709 research outputs found

    Typing and Compositionality for Security Protocols::A Generalization to the Geometric Fragment

    Get PDF
    We integrate, and improve upon, prior relative soundness results of two kinds. The first kind are typing results showing that any security protocol that fulfils a number of sufficient conditions has an attack if it has a well-typed attack. The second kind considers the parallel composition of protocols, showing that when running two protocols in parallel allows for an attack, then at least one of the protocols has an attack in isolation. The most important generalization over previous work is the support for all security properties of the geometric fragment

    An Optimizing Protocol Transformation for Constructor Finite Variant Theories in Maude-NPA

    Full text link
    [EN] Maude-NPA is an analysis tool for cryptographic security protocols that takes into account the algebraic properties of the cryptosystem. Maude-NPA can reason about a wide range of cryptographic properties. However, some algebraic properties, and protocols using them, have been beyond Maude-NPA capabilities, either because the cryptographic properties cannot be expressed using its equational unification features or because the state space is unmanageable. In this paper, we provide a protocol transformation that can safely get rid of cryptographic properties under some conditions. The time and space difference between verifying the protocol with all the crypto properties and verifying the protocol with a minimal set of the crypto properties is remarkable. We also provide, for the first time, an encoding of the theory of bilinear pairing into Maude-NPA that goes beyond the encoding of bilinear pairing available in the Tamarin toolPartially supported by the EU (FEDER) and the Spanish MCIU under grant RTI2018-094403-B-C32, by the Spanish Generalitat Valenciana under grant PROMETEO/2019/098, and by the US Air Force Office of Scientific Research under award number FA9550-17-1-0286. Julia Sapiña has been supported by the Generalitat Valenciana APOSTD/2019/127 grantAparicio-Sánchez, D.; Escobar Román, S.; Gutiérrez Gil, R.; Sapiña-Sanchis, J. (2020). An Optimizing Protocol Transformation for Constructor Finite Variant Theories in Maude-NPA. Springer Nature. 230-250. https://doi.org/10.1007/978-3-030-59013-0_12S230250Maude-NPA manual v3.1. http://maude.cs.illinois.edu/w/index.php/Maude_Tools:_Maude-NPAThe Tamarin-Prover Manual, 4 June 2019. https://tamarin-prover.github.io/manual/tex/tamarin-manual.pdfAl-Riyami, S.S., Paterson, K.G.: Tripartite authenticated key agreement protocols from pairings. In: Paterson, K.G. (ed.) Cryptography and Coding 2003. LNCS, vol. 2898, pp. 332–359. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-40974-8_27Baader, F., Snyder, W.: Unification theory. In: Robinson, J.A., Voronkov, A. (eds.) Handbook of Automated Reasoning, vol. 1, pp. 447–533. Elsevier Science (2001)Baelde, D., Delaune, S., Gazeau, I., Kremer, S.: Symbolic verification of privacy-type properties for security protocols with XOR. In: 30th IEEE Computer Security Foundations Symposium, CSF 2017, pp. 234–248. IEEE Computer Society (2017)Blanchet, B.: Modeling and verifying security protocols with the applied pi calculus and ProVerif. Found. Trends Privacy Secur. 1(1–2), 1–135 (2016)Clavel, M., et al.: Maude manual (version 3.0). Technical report, SRI International, Computer Science Laboratory (2020). http://maude.cs.uiuc.eduComon-Lundh, H., Delaune, S.: The finite variant property: how to get rid of some algebraic properties. In: Giesl, J. (ed.) RTA 2005. LNCS, vol. 3467, pp. 294–307. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-32033-3_22Cremers, C.J.F.: The scyther tool: verification, falsification, and analysis of security protocols. In: Gupta, A., Malik, S. (eds.) CAV 2008. LNCS, vol. 5123, pp. 414–418. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-70545-1_38Dreier, J., Duménil, C., Kremer, S., Sasse, R.: Beyond subterm-convergent equational theories in automated verification of stateful protocols. In: Maffei, M., Ryan, M. (eds.) POST 2017. LNCS, vol. 10204, pp. 117–140. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-662-54455-6_6Escobar, S., Hendrix, J., Meadows, C., Meseguer, J.: Diffie-Hellman cryptographic reasoning in the Maude-NRL protocol analyzer. In: Proceedings of 2nd International Workshop on Security and Rewriting Techniques (SecReT 2007) (2007)Escobar, S., Meadows, C., Meseguer, J.: A rewriting-based inference system for the NRL protocol analyzer and its meta-logical properties. Theor. Comput. Sci. 367(1–2), 162–202 (2006)Escobar, S., Meadows, C., Meseguer, J.: Maude-NPA: cryptographic protocol analysis modulo equational properties. In: Aldini, A., Barthe, G., Gorrieri, R. (eds.) FOSAD 2007-2009. LNCS, vol. 5705, pp. 1–50. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03829-7_1Escobar, S., et al.: Protocol analysis in Maude-NPA using unification modulo homomorphic encryption. In: Proceedings of PPDP 2011, pp. 65–76. ACM (2011)Escobar, S., Meadows, C.A., Meseguer, J., Santiago, S.: State space reduction in the Maude-NRL protocol analyzer. Inf. Comput. 238, 157–186 (2014)Escobar, S., Sasse, R., Meseguer, J.: Folding variant narrowing and optimal variant termination. J. Log. Algebr. Program. 81(7–8), 898–928 (2012)Fabrega, F.J.T., Herzog, J.C., Guttman, J.D.: Strand spaces: why is a security protocol correct? In: Proceedings of IEEE Symposium on Security and Privacy, pp. 160–171 (1998)Guttman, J.D.: Security goals and protocol transformations. In: Mödersheim, S., Palamidessi, C. (eds.) TOSCA 2011. LNCS, vol. 6993, pp. 130–147. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27375-9_8Joux, A.: A one round protocol for tripartite Diffie-Hellman. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, pp. 385–393. Springer, Heidelberg (2000). https://doi.org/10.1007/10722028_23Kim, Y., Perrig, A., Tsudik, G.: Communication-efficient group key agreement. In: Dupuy, M., Paradinas, P. (eds.) SEC 2001. IIFIP, vol. 65, pp. 229–244. Springer, Boston, MA (2002). https://doi.org/10.1007/0-306-46998-7_16Küsters, R., Truderung, T.: Using ProVerif to analyze protocols with Diffie-Hellman exponentiation. In: IEEE Computer Security Foundations, pp. 157–171 (2009)Küsters, R., Truderung, T.: Reducing protocol analysis with XOR to the XOR-free case in the horn theory based approach. J. Autom. Reason. 46(3–4), 325–352 (2011)Meadows, C.: The NRL protocol analyzer: an overview. J. Logic Program. 26(2), 113–131 (1996)Meier, S., Cremers, C., Basin, D.: Strong invariants for the efficient construction of machine-checked protocol security proofs. In: 2010 23rd IEEE Computer Security Foundations Symposium, pp. 231–245 (2010)Meseguer, J.: Conditional rewriting logic as a united model of concurrency. Theoret. Comput. Sci. 96(1), 73–155 (1992)Meseguer, J.: Variant-based satisfiability in initial algebras. Sci. Comput. Program. 154, 3–41 (2018)Meseguer, J.: Generalized rewrite theories, coherence completion, and symbolic methods. J. Log. Algebr. Meth. Program. 110, 100483 (2020)Mödersheim, S., Viganò, L.: The open-source fixed-point model checker for symbolic analysis of security protocols. In: Aldini, A., Barthe, G., Gorrieri, R. (eds.) FOSAD 2007-2009. LNCS, vol. 5705, pp. 166–194. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03829-7_6Sasse, R., Escobar, S., Meadows, C., Meseguer, J.: Protocol analysis modulo combination of theories: a case study in Maude-NPA. In: Cuellar, J., Lopez, J., Barthe, G., Pretschner, A. (eds.) STM 2010. LNCS, vol. 6710, pp. 163–178. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22444-7_11Schmidt, B., Sasse, R., Cremers, C., Basin, D.A.: Automated verification of group key agreement protocols. In: 2014 IEEE Symposium on Security and Privacy, SP 2014, pp. 179–194. IEEE Computer Society (2014)Skeirik, S., Meseguer, J.: Metalevel algorithms for variant satisfiability. J. Log. Algebraic Methods Program. 96, 81–110 (2018)TeReSe: Term Rewriting Systems. Cambridge University Press, Cambridge (2003)Yang, F., Escobar, S., Meadows, C.A., Meseguer, J., Narendran, P.: Theories of homomorphic encryption, unification, and the finite variant property. In: Proceedings of PPDP 2014, pp. 123–133. ACM (2014

