Transforming Password Protocols to Compose

International audienceFormal, symbolic techniques are extremely useful for modelling and analysing security protocols. They improved our understanding of security protocols, allowed to discover flaws, and also provide support for protocol design. However, such analyses usually consider that the protocol is executed in isolation or assume a bounded number of protocol sessions. Hence, no security guarantee is provided when the protocol is executed in a more complex environment. In this paper, we study whether password protocols can be safely composed, even when a same password is reused. More precisely, we present a transformation which maps a password protocol that is secure for a single protocol session (a decidable problem) to a protocol that is secure for an unbounded number of sessions. Our result provides an effective strategy to design secure password protocols: (i) design a protocol intended to be secure for one protocol session; (ii) apply our transformation and obtain a protocol which is secure for an unbounded number of sessions. Our technique also applies to compose different password protocols allowing us to obtain both inter-protocol and inter-session composition

Composition of Password-based Protocols

International audienceFormal and symbolic techniques are extremely useful for modelling and analysing security protocols. They have helped to improve our understanding of such protocols, allowed us to discover aws, and they also provide support for protocol design. However, such analyses usually consider that the protocol is executed in isolation or assume a bounded number of protocol sessions. Hence, no security guarantee is provided when the protocol is executed in a more complex environment.\par In this paper, we study whether password protocols can be safely composed, even when a same password is reused. More precisely, we present a transformation which maps a password protocol that is secure for a single protocol session (a decidable problem) to a protocol that is secure for an unbounded number of sessions. Our result provides an effective strategy to design secure password protocols: (i) design a protocol intended to be secure for one protocol session; (ii) apply our transformation and obtain a protocol which is secure for an unbounded number of sessions. Our technique also applies to compose different password protocols allowing us to obtain both inter-protocol and inter-session composition

Synthesis of Boolean Networks from Biological Dynamical Constraints using Answer-Set Programming

International audienceBoolean networks model finite discrete dynamical systems with complex behaviours. The state of each component is determined by a Boolean function of the state of (a subset of) the components of the network. This paper addresses the synthesis of these Boolean functions from constraints on their domain and emerging dynamical properties of the resulting network. The dynamical properties relate to the existence and absence of trajectories between partially observed configurations, and to the stable behaviours (fixpoints and cyclic attractors). The synthesis is expressed as a Boolean satisfiability problem relying on Answer-Set Programming with a parametrized complexity, and leads to a complete non-redundant characterization of the set of solutions. Considered constraints are particularly suited to address the synthesis of models of cellular differentiation processes, as illustrated on a case study. The scalability of the approach is demonstrated on random networks with scale-free structures up to 100 to 1,000 nodes depending on the type of constraints

Bayesian Sparse Fourier Representation of Off-Grid Targets

We consider the problem of estimating a finite sum of cisoids via the use of a sparsifying Fourier dictionary (problem that may be of use in many radar applications). Numerous signal sparse representation (SSR) techniques can be found in the literature regarding this problem. However, they are usually very sensitive to grid mismatch. In this paper, we present a new Bayesian model robust towards grid mismatch. Synthetic and experimental radar data are used to assess the ability of the proposed approach to robustify the SSR towards grid mismatch

Bayesian sparse Fourier representation of off-grid targets with application to experimental radar data

The problem considered is the estimation of a finite number of cisoids embedded in white noise, using a sparse signal representation (SSR) approach, a problem which is relevant in many radar applications. Many SSR algorithms have been developed in order to solve this problem, but they usually are sensitive to grid mismatch. In this paper, two Bayesian algorithms are presented, which are robust towards grid mismatch: a first method uses a Fourier dictionary directly parametrized by the grid mismatch while the second one employs a first-order Taylor approximation to relate linearly the grid mismatch and the sparse vector. The main strength of these algorithms lies in the use of a mixed-type distribution which decorrelates sparsity level and target power. Besides, both methods are implemented through a Monte-Carlo Markov chain algorithm. They are successfully evaluated on synthetic and experimental radar data, and compared to a benchmark algorith

