18,992 research outputs found

    Proof Theory, Transformations, and Logic Programming for Debugging Security Protocols

    Get PDF
    We define a sequent calculus to formally specify, simulate, debug and verify security protocols. In our sequents we distinguish between the current knowledge of principals and the current global state of the session. Hereby, we can describe the operational semantics of principals and of an intruder in a simple and modular way. Furthermore, using proof theoretic tools like the analysis of permutability of rules, we are able to find efficient proof strategies that we prove complete for special classes of security protocols including Needham-Schroeder. Based on the results of this preliminary analysis, we have implemented a Prolog meta-interpreter which allows for rapid prototyping and for checking safety properties of security protocols, and we have applied it for finding error traces and proving correctness of practical examples

    A semantic analysis of key management protocols for wireless sensor networks

    Get PDF
    Gorrieri and Martinelli's timed Generalized Non-Deducibility on Compositions (tGNDC) schema is a well-known general framework for the formal verification of security protocols in a concurrent scenario. We generalise the tGNDC schema to verify wireless network security protocols. Our generalisation relies on a simple timed broadcasting process calculus whose operational semantics is given in terms of a labelled transition system which is used to derive a standard simulation theory. We apply our tGNDC framework to perform a security analysis of three well-known key management protocols for wireless sensor networks: \u3bcTESLA, LEAP+ and LiSP

    Classical Knowledge for Quantum Security

    Get PDF
    We propose a decision procedure for analysing security of quantum cryptographic protocols, combining a classical algebraic rewrite system for knowledge with an operational semantics for quantum distributed computing. As a test case, we use our procedure to reason about security properties of a recently developed quantum secret sharing protocol that uses graph states. We analyze three different scenarios based on the safety assumptions of the classical and quantum channels and discover the path of an attack in the presence of an adversary. The epistemic analysis that leads to this and similar types of attacks is purely based on our classical notion of knowledge.Comment: extended abstract, 13 page

    Reconciling operational and epistemic approaches to the formal analysis of crypto-based security protocols

    Get PDF
    We propose a unifying framework for formal specification and verification of both epistemic and behavioral aspects of security protocols. The main novelty of the proposed framework is the explicit support for cryptographic constructs, which is among the most essential ingredients of security protocols. Due to this feature, the indistinguishability relation for the epistemic constructs gets a dynamic semantics by taking the communicated keys and cryptographic terms in the operational specification into account

    Verifying Security Properties in Unbounded Multiagent Systems

    Get PDF
    We study the problem of analysing the security for an unbounded number of concurrent sessions of a cryptographic protocol. Our formal model accounts for an arbitrary number of agents involved in a protocol-exchange which is subverted by a Dolev-Yao attacker. We define the parameterised model checking problem with respect to security requirements expressed in temporal-epistemic logics. We formulate sufficient conditions for solving this problem, by analysing several finite models of the system. We primarily explore authentication and key-establishment as part of a larger class of protocols and security requirements amenable to our methodology. We introduce a tool implementing the technique, and we validate it by verifying the NSPK and ASRPC protocols
    corecore