Quantifying pervasive authentication: the case of the Hancke-Kuhn protocol

As mobile devices pervade physical space, the familiar authentication patterns are becoming insufficient: besides entity authentication, many applications require, e.g., location authentication. Many interesting protocols have been proposed and implemented to provide such strengthened forms of authentication, but there are very few proofs that such protocols satisfy the required security properties. The logical formalisms, devised for reasoning about security protocols on standard computer networks, turn out to be difficult to adapt for reasoning about hybrid protocols, used in pervasive and heterogenous networks. We refine the Dolev-Yao-style algebraic method for protocol analysis by a probabilistic model of guessing, needed to analyze protocols that mix weak cryptography with physical properties of nonstandard communication channels. Applying this model, we provide a precise security proof for a proximity authentication protocol, due to Hancke and Kuhn, that uses a subtle form of probabilistic reasoning to achieve its goals.Comment: 31 pages, 2 figures; short version of this paper appeared in the Proceedings of MFPS 201

Privacy protocols

Security protocols enable secure communication over insecure channels. Privacy protocols enable private interactions over secure channels. Security protocols set up secure channels using cryptographic primitives. Privacy protocols set up private channels using secure channels. But just like some security protocols can be broken without breaking the underlying cryptography, some privacy protocols can be broken without breaking the underlying security. Such privacy attacks have been used to leverage e-commerce against targeted advertising from the outset; but their depth and scope became apparent only with the overwhelming advent of influence campaigns in politics. The blurred boundaries between privacy protocols and privacy attacks present a new challenge for protocol analysis. Covert channels turn out to be concealed not only below overt channels, but also above: subversions, and the level-below attacks are supplemented by sublimations and the level-above attacks.Comment: 38 pages, 6 figure

Actor-network procedures: Modeling multi-factor authentication, device pairing, social interactions

As computation spreads from computers to networks of computers, and migrates into cyberspace, it ceases to be globally programmable, but it remains programmable indirectly: network computations cannot be controlled, but they can be steered by local constraints on network nodes. The tasks of "programming" global behaviors through local constraints belong to the area of security. The "program particles" that assure that a system of local interactions leads towards some desired global goals are called security protocols. As computation spreads beyond cyberspace, into physical and social spaces, new security tasks and problems arise. As networks are extended by physical sensors and controllers, including the humans, and interlaced with social networks, the engineering concepts and techniques of computer security blend with the social processes of security. These new connectors for computational and social software require a new "discipline of programming" of global behaviors through local constraints. Since the new discipline seems to be emerging from a combination of established models of security protocols with older methods of procedural programming, we use the name procedures for these new connectors, that generalize protocols. In the present paper we propose actor-networks as a formal model of computation in heterogenous networks of computers, humans and their devices; and we introduce Procedure Derivation Logic (PDL) as a framework for reasoning about security in actor-networks. On the way, we survey the guiding ideas of Protocol Derivation Logic (also PDL) that evolved through our work in security in last 10 years. Both formalisms are geared towards graphic reasoning and tool support. We illustrate their workings by analysing a popular form of two-factor authentication, and a multi-channel device pairing procedure, devised for this occasion.Comment: 32 pages, 12 figures, 3 tables; journal submission; extended references, added discussio

Structural and symptomatic change in psychoanalysis and psychodynamic psychotherapy: a quantitative study of process, outcome, and attachment.

This thesis describes a quasi-experimental study exploring psychotherapeutic process and outcome in 25 young adults sequentially assigned to psychoanalysis (n=14) or psychodynamic psychotherapy (n=11) at the Anna Freud Centre in London, England. Analysts reported process using a novel 899-item questionnaire, the Young Adult Weekly Rating Scale (YAWRS). Patients were assessed by an independent psychiatrist at intake, termination, and at 18 month intervals after intake and termination with Main and Goldwyn's Adult Attachment Interview (AAI) and on a host of symptomatic and diagnostic measures. The patients suffered from depression, anxiety, and personality disorders. Over the course of treatment (6 months to 8 years long), 12 of 19 patients (with adequate data) improved symptomatically on an aggregate measure. Ten of 12 improvers were in the psychoanalysis group, suggesting that it is a more effective treatment in this population. Data from 1,314 YAWRS questionnaires were factor analysed and used to test hypotheses from the psychotherapy process literature. In the first year of psychoanalysis (as compared with psychodynamic psychotherapy), higher scores on therapist dynamic technique, patient dynamic material, and negative patient transference were found. In the combined sample, higher scores in the first year on therapist dynamic technique, patient dynamic material, and discussion of contract were predictive of positive outcome. The AAI classifies patients according to security of "state of mind with respect to attachment" from narratives about early life relationship experiences. Our results show a high proportion of secure classifications at initial assessment and, in successful treatments, a movement towards a preoccupied-entangled attachment pattern which began to resolve by termination. We propose that the AAI be used to measure both structural health and regression/transference neurosis, which must occur and then resolve for treatment to succeed. Further research using the YAWRS and AAI is proposed