1,786 research outputs found
On the semantics of Alice&Bob specifications of security protocols
AbstractIn the context of security protocols, the so-called Alice&Bob notation is often used to describe the messages exchanged between honest principals in successful protocol runs. While intuitive, this notation is ambiguous in its description of the actions taken by principals, in particular with respect to the conditions they must check when executing their roles and the actions they must take when the checks fail.In this paper, we investigate the semantics of protocol specifications in Alice&Bob notation. We provide both a denotational and an operational semantics for such specifications, rigorously accounting for these conditions and actions. Our denotational semantics is based on a notion of incremental symbolic runs, which reflect the data possessed by principals and how this data increases monotonically during protocol execution. We contrast this with a standard formalization of the behavior of principals, which directly interprets message exchanges as sequences of atomic actions. In particular, we provide a complete characterization of the situations where this simpler, direct approach is adequate and prove that incremental symbolic runs are more expressive in general. Our operational semantics, which is guided by the denotational semantics, implements each role of the specified protocol as a sequential process of the pattern-matching spi calculus
Kickstarting Choreographic Programming
We present an overview of some recent efforts aimed at the development of
Choreographic Programming, a programming paradigm for the production of
concurrent software that is guaranteed to be correct by construction from
global descriptions of communication behaviour
Programming with Quantum Communication
This work develops a formal framework for specifying, implementing, and
analysing quantum communication protocols. We provide tools for developing
simple proofs and analysing programs which involve communication, both via
quantum channels and exhibiting the LOCC (local operations, classical
communication) paradigm
Validating a Web Service Security Abstraction by Typing
An XML web service is, to a first approximation, an RPC service in which
requests and responses are encoded in XML as SOAP envelopes, and transported
over HTTP. We consider the problem of authenticating requests and responses at
the SOAP-level, rather than relying on transport-level security. We propose a
security abstraction, inspired by earlier work on secure RPC, in which the
methods exported by a web service are annotated with one of three security
levels: none, authenticated, or both authenticated and encrypted. We model our
abstraction as an object calculus with primitives for defining and calling web
services. We describe the semantics of our object calculus by translating to a
lower-level language with primitives for message passing and cryptography. To
validate our semantics, we embed correspondence assertions that specify the
correct authentication of requests and responses. By appeal to the type theory
for cryptographic protocols of Gordon and Jeffrey's Cryptyc, we verify the
correspondence assertions simply by typing. Finally, we describe an
implementation of our semantics via custom SOAP headers.Comment: 44 pages. A preliminary version appears in the Proceedings of the
Workshop on XML Security 2002, pp. 18-29, November 200
Compiling and securing cryptographic protocols
Protocol narrations are widely used in security as semi-formal notations to
specify conversations between roles. We define a translation from a protocol
narration to the sequences of operations to be performed by each role. Unlike
previous works, we reduce this compilation process to well-known decision
problems in formal protocol analysis. This allows one to define a natural
notion of prudent translation and to reuse many known results from the
literature in order to cover more crypto-primitives. In particular this work is
the first one to show how to compile protocols parameterised by the properties
of the available operations.Comment: A short version was submitted to IP
The security of NTP's datagram protocol
For decades, the Network Time Protocol (NTP) has been
used to synchronize computer clocks over untrusted network paths. This
work takes a new look at the security of NTP’s datagram protocol. We
argue that NTP’s datagram protocol in RFC5905 is both underspecified
and flawed. The NTP specifications do not sufficiently respect (1) the
conflicting security requirements of different NTP modes, and (2) the
mechanism NTP uses to prevent off-path attacks. A further problem
is that (3) NTP’s control-query interface reveals sensitive information
that can be exploited in off-path attacks. We exploit these problems
in several attacks that remote attackers can use to maliciously alter a
target’s time. We use network scans to find millions of IPs that are
vulnerable to our attacks. Finally, we move beyond identifying attacks
by developing a cryptographic model and using it to prove the security
of a new backwards-compatible client/server protocol for NTP.https://eprint.iacr.org/2016/1006.pdfhttps://eprint.iacr.org/2016/1006.pdfPublished versio
- …