16,833 research outputs found
Formally based semi-automatic implementation of an open security protocol
International audienceThis paper presents an experiment in which an implementation of the client side of the SSH Transport Layer Protocol (SSH-TLP) was semi-automatically derived according to a model-driven development paradigm that leverages formal methods in order to obtain high correctness assurance. The approach used in the experiment starts with the formalization of the protocol at an abstract level. This model is then formally proved to fulfill the desired secrecy and authentication properties by using the ProVerif prover. Finally, a sound Java implementation is semi-automatically derived from the verified model using an enhanced version of the Spi2Java framework. The resulting implementation correctly interoperates with third party servers, and its execution time is comparable with that of other manually developed Java SSH-TLP client implementations. This case study demonstrates that the adopted model-driven approach is viable even for a real security protocol, despite the complexity of the models needed in order to achieve an interoperable implementation
A Peered Bulletin Board for Robust Use in Verifiable Voting Systems
The Web Bulletin Board (WBB) is a key component of verifiable election
systems. It is used in the context of election verification to publish evidence
of voting and tallying that voters and officials can check, and where
challenges can be launched in the event of malfeasance. In practice, the
election authority has responsibility for implementing the web bulletin board
correctly and reliably, and will wish to ensure that it behaves correctly even
in the presence of failures and attacks. To ensure robustness, an
implementation will typically use a number of peers to be able to provide a
correct service even when some peers go down or behave dishonestly. In this
paper we propose a new protocol to implement such a Web Bulletin Board,
motivated by the needs of the vVote verifiable voting system. Using a
distributed algorithm increases the complexity of the protocol and requires
careful reasoning in order to establish correctness. Here we use the Event-B
modelling and refinement approach to establish correctness of the peered design
against an idealised specification of the bulletin board behaviour. In
particular we show that for n peers, a threshold of t > 2n/3 peers behaving
correctly is sufficient to ensure correct behaviour of the bulletin board
distributed design. The algorithm also behaves correctly even if honest or
dishonest peers temporarily drop out of the protocol and then return. The
verification approach also establishes that the protocols used within the
bulletin board do not interfere with each other. This is the first time a
peered web bulletin board suite of protocols has been formally verified.Comment: 49 page
Towards the Model-Driven Engineering of Secure yet Safe Embedded Systems
We introduce SysML-Sec, a SysML-based Model-Driven Engineering environment
aimed at fostering the collaboration between system designers and security
experts at all methodological stages of the development of an embedded system.
A central issue in the design of an embedded system is the definition of the
hardware/software partitioning of the architecture of the system, which should
take place as early as possible. SysML-Sec aims to extend the relevance of this
analysis through the integration of security requirements and threats. In
particular, we propose an agile methodology whose aim is to assess early on the
impact of the security requirements and of the security mechanisms designed to
satisfy them over the safety of the system. Security concerns are captured in a
component-centric manner through existing SysML diagrams with only minimal
extensions. After the requirements captured are derived into security and
cryptographic mechanisms, security properties can be formally verified over
this design. To perform the latter, model transformation techniques are
implemented in the SysML-Sec toolchain in order to derive a ProVerif
specification from the SysML models. An automotive firmware flashing procedure
serves as a guiding example throughout our presentation.Comment: In Proceedings GraMSec 2014, arXiv:1404.163
Safe abstractions of data encodings in formal security protocol models
When using formal methods, security protocols are usually modeled at a high level of abstraction. In particular, data encoding and decoding transformations are often abstracted away. However, if no assumptions at all are made on the behavior of such transformations, they could trivially lead to security faults, for example leaking secrets or breaking freshness by collapsing nonces into constants. In order to address this issue, this paper formally states sufficient conditions, checkable on sequential code, such that if an abstract protocol model is secure under a Dolev-Yao adversary, then a refined model, which takes into account a wide class of possible implementations of the encoding/decoding operations, is implied to be secure too under the same adversary model. The paper also indicates possible exploitations of this result in the context of methods based on formal model extraction from implementation code and of methods based on automated code generation from formally verified model
- âŠ