258 research outputs found
Distributed Computing with Adaptive Heuristics
We use ideas from distributed computing to study dynamic environments in
which computational nodes, or decision makers, follow adaptive heuristics (Hart
2005), i.e., simple and unsophisticated rules of behavior, e.g., repeatedly
"best replying" to others' actions, and minimizing "regret", that have been
extensively studied in game theory and economics. We explore when convergence
of such simple dynamics to an equilibrium is guaranteed in asynchronous
computational environments, where nodes can act at any time. Our research
agenda, distributed computing with adaptive heuristics, lies on the borderline
of computer science (including distributed computing and learning) and game
theory (including game dynamics and adaptive heuristics). We exhibit a general
non-termination result for a broad class of heuristics with bounded
recall---that is, simple rules of behavior that depend only on recent history
of interaction between nodes. We consider implications of our result across a
wide variety of interesting and timely applications: game theory, circuit
design, social networks, routing and congestion control. We also study the
computational and communication complexity of asynchronous dynamics and present
some basic observations regarding the effects of asynchrony on no-regret
dynamics. We believe that our work opens a new avenue for research in both
distributed computing and game theory.Comment: 36 pages, four figures. Expands both technical results and discussion
of v1. Revised version will appear in the proceedings of Innovations in
Computer Science 201
Representing Network Trust and Using It to Improve Anonymous Communication
Motivated by the effectiveness of correlation attacks against Tor, the
censorship arms race, and observations of malicious relays in Tor, we propose
that Tor users capture their trust in network elements using probability
distributions over the sets of elements observed by network adversaries. We
present a modular system that allows users to efficiently and conveniently
create such distributions and use them to improve their security. The major
components of this system are (i) an ontology of network-element types that
represents the main threats to and vulnerabilities of anonymous communication
over Tor, (ii) a formal language that allows users to naturally express trust
beliefs about network elements, and (iii) a conversion procedure that takes the
ontology, public information about the network, and user beliefs written in the
trust language and produce a Bayesian Belief Network that represents the
probability distribution in a way that is concise and easily sampleable. We
also present preliminary experimental results that show the distribution
produced by our system can improve security when employed by users; further
improvement is seen when the system is employed by both users and services.Comment: 24 pages; talk to be presented at HotPETs 201
A Formal Analysis of Some Properties of Kerberos 5 Using MSR
We give three formalizations of the Kerberos 5 authentication protocol in the Multi-Set Rewriting (MSR) formalism. One is a high-level formalization containing just enough detail to prove authentication and confidentiality properties of the protocol. A second formalization refines this by adding a variety of protocol options; we similarly refine proofs of properties in the first formalization to prove properties of the second formalization. Our third formalization adds timestamps to the first formalization but has not been analyzed extensively. The various proofs make use of rank and corank functions, inspired by work of Schneider in CSP, and provide examples of reasoning about real-world protocols in MSR.We also note some potentially curious protocol behavior; given our positive results, this does not compromise the security of the protocol
Computationally Sound Mechanized Proofs for Basic and Public-key Kerberos
We present a computationally sound mechanized analysis of Kerberos 5, both with and without its public-key extension PKINIT. We prove authentication and key secrecy properties using the prover CryptoVerif, which works directly in the computational model; these are the first mechanical proofs of a full industrial protocol at the computational level. We also generalize the notion of key usability and use CryptoVerif to prove that this definition is satisfied by keys in Kerberos
- …