44,347 research outputs found
Applying Formal Methods to Networking: Theory, Techniques and Applications
Despite its great importance, modern network infrastructure is remarkable for
the lack of rigor in its engineering. The Internet which began as a research
experiment was never designed to handle the users and applications it hosts
today. The lack of formalization of the Internet architecture meant limited
abstractions and modularity, especially for the control and management planes,
thus requiring for every new need a new protocol built from scratch. This led
to an unwieldy ossified Internet architecture resistant to any attempts at
formal verification, and an Internet culture where expediency and pragmatism
are favored over formal correctness. Fortunately, recent work in the space of
clean slate Internet design---especially, the software defined networking (SDN)
paradigm---offers the Internet community another chance to develop the right
kind of architecture and abstractions. This has also led to a great resurgence
in interest of applying formal methods to specification, verification, and
synthesis of networking protocols and applications. In this paper, we present a
self-contained tutorial of the formidable amount of work that has been done in
formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial
Formal Verification of Security Protocol Implementations: A Survey
Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implementations. This paper surveys these attempts, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography. According to these approaches, libraries are assumed to correctly implement some models. The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approac
Analysis of the Security of BB84 by Model Checking
Quantum Cryptography or Quantum key distribution (QKD) is a technique that
allows the secure distribution of a bit string, used as key in cryptographic
protocols. When it was noted that quantum computers could break public key
cryptosystems based on number theory extensive studies have been undertaken on
QKD. Based on quantum mechanics, QKD offers unconditionally secure
communication. Now, the progress of research in this field allows the
anticipation of QKD to be available outside of laboratories within the next few
years. Efforts are made to improve the performance and reliability of the
implemented technologies. But several challenges remain despite this big
progress. The task of how to test the apparatuses of QKD For example did not
yet receive enough attention. These devises become complex and demand a big
verification effort. In this paper we are interested in an approach based on
the technique of probabilistic model checking for studying quantum information.
Precisely, we use the PRISM tool to analyze the security of BB84 protocol and
we are focused on the specific security property of eavesdropping detection. We
show that this property is affected by the parameters of quantum channel and
the power of eavesdropper.Comment: 12 Pages, IJNS
Proceedings of International Workshop "Global Computing: Programming Environments, Languages, Security and Analysis of Systems"
According to the IST/ FET proactive initiative on GLOBAL COMPUTING, the goal is to obtain techniques (models, frameworks, methods, algorithms) for constructing systems that are flexible, dependable, secure, robust and efficient.
The dominant concerns are not those of representing and manipulating data efficiently but rather those of handling the co-ordination and interaction, security, reliability, robustness, failure modes, and control of risk of the entities in the system and the overall design, description and performance of the system itself.
Completely different paradigms of computer science may have to be developed to tackle these issues effectively. The research should concentrate on systems having the following characteristics: • The systems are composed of autonomous computational entities where activity is not centrally controlled, either because global control is impossible or impractical, or because the entities are created or controlled by different owners.
• The computational entities are mobile, due to the movement of the physical platforms or by movement of the entity from one platform to another.
• The configuration varies over time. For instance, the system is open to the introduction of new computational entities and likewise their deletion.
The behaviour of the entities may vary over time.
• The systems operate with incomplete information about the environment.
For instance, information becomes rapidly out of date and mobility requires information about the environment to be discovered.
The ultimate goal of the research action is to provide a solid scientific foundation for the design of such systems, and to lay the groundwork for achieving effective principles for building and analysing such systems.
This workshop covers the aspects related to languages and programming environments as well as analysis of systems and resources involving 9 projects (AGILE , DART, DEGAS , MIKADO, MRG, MYTHS, PEPITO, PROFUNDIS, SECURE) out of the 13 founded under the initiative. After an year from the start of the projects, the goal of the workshop is to fix the state of the art on the topics covered by the two clusters related to programming environments and analysis of systems as well as to devise strategies and new ideas to profitably continue the research effort towards the overall objective of the initiative.
We acknowledge the Dipartimento di Informatica and Tlc of the University of Trento, the Comune di Rovereto, the project DEGAS for partially funding the event and the Events and Meetings Office of the University of Trento for the valuable collaboration
Model checking probabilistic and stochastic extensions of the pi-calculus
We present an implementation of model checking for probabilistic and stochastic extensions of the pi-calculus, a process algebra which supports modelling of concurrency and mobility. Formal verification techniques for such extensions have clear applications in several domains, including mobile ad-hoc network protocols, probabilistic security protocols and biological pathways. Despite this, no implementation of automated verification exists. Building upon the pi-calculus model checker MMC, we first show an automated procedure for constructing the underlying semantic model of a probabilistic or stochastic pi-calculus process. This can then be verified using existing probabilistic model checkers such as PRISM. Secondly, we demonstrate how for processes of a specific structure a more efficient, compositional approach is applicable, which uses our extension of MMC on each parallel component of the system and then translates the results into a high-level modular description for the PRISM tool. The feasibility of our techniques is demonstrated through a number of case studies from the pi-calculus literature
Computer-aided proofs for multiparty computation with active security
Secure multi-party computation (MPC) is a general cryptographic technique
that allows distrusting parties to compute a function of their individual
inputs, while only revealing the output of the function. It has found
applications in areas such as auctioning, email filtering, and secure
teleconference. Given its importance, it is crucial that the protocols are
specified and implemented correctly. In the programming language community it
has become good practice to use computer proof assistants to verify correctness
proofs. In the field of cryptography, EasyCrypt is the state of the art proof
assistant. It provides an embedded language for probabilistic programming,
together with a specialized logic, embedded into an ambient general purpose
higher-order logic. It allows us to conveniently express cryptographic
properties. EasyCrypt has been used successfully on many applications,
including public-key encryption, signatures, garbled circuits and differential
privacy. Here we show for the first time that it can also be used to prove
security of MPC against a malicious adversary. We formalize additive and
replicated secret sharing schemes and apply them to Maurer's MPC protocol for
secure addition and multiplication. Our method extends to general polynomial
functions. We follow the insights from EasyCrypt that security proofs can be
often be reduced to proofs about program equivalence, a topic that is well
understood in the verification of programming languages. In particular, we show
that in the passive case the non-interference-based definition is equivalent to
a standard game-based security definition. For the active case we provide a new
NI definition, which we call input independence
Attacking Group Protocols by Refuting Incorrect Inductive Conjectures
Automated tools for finding attacks on flawed security protocols often fail to deal adequately with group protocols. This is because the abstractions made to improve performance on fixed 2 or 3 party protocols either preclude the modelling of group protocols all together, or permit modelling only in a fixed scenario, which can prevent attacks from being discovered. This paper describes Coral, a tool for finding counterexamples to incorrect inductive conjectures, which we have used to model protocols for both group key agreement and group key management, without any restrictions on the scenario. We will show how we used Coral to discover 6 previously unknown attacks on 3 group protocols
- …