2,191 research outputs found
Sound and Fine-grain Specification of Ideal Functionalities
Nowadays it is widely accepted to formulate the security of a protocol carrying out a given task via the "trusted-party paradigm," where the protocol execution is compared with an ideal process where the outputs are computed by a trusted party that sees all the inputs. A protocol is said to securely carry out a given task if running the protocol with a realistic adversary amounts to "emulating" the ideal process with the appropriate trusted party. In the Universal Composability (UC) framework the program run by the trusted party is called an ideal functionality. While this simulation-based security formulation provides strong security guarantees, its usefulness is contingent on the properties and correct specification of the ideal functionality, which, as
demonstrated in recent years by the coexistence of complex, multiple functionalities for the same task as well as by their "unstable" nature, does not seem to be an easy task.
In this paper we address this problem, by introducing a general methodology for the sound specification of ideal functionalities. First, we introduce the class of canonical ideal functionalities for a cryptographic task, which unifies the syntactic specification of a large class of cryptographic tasks under the same basic template functionality. Furthermore, this representation enables the isolation of the individual properties of a cryptographic task as separate members of the corresponding class. By endowing the class of canonical
functionalities with an algebraic structure we are able to combine basic functionalities to a single final canonical functionality for a given task. Effectively, this puts forth a bottom-up approach for the specification
of ideal functionalities: first one defines a set of basic constituent functionalities for the task at hand, and then combines them into a single ideal functionality taking advantage of the algebraic structure.
In our framework, the constituent functionalities of a task can be derived either directly or, following a translation strategy we introduce, from existing game-based definitions; such definitions have in many
cases captured desired individual properties of cryptographic tasks, albeit in less adversarial settings than universal composition. Our translation methodology entails a sequence of steps that derive a corresponding
canonical functionality given a game-based definition. In this way, we obtain a well-defined mapping of game-based security properties to their corresponding UC counterparts.
Finally, we demonstrate the power of our approach by applying our methodology to a variety of basic cryptographic tasks, including commitments, digital signatures, zero-knowledge proofs, and oblivious transfer.
While in some cases our derived canonical functionalities are equivalent to existing formulations, thus attesting to the validity of our approach, in others they differ, enabling us to "debug" previous definitions and pinpoint their shortcomings
Reasoning and Improving on Software Resilience against Unanticipated Exceptions
In software, there are the errors anticipated at specification and design
time, those encountered at development and testing time, and those that happen
in production mode yet never anticipated. In this paper, we aim at reasoning on
the ability of software to correctly handle unanticipated exceptions. We
propose an algorithm, called short-circuit testing, which injects exceptions
during test suite execution so as to simulate unanticipated errors. This
algorithm collects data that is used as input for verifying two formal
exception contracts that capture two resilience properties. Our evaluation on 9
test suites, with 78% line coverage in average, analyzes 241 executed catch
blocks, shows that 101 of them expose resilience properties and that 84 can be
transformed to be more resilient
A Framework for the Sound Specification of Cryptographic Tasks
Nowadays it is widely accepted to formulate the security of a protocol
carrying out a given task via the ``trusted-party paradigm,\u27\u27 where
the protocol execution is compared with an ideal process where the
outputs are computed by a trusted party that sees all the inputs. A
protocol is said to securely carry out a given task if running the
protocol with a realistic adversary amounts to ``emulating\u27\u27 the ideal
process with the appropriate trusted party. In the Universal
Composability (UC) framework the program run by the trusted party is
called an {\em ideal functionality}. While this simulation-based
security formulation provides strong security guarantees, its
usefulness is contingent on the properties and correct specification
of the ideal functionality, which, as demonstrated in recent years by
the coexistence of complex, multiple functionalities for the same task
as well as by their ``unstable\u27\u27 nature, does not seem to be an easy
task.
In this paper we address this problem, by introducing a general methodology for the sound specification of ideal functionalities.
First, we introduce the class of {\em canonical} ideal functionalities
for a cryptographic task, which unifies the syntactic specification of a large class of cryptographic tasks under the same basic template functionality.
%
Furthermore, this representation enables the isolation of the
individual properties of a cryptographic task as separate members of
the corresponding class. By endowing the class of canonical
functionalities with an algebraic structure we are able to combine
basic functionalities to a single final canonical functionality for a
given task. Effectively, this puts forth a bottom-up
approach for the specification of ideal functionalities: first one
defines a set of basic constituent functionalities for the task at
hand, and then combines them into a single
ideal functionality taking advantage of the algebraic structure.
