279 research outputs found
Automated Unbounded Verification of Stateful Cryptographic Protocols with Exclusive OR
International audienceExclusive-or (XOR) operations are common in cryptographic protocols, in particular in RFID protocols and electronic payment protocols. Although there are numerous applications , due to the inherent complexity of faithful models of XOR, there is only limited tool support for the verification of cryptographic protocols using XOR.The TAMARIN prover is a state-of-the-art verification tool for cryptographic protocols in the symbolic model. In this paper, we improve the underlying theory and the tool to deal with an equational theory modeling XOR operations. The XOR theory can be freely combined with all equational theories previously supported, including user-defined equational theories. This makes TAMARIN the first tool to support simultaneously this large set of equational theories, protocols with global mutable state, an unbounded number of sessions, and complex security properties including observational equivalence. We demonstrate the effectiveness of our approach by analyzing several protocols that rely on XOR, in particular multiple RFID-protocols, where we can identify attacks as well as provide proofs
Stateful protocol composition
This is the author accepted manuscript. The final version is available from the publisher via the DOI in this recordWe prove a parallel compositionality result for protocols with a shared mutable state, i.e., stateful protocols. For protocols satisfying certain compositionality conditions our result shows that verifying the component protocols in isolation is sufficient to prove security of their composition. Our main contribution is an extension of the compositionality paradigm to stateful protocols where participants maintain shared databases. Because of the generality of our result we also cover many forms of sequential composition as a special case of stateful parallel composition. Moreover, we support declassification of shared secrets. As a final contribution we prove the core of our result in Isabelle/HOL, providing a strong correctness guarantee of our proofs.Danish Council for Independent Research
Contingent payments on a public ledger: models and reductions for automated verification
International audienceWe study protocols that rely on a public ledger infrastructure, concentrating on protocols for zero-knowledge contingent payment, whose security properties combine diverse notions of fairness and privacy. We argue that rigorous models are required for capturing the ledger semantics, the protocol-ledger interaction, the cryptographic primitives and, ultimately, the security properties one would like to achieve.Our focus is on a particular level of abstraction, where network messages are represented by a term algebra, protocol execution by state transition systems (e.g. multiset rewrite rules) and where the properties of interest can be analyzed with automated verification tools. We propose models for: (1) the rules guiding the ledger execution, taking the coin functionality of public ledgers such as Bitcoin as an example; (2) the security properties expected from ledger-based zero-knowledge contingent payment protocols; (3) two different security protocols that aim at achieving these properties relying on different ledger infrastructures; (4) reductions that allow simpler term algebras for homomorphic cryptographic schemes.Altogether, these models allow us to derive a first automated verification for ledger-based zero-knowledge contingent payment using the Tamarin prover. Furthermore , our models help in clarifying certain underlying assumptions, security and efficiency tradeoffs that should be taken into account when deploying protocols on the blockchain
Blockchain based Decentralized Applications: Technology Review and Development Guidelines
Blockchain or Distributed Ledger Technology is a disruptive technology that
provides the infrastructure for developing decentralized applications enabling
the implementation of novel business models even in traditionally centralized
domains. In the last years it has drawn high interest from the academic
community, technology developers and startups thus lots of solutions have been
developed to address blockchain technology limitations and the requirements of
applications software engineering. In this paper, we provide a comprehensive
overview of DLT solutions analyzing the addressed challenges, provided
solutions and their usage for developing decentralized applications. Our study
reviews over 100 blockchain papers and startup initiatives from which we
construct a 3-tier based architecture for decentralized applications and we use
it to systematically classify the technology solutions. Protocol and Network
Tier solutions address the digital assets registration, transactions, data
structure, and privacy and business rules implementation and the creation of
peer-to-peer networks, ledger replication, and consensus-based state
validation. Scaling Tier solutions address the scalability problems in terms of
storage size, transaction throughput, and computational capability. Finally,
Federated Tier aggregates integrative solutions across multiple blockchain
applications deployments. The paper closes with a discussion on challenges and
opportunities for developing decentralized applications by providing a
multi-step guideline for decentralizing the design of traditional systems and
implementing decentralized applications.Comment: 30 pages, 8 figures, 9 tables, 121 reference
- …