Automatic Methods for Analyzing Non-repudiation Protocole with an Active Intruder

International audienceNon-repudiation protocols have an important role in many areas where secured transactions with proofs of participation are necessary. Formal methods are clever and without error, therefore using them for verifying such protocols is crucial. In this purpose, we show how to partially represent non-repudiation as a combination of authentications on the Fair Zhou-Gollmann protocol. After discussing the limitations of this method, we define a new one based on the handling of the knowledge of protocol participants. This second method is general and of natural use, as it consists in adding simple annotations in the protocol specification. It is very easy to implement in tools able to handle participants knowledge. We have implemented it in the AVISPA Tool and analyzed the optimistic Cederquist-Corin-Dashti protocol, discovering two attacks. This extension of the AVISPA Tool for handling non-repudiation opens a highway to the specification of many other properties, without any more change in the tool itself

Optimistic Non-repudiation Protocol Analysis

The original publication is available at www.springerlink.com ; ISBN 978-3-540-72353-0 (Pring) 0302-9743 (Online) 1611-3349International audienceNon-repudiation protocols with session labels have a number of vulnerabilities. Recently Cederquist, Corin and Dashti have proposed an optimistic non-repudiation protocol that avoids altogether the use of session labels. We have specified and analysed this protocol using an extended version of the AVISPA Tool and one important fault has been discovered. We describe the protocol, the analysis method, show two attack traces that exploit the fault and propose a correction to the protocol

Proceedings of the 3rd International Workshop on Formal Aspects in Security and Trust (FAST2005)

The present report contains the pre-proceedings of the third international Workshop on Formal Aspects in Security and Trust (FAST2005), held in Newcastle upon Tyne, 18-19 July 2005. FAST is an event affliated with the Formal Methods 2005 Congress (FM05). The third international Workshop on Formal Aspects in Security and Trust (FAST2005) aims at continuing the successful effort of the previous two FAST workshop editions for fostering the cooperation among researchers in the areas of security and trust. The new challenges offered by the so-called ambient intelligence space, as a future paradigm in the information society, demand for a coherent and rigorous framework of concepts, tools and methodologies to provide user\u27s trust&confidence on the underlying communication/interaction infrastructure. It is necessary to address issues relating to both guaranteeing security of the infrastructure and the perception of the infrastructure being secure. In addition, user confidence on what is happening must be enhanced by developing trust models effective but also easily comprehensible and manageable by users

Formal Aspects in Security and Trust

his book constitutes the thoroughly refereed post-proceedings of the Third International Workshop on Formal Aspects in Security and Trust, FAST 2005, held in Newcastle upon Tyne, UK in July 2005. The 17 revised papers presented together with the extended abstract of 1 invited paper were carefully reviewed and selected from 37 submissions. The papers focus on formal aspects in security and trust policy models, security protocol design and analysis, formal models of trust and reputation, logics for security and trust, distributed trust management systems, trust-based reasoning, digital assets protection, data protection, privacy and ID issues, information flow analysis, language-based security, security and trust aspects in ubiquitous computing, validation/analysis tools, web service security/trust/privacy, GRID security, security risk assessment, and case studies

Risk Balance in Exchange Protocols

We study the behaviour of rational agents in exchange protocols which rely on trustees. We allow malicious parties to compromise the trustee by paying a cost and, thereby, present a game analysis that advocates exchange protocols which induce balanced risks on the participants. We also present a risk-balanced protocol for fair confidential secret comparison

Keeping Fairness Alive : Design and formal verification of optimistic fair exchange protocols