In our framework, the constituent functionalities of a task can be
derived either directly or, following a translation strategy we
introduce, from existing game-based definitions; such definitions have
in many cases captured desired individual properties of cryptographic
tasks, albeit in less adversarial settings.
Our translation methodology entails a sequence of steps
that systematically derive a corresponding canonical functionality given a game-based
definition, effectively ``lifting\u27\u27 the game-based definition to its composition-safe
version.
We showcase our methodology by applying it to a variety of basic cryptographic tasks, including commitments,
digital signatures, zero-knowledge proofs, and oblivious transfer.
While in some cases our derived canonical functionalities are
equivalent to existing formulations, thus attesting to the validity
of our approach, in others they differ, enabling us to ``debug\u27\u27
previous definitions and pinpoint their shortcomings
Manufacturing of high precision mechanical components
The main goal of the thesis is to analyze key aspects of Precision Manufacturing, aiming at optimizing critical manufacturing processes: innovative experimental methodologies and advanced modelling techniques will be applied to cases study of industrial interest which have been successfully optimized
Learning object semantic description for enhancing reusability
In the design of activities for Web-Based Education Systems, the concept of Didactic Object or Learning Object, has appeared as the axis of a new paradigm concerned with the reusability of contents and activities, due to its organization from a conceptual point of view, the use of metadata in known formats and the setting of new standards. In this article, the concept of reusability is analyzed within the context of the systems mentioned. In addition, Sowa-Style Conceptual Maps as well as Hypermedia Conceptual Maps are proposed as schemes capable of representing knowledge, since they allow for a clear visualization and tend to enable known automated functionalities accurately. The above mentioned resources tend to complete the information in metadata with regard to the semantic aspect.Facultad de Informátic
Learning object semantic description for enhancing reusability
In the design of activities for Web-Based Education Systems, the concept of Didactic Object or Learning Object, has appeared as the axis of a new paradigm concerned with the reusability of contents and activities, due to its organization from a conceptual point of view, the use of metadata in known formats and the setting of new standards. In this article, the concept of reusability is analyzed within the context of the systems mentioned. In addition, Sowa-Style Conceptual Maps as well as Hypermedia Conceptual Maps are proposed as schemes capable of representing knowledge, since they allow for a clear visualization and tend to enable known automated functionalities accurately. The above mentioned resources tend to complete the information in metadata with regard to the semantic aspect.Facultad de Informátic
Agile Cryptography: A Universally Composable Approach
Being capable of updating cryptographic algorithms is an inevitable and essential practice in cryptographic engineering. This cryptographic agility, as it has been called, is a fundamental desideratum for long term cryptographic system security that still poses significant challenges from a modeling perspective. For instance, current formulations of agility fail to express the fundamental security that is expected to stem from timely implementation updates, namely the fact that the system retains some of its security properties provided that the update is performed prior to the deprecated implementation becoming exploited.
In this work we put forth a novel framework for expressing updateability in the context of cryptographic primitives within the universal composition model. Our updatable ideal functionality framework provides a general template for expressing the security we expect from cryptographic agility capturing in a fine-grained manner all the properties that can be retained across implementation updates. We exemplify our framework over two basic cryptographic primitives, digital signatures and non-interactive zero-knowledge (NIZK), where we demonstrate how to achieve updateability with consistency and backwards-compatibility across updates in a composable manner. We also illustrate how our notion is a continuation of a much broader scope of the concept of agility introduced by Acar, Belenkiy, Bellare, and Cash in Eurocrypt 2010 in the context of symmetric cryptographic primitives
On the Extensibility of Formal Methods Tools
Modern software systems often have long lifespans over which they must continually evolve to meet new, and sometimes unforeseen, requirements. One way to effectively deal with this is by developing the system as a series of extensions. As requirements change, the system evolves through the addition of new extensions and, potentially, the removal of existing extensions. In order for this kind of development process to thrive, it is necessary that the system have a high level of extensibility. Extensibility is the capability of a system to support the gradual addition of new, unplanned functionalities. This dissertation investigates extensibility of software systems and focuses on a particular class of software: formal methods tools. The approach is broad in scope. Extensibility of systems is addressed in terms of design, analysis and improvement, which are carried out in terms of source code and software architecture. For additional perspective, extensibility is also considered in the context of formal modelling. The work carried out in this dissertation led to the development of various extensions to the Overture tool supporting the Vienna Development Method, including a new proof obligation generator and integration with theorem provers. Additionally, the extensibility of Overture itself was also improved and it now better supports the development and integration of various kinds of extensions. Finally, extensibility techniques have been applied to formal modelling, leading to an extensible architectural style for formal models
- …