4,973 research outputs found
Situation awareness and ability in coalitions
This paper proposes a discussion on the formal links between the Situation Calculus and the semantics of interpreted systems as far as they relate to Higher-Level Information Fusion tasks. Among these tasks Situation Analysis require to be able to reason about the decision processes of coalitions. Indeed in higher levels of information fusion, one not only need to know that a certain proposition is true (or that it has a certain numerical measure attached), but rather needs to model the circumstances under which this validity holds as well as agents' properties and constraints. In a previous paper the authors have proposed to use the Interpreted System semantics as a potential candidate for the unification of all levels of information fusion. In the present work we show how the proposed framework allow to bind reasoning about courses of action and Situation Awareness. We propose in this paper a (1) model of coalition, (2) a model of ability in the situation calculus language and (3) a model of situation awareness in the interpreted systems semantics. Combining the advantages of both Situation Calculus and the Interpreted Systems semantics, we show how the Situation Calculus can be framed into the Interpreted Systems semantics. We illustrate on the example of RAP compilation in a coalition context, how ability and situation awareness interact and what benefit is gained. Finally, we conclude this study with a discussion on possible future works
Name-passing calculi and crypto-primitives: A survey
The paper surveys the literature on high-level name-passing process calculi, and their extensions with cryptographic primitives. The survey is by no means exhaustive, for essentially two reasons. First, in trying to provide a coherent presentation of different ideas and techniques, one inevitably ends up leaving out the approaches that do not fit the intended roadmap. Secondly, the literature on the subject has been growing at very high rate over the years. As a consequence, we decided to concentrate on few papers that introduce the main ideas, in the hope that discussing them in some detail will provide sufficient insight for further reading
Automated Cryptographic Analysis of the Pedersen Commitment Scheme
Aiming for strong security assurance, recently there has been an increasing
interest in formal verification of cryptographic constructions. This paper
presents a mechanised formal verification of the popular Pedersen commitment
protocol, proving its security properties of correctness, perfect hiding, and
computational binding. To formally verify the protocol, we extended the theory
of EasyCrypt, a framework which allows for reasoning in the computational
model, to support the discrete logarithm and an abstraction of commitment
protocols. Commitments are building blocks of many cryptographic constructions,
for example, verifiable secret sharing, zero-knowledge proofs, and e-voting.
Our work paves the way for the verification of those more complex
constructions.Comment: 12 pages, conference MMM-ACNS 201
Vote-Independence: A Powerful Privacy Notion for Voting Protocols
International audienceRecently an attack on ballot privacy in Helios has been discovered [20], which is essentially based on copying other voter's votes. To capture this and similar attacks, we extend the classical threat model and introduce a new security notion for voting protocols: Vote-Independence. We give a formal definition and analyze its relationship to established privacy properties such as Vote-Privacy, Receipt-Freeness and Coercion-Resistance. In particular we show that even Coercion-Resistant protocols do not necessarily ensure Vote-Independence
Data Minimisation in Communication Protocols: A Formal Analysis Framework and Application to Identity Management
With the growing amount of personal information exchanged over the Internet,
privacy is becoming more and more a concern for users. One of the key
principles in protecting privacy is data minimisation. This principle requires
that only the minimum amount of information necessary to accomplish a certain
goal is collected and processed. "Privacy-enhancing" communication protocols
have been proposed to guarantee data minimisation in a wide range of
applications. However, currently there is no satisfactory way to assess and
compare the privacy they offer in a precise way: existing analyses are either
too informal and high-level, or specific for one particular system. In this
work, we propose a general formal framework to analyse and compare
communication protocols with respect to privacy by data minimisation. Privacy
requirements are formalised independent of a particular protocol in terms of
the knowledge of (coalitions of) actors in a three-layer model of personal
information. These requirements are then verified automatically for particular
protocols by computing this knowledge from a description of their
communication. We validate our framework in an identity management (IdM) case
study. As IdM systems are used more and more to satisfy the increasing need for
reliable on-line identification and authentication, privacy is becoming an
increasingly critical issue. We use our framework to analyse and compare four
identity management systems. Finally, we discuss the completeness and
(re)usability of the proposed framework
Formal Verification of Security Protocol Implementations: A Survey
Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implementations. This paper surveys these attempts, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography. According to these approaches, libraries are assumed to correctly implement some models. The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approac
Formal security analysis of registration protocols for interactive systems: a methodology and a case of study
In this work we present and formally analyze CHAT-SRP (CHAos based
Tickets-Secure Registration Protocol), a protocol to provide interactive and
collaborative platforms with a cryptographically robust solution to classical
security issues. Namely, we focus on the secrecy and authenticity properties
while keeping a high usability. In this sense, users are forced to blindly
trust the system administrators and developers. Moreover, as far as we know,
the use of formal methodologies for the verification of security properties of
communication protocols isn't yet a common practice. We propose here a
methodology to fill this gap, i.e., to analyse both the security of the
proposed protocol and the pertinence of the underlying premises. In this
concern, we propose the definition and formal evaluation of a protocol for the
distribution of digital identities. Once distributed, these identities can be
used to verify integrity and source of information. We base our security
analysis on tools for automatic verification of security protocols widely
accepted by the scientific community, and on the principles they are based
upon. In addition, it is assumed perfect cryptographic primitives in order to
focus the analysis on the exchange of protocol messages. The main property of
our protocol is the incorporation of tickets, created using digests of chaos
based nonces (numbers used only once) and users' personal data. Combined with a
multichannel authentication scheme with some previous knowledge, these tickets
provide security during the whole protocol by univocally linking each
registering user with a single request. [..]Comment: 32 pages, 7 figures, 8 listings, 1 tabl
An Epistemic Approach to Coercion-Resistance for Electronic Voting Protocols
Coercion resistance is an important and one of the most intricate security
requirements of electronic voting protocols. Several definitions of coercion
resistance have been proposed in the literature, including definitions based on
symbolic models. However, existing definitions in such models are rather
restricted in their scope and quite complex.
In this paper, we therefore propose a new definition of coercion resistance
in a symbolic setting, based on an epistemic approach. Our definition is
relatively simple and intuitive. It allows for a fine-grained formulation of
coercion resistance and can be stated independently of a specific, symbolic
protocol and adversary model. As a proof of concept, we apply our definition to
three voting protocols. In particular, we carry out the first rigorous analysis
of the recently proposed Civitas system. We precisely identify those conditions
under which this system guarantees coercion resistance or fails to be coercion
resistant. We also analyze protocols proposed by Lee et al. and Okamoto.Comment: An extended version of a paper from IEEE Symposium on Security and
Privacy (S&P) 200
- …