Fokkink, W.J. [Promotor]Pol, J.C. van de [Promotor

E-commerce protocol supporting automated online dispute resolution

E-commerce now constitutes a significant part of all commercial activity; however the increase in transactions is also leading to more disputes. These disputes are becoming more frequent, more technologically complicated and more difficult in terms of traceability . This thesis focuses specifically on dispute problems related to soft products, i.e. those that are intangible and therefore requiring no physical delivery. With the growing demand for these types of products, e.g. downloadable films, music, software, and prepaid calling time, the prevention of fraudulent transactions is becoming increasingly important. Reasons for the rise in the number of fraudulent transactions include merchants being unable to see the customer to verify an ID or signature and E-commerce enabling soft-products and services to be acquired via soft delivery methods: email, download or logging in. The introductory section provides a critique of current e-commerce fraud detection and prevention techniques and shows that not all are suitable for e-commerce, especially soft-products, and therefore unable to provide complete protection against fraud. The future relating to the detection and prevention of e-commerce fraud is then discussed, leading to suggestions regarding the improvement of the current state-of-the-art technique, the Address Verification Service (AVS), which is used to accommodate the introduction of soft-products. Apart from the exchange process problems, i.e. those involving money and goods, attention is also paid to other important factors such as timing and quality that are usually neglected in these detection and prevention techniques. Dispute scenarios from many different perspectives have been analysed, viz. computer science, business, legal and that of the participants themselves. From the analyses, all possible dispute cases have been formally listed using the 'Truth Table' approach. This analysis has then led to the design of a comprehensive taxonomy framework for dispute in e-commerce. The term Online Dispute Resolution (ODR), is the online technology applied to Alternative Dispute Resolution (ADR) which is resolving disputes other than via litigation in the courts. Current ODR systems and their suitability for the e-commercial world have been examined, concluding that not all are appropriate for e-commerce situations (since most still involve a human element and often make the resolution process more costly than the actual item under dispute). The proposed solution to the problem is by automating the online dispute resolution process. The total solution is described in two parts (i) an E-commerce Transaction Protocol (ETP) forming the infrastructure where the transaction will take place and be able to accommodate any new improvements in the future, and (ii) an Automated Online Dispute Resolution (AODR) system which should automatically resolve any dispute occurring within the proposed e-commerce model. In order for the AODR to resolve any dispute, a product/payment specific plug-in (add-on) has been incorporated into the system. For illustration purposes, credit cards as a payment method has been selected and the appropriate plug-in specification for soft products and credit cards created. The concept of providing every soft product with a quality certificate has also been discussed. A concluding case study of e-commerce in Saudi Arabia has been used to test the viability of both the e-commerce dispute taxonomy and the proposed model. The case study shows the suitability of using ETP with AODR in order to resolve soft-product disputes automatically. Limitations of the work and further research possibilities have then been identified.EThOS - Electronic Theses Online ServiceDepartment of Computing Science, Newcastle UniversityGBUnited Kingdo

Analyse formelle des protocoles cryptographiques et flux d'information admissible

Requis des protocoles cyptographiques et méthodes formelles -- L'interférence admissible -- Validation des propriétés de sécurité -- Un modèle de calcul probabiliste polynomial -- Sémantique contextuelle du modèle prospa

Security analysis of an e-commerce solution

The escalation in the number of people with access to the Internet has fuelled the growth of e-commerce transactions. In order to stimulate this growth in e-commerce, the adoption of new business models will be required. In this thesis, we propose the idea of bringing the multi-level marketing business model into the e-commerce world. For e-commerce applications to take advantage of the business potential in this business model, some challenging security problems need to be resolved. Our proposed protocol provides a method for fair exchange of valuable items between multiple-parties in accordance with the multi-level marketing business model. It also provides the required security services needed to increase the overall customers' trust in e-commerce, and hence increase the rate of committed online transactions. These security services include content assurance, confidentiality, fair exchange and non-repudiation. The above security services are usually attained through the use of cryptography. For example, digital rights management systems deliver e-goods in an encrypted format. As these e-goods are decrypted before being presented to the end user, cryptographic keys may appear in the memory which leaves it vulnerable to memory disclosure attacks. In the second part of this thesis, we investigate a set of memory disclosure attacks which may compromise the confidentiality of cryptographic keys. We demonstrate that the threat of these attacks is real by exposing the secret private keys of several cryptographic algorithms used by different cryptographic implementations of the Java Cryptographic Extension (JCE