260,722 research outputs found
Partial Order Reduction for Security Protocols
Security protocols are concurrent processes that communicate using
cryptography with the aim of achieving various security properties. Recent work
on their formal verification has brought procedures and tools for deciding
trace equivalence properties (e.g., anonymity, unlinkability, vote secrecy) for
a bounded number of sessions. However, these procedures are based on a naive
symbolic exploration of all traces of the considered processes which,
unsurprisingly, greatly limits the scalability and practical impact of the
verification tools.
In this paper, we overcome this difficulty by developing partial order
reduction techniques for the verification of security protocols. We provide
reduced transition systems that optimally eliminate redundant traces, and which
are adequate for model-checking trace equivalence properties of protocols by
means of symbolic execution. We have implemented our reductions in the tool
Apte, and demonstrated that it achieves the expected speedup on various
protocols
Comment on "Quantum identification schemes with entanglements"
In a recent paper, [Phys. Rev. A 65, 052326 (2002)], Mihara presented several
cryptographic protocols that were claimed to be quantum mechanical in nature.
In this comment it is pointed out that these protocols can be described in
purely classical terms. Hence, the security of these schemes does not rely on
the usage of entanglement or any other quantum mechanical property.Comment: 2 pages, revtex
Fundamental Finite Key Limits for One-Way Information Reconciliation in Quantum Key Distribution
The security of quantum key distribution protocols is guaranteed by the laws
of quantum mechanics. However, a precise analysis of the security properties
requires tools from both classical cryptography and information theory. Here,
we employ recent results in non-asymptotic classical information theory to show
that one-way information reconciliation imposes fundamental limitations on the
amount of secret key that can be extracted in the finite key regime. In
particular, we find that an often used approximation for the information
leakage during information reconciliation is not generally valid. We propose an
improved approximation that takes into account finite key effects and
numerically test it against codes for two probability distributions, that we
call binary-binary and binary-Gaussian, that typically appear in quantum key
distribution protocols
Multi-protocol Attack: A Survey of Current Research
Traditionally, verification methods for security protocols typically assume that the protocols are used in isolation of other protocols (i.e., there is only a single protocol using a network at a given time). However, in practice it is unrealistic to assume that a security protocol runs in isolation in an insecure network. A multi-protocol attack is an attack in which more than one protocol is involved. The verification methods for security protocols that assume a single protocol on a network will fail to verify a protocol�s resistance/vulnerability to multi-protocol attacks. Further, multiple security protocols that are verified to be correct in isolation can be susceptible to multiprotocol attacks when used over the same network. However, the verification of security properties for multiple protocols existing on the same network is difficult since security properties are not compositional. This paper surveys some of the recent approaches and contributions into the verification of security properties in the context of multiple protocols being run in an insecure network and the efforts to prevent multi-protocol attacks
Solution of a Conjecture: On 2-PCD RFID Distance Bounding Protocols
The file attached to this record is the author's final peer reviewed version.It is a popular challenge to design distance bounding protocols that are both secure and efficient. Motivated by this, many distance bounding protocols against relay attacks have been advanced in recent times. Another interesting question is whether
these protocols provides the best security. In 2010, Kara et al. analysis the optimal security limits of low-cost distance bounding
protocols having bit-wise fast phases and no final signature. As for the classification, they have introduced the notion of k-previous challenge dependent (k-PCD) protocols where each response bit depends on the current and the k previous challenges. They have given the theoretical security bounds for two specific classes k = 0 and 1, but have left the security bounds for k >= 2 as an open problem. In this paper, we aim to answer the open question concerning the security limits of 2-PCD protocols. We describe two generic attacks for mafia and distance frauds that can be applied on any 2-PCD protocols. Then, we provide the optimal trade-off curve between the security levels of mafia and distance frauds that determines the security limits of 2-PCD protocols. Finally our results also prove the conjecture that 2-PCD protocols enhance the security compared to 0-PCD and 1-PCD cases
- …