Deciding equivalence-based properties using constraint solving

Formal methods have proved their usefulness for analyzing the security of protocols. Most existing results focus on trace properties like secrecy or authentication. There are however several security properties, which cannot be defined (or cannot be naturally defined) as trace properties and require a notion of behavioural equivalence. Typical examples are anonymity, privacy related properties or statements closer to security properties used in cryptography. In this paper, we consider three notions of equivalence defined in the applied pi calculus: observational equivalence, may-testing equivalence, and trace equivalence. First, we study the relationship between these three notions. We show that for determinate processes, observational equivalence actually coincides with trace equivalence, a notion simpler to reason with. We exhibit a large class of determinate processes, called simple processes, that capture most existing protocols and cryptographic primitives. While trace equivalence and may-testing equivalence seem very similar, we show that may-testing equivalence is actually strictly stronger than trace equivalence. We prove that the two notions coincide for image-finite processes, such as processes without replication. Second, we reduce the decidability of trace equivalence (for finite processes) to deciding symbolic equivalence between sets of constraint systems. For simple processes without replication and with trivial else branches, it turns out that it is actually sufficient to decide symbolic equivalence between pairs of positive constraint systems. Thanks to this reduction and relying on a result first proved by M. Baudet, this yields the first decidability result of observational equivalence for a general class of equational theories (for processes without else branch nor replication). Moreover, based on another decidability result for deciding equivalence between sets of constraint systems, we get decidability of trace equivalence for processes with else branch for standard primitives

Unambiguous Sparse Recovery of Migrating Targets with a Robustified Bayesian Model

The problem considered is that of estimating unambiguously migrating targets observed with a wideband radar. We extend a previously described sparse Bayesian algorithm to the presence of diffuse clutter and off-grid targets. A hybrid-Gibbs sampler is formulated to jointly estimate the sparse target amplitude vector, the grid mismatch and the (assumed) autoregressive noise. Results on synthetic and fully experimental data show that targets can be actually unambiguously estimated even if located in blind speeds

New Sparse-Promoting Prior for the Estimation of a Radar Scene with Weak and Strong Targets

In this paper, we consider the problem of estimating a signal of interest embedded in noise using a sparse signal representation (SSR) approach. This problem is relevant in many radar applications. In particular, estimating a radar scene consisting of targets with wide amplitude range can be challenging since the sidelobes of a strong target can disrupt the estimation of a weak one. Within a Bayesian framework, we present a new sparse-promoting prior designed to estimate this specific type of radar scene. The main strength of this new prior lies in its mixed-type structure which decorrelates sparsity level and target power, as well as in its subdivided support which enables the estimation process to span the whole target power range. This algorithm is implemented through a Monte-Carlo Markov chain. It is successfully evaluated on synthetic and semiexperimental radar data and compared to state-of-the-art algorithms

An unambiguous radar mode with a single PRF wideband waveform

In this paper, we consider the problem of unambiguously estimating targets, including in blind velocities, using a single-low-PRF wideband radar signal. We present a Bayesian sparse recovery algorithm able to estimate the amplitude and location of range-migrating targets possibly straddling range-velocity bins embedded in colored noise. Numerical simulations on synthetic data and experimental data show that the proposed algorithm is able to mitigate velocity ambiguity and estimate targets in blind velocities

Velocity ambiguity mitigation of off-grid range migrating targets via Bayesian sparse recovery

Within the scope of sparse signal representation, we consider the problem of velocity ambiguity mitigation for wideband radar signal. We present a Bayesian robust algorithm based on a new sparsifying dictionary suited for range-migrating targets possibly straddling range-velocity bins. Numerical simulations on experimental data demonstrate the ability of the proposed algorithm in mitigating velocity ambiguity