Modelling, Verification, and Formal Analysis of Security Properties in a P2P System

International audienceWe present a security analysis of the SPREADS 1 system, a distributed storage service based on a centralized peer-to-peer architecture. We formally modelled the salient behavior of the actual system using ABCD, a high level specification language with a coloured Petri net semantics, which allowed the execution states of the system to be verified. We verified the behavior of the system in the presence of an external Dolev-Yao attacker, unearthing some replay attacks in the original system. Furthermore, since the implementation is also a formal model, we have been able to show that any execution of the model satisfies certain desirable security properties once these flaws are repaired

A BSP Algorithm for the State Space Construction of Security Protocols

International audienceThis paper presents a Bulk-Synchronous Parallel (BSP) algorithm to compute the discrete state space of structured models of security protocols. The BSP model of parallelism avoids concurrency related problems (mainly deadlocks and non-determinism) and allows us to design an efficient algorithm that is at the same time simple to express. A prototype implementation has been developed, allowing to run benchmarks showing the benefits of our algorithm

Evaluating a peer-to-peer storage system in presence of malicious peers

International audienceWe present a peer-to-peer based storage system and evaluate its resistance in the presence of malicious peers. To do so, we resort to simulation of the actual code borrowed from the production system. Our analysis allows to identify the main threats, prioritise them and propose directions for mitigating the attacks