407 research outputs found
Knowledge Flow Analysis for Security Protocols
Knowledge flow analysis offers a simple and flexible way to find flaws in
security protocols. A protocol is described by a collection of rules
constraining the propagation of knowledge amongst principals. Because this
characterization corresponds closely to informal descriptions of protocols, it
allows a succinct and natural formalization; because it abstracts away message
ordering, and handles communications between principals and applications of
cryptographic primitives uniformly, it is readily represented in a standard
logic. A generic framework in the Alloy modelling language is presented, and
instantiated for two standard protocols, and a new key management scheme.Comment: 20 page
Automated analysis of security protocols with global state
Security APIs, key servers and protocols that need to keep the status of
transactions, require to maintain a global, non-monotonic state, e.g., in the
form of a database or register. However, most existing automated verification
tools do not support the analysis of such stateful security protocols -
sometimes because of fundamental reasons, such as the encoding of the protocol
as Horn clauses, which are inherently monotonic. A notable exception is the
recent tamarin prover which allows specifying protocols as multiset rewrite
(msr) rules, a formalism expressive enough to encode state. As multiset
rewriting is a "low-level" specification language with no direct support for
concurrent message passing, encoding protocols correctly is a difficult and
error-prone process. We propose a process calculus which is a variant of the
applied pi calculus with constructs for manipulation of a global state by
processes running in parallel. We show that this language can be translated to
msr rules whilst preserving all security properties expressible in a dedicated
first-order logic for security properties. The translation has been implemented
in a prototype tool which uses the tamarin prover as a backend. We apply the
tool to several case studies among which a simplified fragment of PKCS\#11, the
Yubikey security token, and an optimistic contract signing protocol
Integration of analysis techniques in security and fault-tolerance
This thesis focuses on the study of integration of formal methodologies in security protocol analysis and fault-tolerance analysis. The research is developed in two different directions: interdisciplinary and intra-disciplinary. In the former, we look for a beneficial interaction between strategies of analysis in security protocols and fault-tolerance; in the latter, we search for connections among different approaches of analysis within the security area. In the following we summarize the main results of the research
Finitary Deduction Systems
Cryptographic protocols are the cornerstone of security in distributed
systems. The formal analysis of their properties is accordingly one of the
focus points of the security community, and is usually split among two groups.
In the first group, one focuses on trace-based security properties such as
confidentiality and authentication, and provides decision procedures for the
existence of attacks for an on-line attackers. In the second group, one focuses
on equivalence properties such as privacy and guessing attacks, and provides
decision procedures for the existence of attacks for an offline attacker. In
all cases the attacker is modeled by a deduction system in which his possible
actions are expressed. We present in this paper a notion of finitary deduction
systems that aims at relating both approaches. We prove that for such deduction
systems, deciding equivalence properties for on-line attackers can be reduced
to deciding reachability properties in the same setting.Comment: 30 pages. Work begun while in the CASSIS Project, INRIA Nancy Grand
Es
Towards the Correctness of Security Protocols
AbstractIn [19], the authors presented a type-theoretic approach to the verification of security protocols. In this approach, a universal type system is proposed to capture in a finite way all the possible computations (internal actions or protocol instrumentations) that could be performed by a smart malicious intruder. This reduces the verification of cryptographic protocols to a typing problem where types are attack scenarios. In this paper, we recall this type system and we prove its completeness i.e. if the intruder can learn a message from a given protocol instrumentation, then this message could be infered from the type system. A significant result of this paper is the presentation of a new transformation that allows us to abstract a non-terminating type inference system into a terminating deductive proof system. We demonstrate how these results could be used to establish the security of cryptographic protocols from the secrecy standpoint. Finally, the usefulness and the efficiency of the whole approach is illustrated by proving the correctness of a new version of the Needham-Shoreder protocol with respect to the secrecy property
On the Relationship between Strand Spaces and Multi-Agent Systems
Strand spaces are a popular framework for the analysis of security protocols.
Strand spaces have some similarities to a formalism used successfully to model
protocols for distributed systems, namely multi-agent systems. We explore the
exact relationship between these two frameworks here. It turns out that a key
difference is the handling of agents, which are unspecified in strand spaces
and explicit in multi-agent systems. We provide a family of translations from
strand spaces to multi-agent systems parameterized by the choice of agents in
the strand space. We also show that not every multi-agent system of interest
can be expressed as a strand space. This reveals a lack of expressiveness in
the strand-space framework that can be characterized by our translation. To
highlight this lack of expressiveness, we show one simple way in which strand
spaces can be extended to model more systems.Comment: A preliminary version of this paper appears in the Proceedings of the
8th ACM Conference on Computer and Communications Security,200
Workshop on Modelling of Objects, Components, and Agents, Aarhus, Denmark, August 27-28, 2001
This booklet contains the proceedings of the workshop Modelling of Objects, Components, and Agents (MOCA'01), August 27-28, 2001. The workshop is organised by the CPN group at the Department of Computer Science, University of Aarhus, Denmark and the "Theoretical Foundations of Computer Science" Group at the University of Hamburg, Germany. The papers are also available in electronic form via the web pages: http://www.daimi.au.dk/CPnets/workshop01
CREOLE: a Universal Language for Creating, Requesting, Updating and Deleting Resources
In the context of Service-Oriented Computing, applications can be developed
following the REST (Representation State Transfer) architectural style. This
style corresponds to a resource-oriented model, where resources are manipulated
via CRUD (Create, Request, Update, Delete) interfaces. The diversity of CRUD
languages due to the absence of a standard leads to composition problems
related to adaptation, integration and coordination of services. To overcome
these problems, we propose a pivot architecture built around a universal
language to manipulate resources, called CREOLE, a CRUD Language for Resource
Edition. In this architecture, scripts written in existing CRUD languages, like
SQL, are compiled into Creole and then executed over different CRUD interfaces.
After stating the requirements for a universal language for manipulating
resources, we formally describe the language and informally motivate its
definition with respect to the requirements. We then concretely show how the
architecture solves adaptation, integration and coordination problems in the
case of photo management in Flickr and Picasa, two well-known service-oriented
applications. Finally, we propose a roadmap for future work.Comment: In Proceedings FOCLASA 2010, arXiv:1007.499
- …