147,300 research outputs found
Implementation of two-party protocols in the noisy-storage model
The noisy-storage model allows the implementation of secure two-party
protocols under the sole assumption that no large-scale reliable quantum
storage is available to the cheating party. No quantum storage is thereby
required for the honest parties. Examples of such protocols include bit
commitment, oblivious transfer and secure identification. Here, we provide a
guideline for the practical implementation of such protocols. In particular, we
analyze security in a practical setting where the honest parties themselves are
unable to perform perfect operations and need to deal with practical problems
such as errors during transmission and detector inefficiencies. We provide
explicit security parameters for two different experimental setups using weak
coherent, and parametric down conversion sources. In addition, we analyze a
modification of the protocols based on decoy states.Comment: 41 pages, 33 figures, this is a companion paper to arXiv:0906.1030
considering practical aspects, v2: published version, title changed in
accordance with PRA guideline
Instantaneous Decentralized Poker
We present efficient protocols for amortized secure multiparty computation
with penalties and secure cash distribution, of which poker is a prime example.
Our protocols have an initial phase where the parties interact with a
cryptocurrency network, that then enables them to interact only among
themselves over the course of playing many poker games in which money changes
hands.
The high efficiency of our protocols is achieved by harnessing the power of
stateful contracts. Compared to the limited expressive power of Bitcoin
scripts, stateful contracts enable richer forms of interaction between standard
secure computation and a cryptocurrency.
We formalize the stateful contract model and the security notions that our
protocols accomplish, and provide proofs using the simulation paradigm.
Moreover, we provide a reference implementation in Ethereum/Solidity for the
stateful contracts that our protocols are based on.
We also adopt our off-chain cash distribution protocols to the special case
of stateful duplex micropayment channels, which are of independent interest. In
comparison to Bitcoin based payment channels, our duplex channel implementation
is more efficient and has additional features
Performance comparisons of AODV, secure AODV and adaptive secure AODV routing protocols in free attack simulation environment.
There have been various secure routing protocols proposed for mobile ad hoc networks. Most of these protocols are analyzed by three standard techniques: simulation, security analysis and real network testbed. In this paper, Ad Hoc On-Demand Distance Vector (AODV) routing protocols was selected as the basis of the entire simulations. Due to the needs of securing the routing in the wireless ad hoc networks, Secure AODV (SAODV) was developed to add security to original AODV which includes cryptographic operations that can have a significant impact on the routing performance. To get better performance while maintaining the secure routing, Adaptive SAODV (A-SAODV) was developed based on the SAODV implementation, which was claimed to introduce some improvement on the routing compared to the SAODV. Based on this justification, some analysis and studies are made on the performance and impacts using AODV, Secure AODV (SAODV) and Adaptive Secure AODV (A-SAODV) in a free-attack simulation environment to analyze these routing protocols and make some comparisons on the performance. The collection of simulation results will show the performance impact of security implementation into the original AODV after the implementations of SAODV and A-SAODV into the networks
Safe abstractions of data encodings in formal security protocol models
When using formal methods, security protocols are usually modeled at a high level of abstraction. In particular, data encoding and decoding transformations are often abstracted away. However, if no assumptions at all are made on the behavior of such transformations, they could trivially lead to security faults, for example leaking secrets or breaking freshness by collapsing nonces into constants. In order to address this issue, this paper formally states sufficient conditions, checkable on sequential code, such that if an abstract protocol model is secure under a Dolev-Yao adversary, then a refined model, which takes into account a wide class of possible implementations of the encoding/decoding operations, is implied to be secure too under the same adversary model. The paper also indicates possible exploitations of this result in the context of methods based on formal model extraction from implementation code and of methods based on automated code generation from formally verified model
Experimental implementation of bit commitment in the noisy-storage model
Fundamental primitives such as bit commitment and oblivious transfer serve as
building blocks for many other two-party protocols. Hence, the secure
implementation of such primitives are important in modern cryptography. In this
work, we present a bit commitment protocol which is secure as long as the
attacker's quantum memory device is imperfect. The latter assumption is known
as the noisy-storage model. We experimentally executed this protocol by
performing measurements on polarization-entangled photon pairs. Our work
includes a full security analysis, accounting for all experimental error rates
and finite size effects. This demonstrates the feasibility of two-party
protocols in this model using real-world quantum devices. Finally, we provide a
general analysis of our bit commitment protocol for a range of experimental
parameters.Comment: 21 pages (7 main text +14 appendix), 6+3 figures. New version changed
author's name from Huei Ying Nelly Ng to Nelly Huei Ying Ng, for consistency
with other publication
An IDE for the Design, Verification and Implementation of Security Protocols
Security protocols are critical components for the construction of secure and dependable distributed applications, but their implementation is challenging and error prone. Therefore, tools for formal modelling and analysis of security protocols can be potentially very useful to support software engineers. However, despite such tools having been available for a long time, their adoption outside the research community has been very limited. In fact, most practitioners find such applications too complex and hardly usable for their daily work. In this paper, we present an Integrated Development Environment for the design, verification and implementation of security protocols, aimed at lowering the adoption barrier of formal methods tools for security. In the spirit of Model Driven Development, the environment supports the user in the specification of the model using the simple and intuitive language AnB (and its extension AnBx). Moreover, it provides a push-button solution for the formal verification of the abstract and concrete models, and for the automatic generation of Java implementation. This Eclipse-based IDE leverages on existing languages and tools for the modelling and verification of security protocols, such as the AnBx Compiler and Code Generator, the model checker OFMC and the cryptographic protocol verifier ProVerif
- …