3,051 research outputs found
Actor-network procedures: Modeling multi-factor authentication, device pairing, social interactions
As computation spreads from computers to networks of computers, and migrates
into cyberspace, it ceases to be globally programmable, but it remains
programmable indirectly: network computations cannot be controlled, but they
can be steered by local constraints on network nodes. The tasks of
"programming" global behaviors through local constraints belong to the area of
security. The "program particles" that assure that a system of local
interactions leads towards some desired global goals are called security
protocols. As computation spreads beyond cyberspace, into physical and social
spaces, new security tasks and problems arise. As networks are extended by
physical sensors and controllers, including the humans, and interlaced with
social networks, the engineering concepts and techniques of computer security
blend with the social processes of security. These new connectors for
computational and social software require a new "discipline of programming" of
global behaviors through local constraints. Since the new discipline seems to
be emerging from a combination of established models of security protocols with
older methods of procedural programming, we use the name procedures for these
new connectors, that generalize protocols. In the present paper we propose
actor-networks as a formal model of computation in heterogenous networks of
computers, humans and their devices; and we introduce Procedure Derivation
Logic (PDL) as a framework for reasoning about security in actor-networks. On
the way, we survey the guiding ideas of Protocol Derivation Logic (also PDL)
that evolved through our work in security in last 10 years. Both formalisms are
geared towards graphic reasoning and tool support. We illustrate their workings
by analysing a popular form of two-factor authentication, and a multi-channel
device pairing procedure, devised for this occasion.Comment: 32 pages, 12 figures, 3 tables; journal submission; extended
references, added discussio
Quantifying pervasive authentication: the case of the Hancke-Kuhn protocol
As mobile devices pervade physical space, the familiar authentication
patterns are becoming insufficient: besides entity authentication, many
applications require, e.g., location authentication. Many interesting protocols
have been proposed and implemented to provide such strengthened forms of
authentication, but there are very few proofs that such protocols satisfy the
required security properties. The logical formalisms, devised for reasoning
about security protocols on standard computer networks, turn out to be
difficult to adapt for reasoning about hybrid protocols, used in pervasive and
heterogenous networks.
We refine the Dolev-Yao-style algebraic method for protocol analysis by a
probabilistic model of guessing, needed to analyze protocols that mix weak
cryptography with physical properties of nonstandard communication channels.
Applying this model, we provide a precise security proof for a proximity
authentication protocol, due to Hancke and Kuhn, that uses a subtle form of
probabilistic reasoning to achieve its goals.Comment: 31 pages, 2 figures; short version of this paper appeared in the
Proceedings of MFPS 201
Security Analysis of Sensor Networks
Wireless sensor networks distribute a common sensing and computing task within the large
number of participants that use wireless communication. Such networks require a
self-organizing and energy-aware set of protocols. Several protocols have beed designed
for such environments, however to make certain proof of their secureness, their formal analysis is required.
In our article, we show an analysis framework capable of proving security
properties of such protocols. Our methodology is based on the CSP process algebra.
We will demonstrate its power by giving an attack possibility for an existing protocol, and the extensibility of the model will also be pointed
Security Analysis of Sensor Networks
Wireless sensor networks distribute a common sensing and computing task within the large
number of participants that use wireless communication. Such networks require a
self-organizing and energy-aware set of protocols. Several protocols have beed designed
for such environments, however to make certain proof of their secureness, their formal analysis is required.
In our article, we show an analysis framework capable of proving security
properties of such protocols. Our methodology is based on the CSP process algebra.
We will demonstrate its power by giving an attack possibility for an existing protocol, and the extensibility of the model will also be pointed
Secrecy for Mobile Implementations of Security Protocols
Mobile code technology offers interesting possibilities to
the practitioner, but also raises strong concerns about security. One
aspect of security is secrecy, the preservation of confidential
information. This thesis investigates the modelling, specification and
verification of secrecy in mobile applications which access and
transmit confidential information through a possibly compromised
medium (e.g. the Internet). These applications can be expected to
communicate secret information using a security protocol, a mechanism
to guarantee that the transmitted data does not reach unauthorized
entities.
The central idea is therefore to relate the secrecy properties of the
application to those of the protocol it implements, through the
definition of a ``confidential protocol implementation'' relation.
The argument takes an indirect form, showing that a confidential
implementation transmits secret data only in the ways indicated by the
protocol.
We define the implementation relation using labelled transition
semantics, bisimulations and relabelling functions. To justify its
technical definition, we relate this property to a notion of
noninterference for nondeterministic systems derived from Cohen's
definition of Selective Independency. We also provide simple and
local conditions that greatly simplify its verification, and report on
our experiments on an architecture showing how the proposed
formulations could be used in practice to enforce secrecy of mobile
code
Synthesising end-to-end security schemes through endorsement intermediaries
Composing secure interaction protocols dynamically for e-commerce continue to pose a number of challenges, such as lack of standard notations for expressing requirements and the difficulty involved in enforcing them. Furthermore, interaction with unknown entities may require finding common trusted intermediaries. Securing messages sent through such intermediaries require schemes that provide end-to-end security guarantees. In the past, e-commerce protocols such as SET were created to provide such end-to-end guarantees. However, such complex hand crafted protocols proved difficult to model check. This thesis addresses the end-to-end problems in an open dynamic setting where trust relationships evolve, and requirements of interacting entities change over time. Before interaction protocols can be synthesised, a number of research questions must be addressed. Firstly, to meet end-to-end security requirements, the security level along the message path must be made to reflect the requirements. Secondly, the type of endorsement intermediaries must reflect the message category. Thirdly, intermediaries must be made liable for their endorsements. This thesis proposes a number of solutions to address the research problems. End-to-end security requirements were arrived by aggregating security requirements of all interacting parties. These requirements were enforced by interleaving and composing basic schemes derived from challenge-response mechanisms. The institutional trust promoting mechanism devised allowed all vital data to be endorsed by authorised category specific intermediaries. Intermediaries were made accountable for their endorsements by being required to discharge or transfer proof obligations placed on them. The techniques devised for aggregating and enforcing security requirements allow dynamic creation of end-to-end security schemes. The novel interleaving technique devised allows creation of provably secure multiparty schemes for any number of recipients. The structured technique combining compositional approach with appropriate invariants and preconditions makes model checking of synthesised schemes unnecessary. The proposed framework combining endorsement trust with schemes making intermediaries accountable provides a way to alleviate distrust between previously unknown e-commerce entities
Relating Strand Spaces and Distributed Temporal Logic for Security Protocol Analysis
In previous work, we introduced a version of distributed temporal logic that is well-suited both for verifying security protocols and as a metalogic for reasoning about, and relating, different security protocol models. In this paper, we formally investigate the relationship between our approach and strand spaces, which is one of the most successful and widespread formalisms for analyzing security protocols. We define translations between models in our logic and strand-space models of security protocols, and we compare the results obtained with respect to the level of abstraction that is inherent in each of the formalisms. This allows us to clarify different aspects of strand spaces that are often left implicit, as well as pave the way to transfer results, techniques and tools across the two approache
- …