second method is general and of natural use, as it consists in adding simple annotations in the protocol specification. It is very easy to implement in tools able to handle participants knowledge. We have implemented it in the AVISPA Tool and analyzed the optimistic Cederquist-Corin-Dashti protocol, discovering two attacks. This extension of the AVISPA Tool for handling non-repudiation opens a highway to the specification of many other properties, without any more change in the tool itself
Verification and Control of Partially Observable Probabilistic Real-Time Systems
We propose automated techniques for the verification and control of
probabilistic real-time systems that are only partially observable. To formally
model such systems, we define an extension of probabilistic timed automata in
which local states are partially visible to an observer or controller. We give
a probabilistic temporal logic that can express a range of quantitative
properties of these models, relating to the probability of an event's
occurrence or the expected value of a reward measure. We then propose
techniques to either verify that such a property holds or to synthesise a
controller for the model which makes it true. Our approach is based on an
integer discretisation of the model's dense-time behaviour and a grid-based
abstraction of the uncountable belief space induced by partial observability.
The latter is necessarily approximate since the underlying problem is
undecidable, however we show how both lower and upper bounds on numerical
results can be generated. We illustrate the effectiveness of the approach by
implementing it in the PRISM model checker and applying it to several case
studies, from the domains of computer security and task scheduling
Automatic Methods for Analyzing Non-Repudiation Protocols with an Active Intruder
Non-repudiation protocols have an important role in many areas where secured
transactions with proofs of participation are necessary. Formal methods are
clever and without error, therefore using them for verifying such protocols is
crucial. In this purpose, we show how to partially represent non-repudiation as
a combination of authentications on the Fair Zhou-Gollmann protocol. After
discussing its limits, we define a new method based on the handling of the
knowledge of protocol participants. This method is very general and is of
natural use, as it consists in adding simple annotations, like for
authentication problems. The method is very easy to implement in tools able to
handle participants knowledge. We have implemented it in the AVISPA Tool and
analyzed the optimistic Cederquist-Corin- Dashti protocol, discovering two
unknown attacks. This extension of the AVISPA Tool for handling non-repudiation
opens a highway to the specification of many other properties, without any more
change in the tool itself
Temporal verification in secure group communication system design
The paper discusses an experience in using a real-time UML/SysML profile and a formal verification toolkit to check a secure group communication system against temporal requirements. A generic framework is proposed and specialized for hierarchical groups
Study for Automatically Analysing Non-repudiation
While security issues such as secrecy and authentication have been studied intensively, most interest in non-repudiation protocols has only come in recent years. Non-repudiation services must ensure that when two parties exchange informations over a network, neither one nor the other can deny having participated in this communication. Consequently a non-repudiation protocol has to generate evidences of participation to be used in the case of a dispute. In this paper, we present a description of non-repudiation services, and illustrate them on the Fair Zhou-Gollmann protocol. Then we show how to define non-repudiation properties with the AVISPA tool and explain how they can be automatically verified
- …