19,807 research outputs found
A Machine-Checked Formalization of the Generic Model and the Random Oracle Model
Most approaches to the formal analyses of cryptographic protocols make the perfect cryptography assumption, i.e. the hypothese that there is no way to obtain knowledge about the plaintext pertaining to a ciphertext without knowing the key. Ideally, one would prefer to rely on a weaker hypothesis on the computational cost of gaining information about the plaintext pertaining to a ciphertext without knowing the key. Such a view is permitted by the Generic Model and the Random Oracle Model which provide non-standard computational models in which one may reason about the computational cost of breaking a cryptographic scheme. Using the proof assistant Coq, we provide a machine-checked account of the Generic Model and the Random Oracle Mode
Formal Verification of Security Protocol Implementations: A Survey
Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implementations. This paper surveys these attempts, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography. According to these approaches, libraries are assumed to correctly implement some models. The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approac
Proof Theory, Transformations, and Logic Programming for Debugging Security Protocols
We define a sequent calculus to formally specify, simulate, debug and verify security protocols. In our sequents we distinguish between the current knowledge of principals and the current global state of the session. Hereby, we can describe the operational semantics of principals and of an intruder in a simple and modular way. Furthermore, using proof theoretic tools like the analysis of permutability of rules, we are able to find efficient proof strategies that we prove complete for special classes of security protocols including Needham-Schroeder. Based on the results of this preliminary analysis, we have implemented a Prolog meta-interpreter which allows for rapid prototyping and for checking safety properties of security protocols, and we have applied it for finding error traces and proving correctness of practical examples
Certified Impossibility Results for Byzantine-Tolerant Mobile Robots
We propose a framework to build formal developments for robot networks using
the COQ proof assistant, to state and to prove formally various properties. We
focus in this paper on impossibility proofs, as it is natural to take advantage
of the COQ higher order calculus to reason about algorithms as abstract
objects. We present in particular formal proofs of two impossibility results
forconvergence of oblivious mobile robots if respectively more than one half
and more than one third of the robots exhibit Byzantine failures, starting from
the original theorems by Bouzid et al.. Thanks to our formalization, the
corresponding COQ developments are quite compact. To our knowledge, these are
the first certified (in the sense of formally proved) impossibility results for
robot networks
Logic of Non-Monotonic Interactive Proofs (Formal Theory of Temporary Knowledge Transfer)
We propose a monotonic logic of internalised non-monotonic or instant
interactive proofs (LiiP) and reconstruct an existing monotonic logic of
internalised monotonic or persistent interactive proofs (LiP) as a minimal
conservative extension of LiiP. Instant interactive proofs effect a fragile
epistemic impact in their intended communities of peer reviewers that consists
in the impermanent induction of the knowledge of their proof goal by means of
the knowledge of the proof with the interpreting reviewer: If my peer reviewer
knew my proof then she would at least then (in that instant) know that its
proof goal is true. Their impact is fragile and their induction of knowledge
impermanent in the sense of being the case possibly only at the instant of
learning the proof. This accounts for the important possibility of
internalising proofs of statements whose truth value can vary, which, as
opposed to invariant statements, cannot have persistent proofs. So instant
interactive proofs effect a temporary transfer of certain propositional
knowledge (knowable ephemeral facts) via the transmission of certain individual
knowledge (knowable non-monotonic proofs) in distributed systems of multiple
interacting agents.Comment: continuation of arXiv:1201.3667 ; published extended abstract:
DOI:10.1007/978-3-642-36039-8_16 ; related to arXiv:1208.591
Impossibility of Gathering, a Certification
Recent advances in Distributed Computing highlight models and algorithms for
autonomous swarms of mobile robots that self-organise and cooperate to solve
global objectives. The overwhelming majority of works so far considers handmade
algorithms and proofs of correctness. This paper builds upon a previously
proposed formal framework to certify the correctness of impossibility results
regarding distributed algorithms that are dedicated to autonomous mobile robots
evolving in a continuous space. As a case study, we consider the problem of
gathering all robots at a particular location, not known beforehand. A
fundamental (but not yet formally certified) result, due to Suzuki and
Yamashita, states that this simple task is impossible for two robots executing
deterministic code and initially located at distinct positions. Not only do we
obtain a certified proof of the original impossibility result, we also get the
more general impossibility of gathering with an even number of robots, when any
two robots are possibly initially at the same exact location.Comment: 10
- …