    Healthcare providers' views on the acceptability of financial incentives for breastfeeding:a qualitative study

    Get PDF
    BACKGROUND: Despite a gradual increase in breastfeeding rates, overall in the UK there are wide variations, with a trend towards breastfeeding rates at 6–8 weeks remaining below 40% in less affluent areas. While financial incentives have been used with varying success to encourage positive health related behaviour change, there is little research on their use in encouraging breastfeeding. In this paper, we report on healthcare providers’ views around whether using financial incentives in areas with low breastfeeding rates would be acceptable in principle. This research was part of a larger project looking at the development and feasibility testing of a financial incentive scheme for breastfeeding in preparation for a cluster randomised controlled trial. METHODS: Fifty–three healthcare providers were interviewed about their views on financial incentives for breastfeeding. Participants were purposively sampled to include a wide range of experience and roles associated with supporting mothers with infant feeding. Semi-structured individual and group interviews were conducted. Data were analysed thematically drawing on the principles of Framework Analysis. RESULTS: The key theme emerging from healthcare providers’ views on the acceptability of financial incentives for breastfeeding was their possible impact on ‘facilitating or impeding relationships’. Within this theme several additional aspects were discussed: the mother’s relationship with her healthcare provider and services, with her baby and her family, and with the wider community. In addition, a key priority for healthcare providers was that an incentive scheme should not impact negatively on their professional integrity and responsibility towards women. CONCLUSION: Healthcare providers believe that financial incentives could have both positive and negative impacts on a mother’s relationship with her family, baby and healthcare provider. When designing a financial incentive scheme we must take care to minimise the potential negative impacts that have been highlighted, while at the same time recognising the potential positive impacts for women in areas where breastfeeding rates are low

    Consequences of converting graded to action potentials upon neural information coding and energy efficiency

    Get PDF
    Information is encoded in neural circuits using both graded and action potentials, converting between them within single neurons and successive processing layers. This conversion is accompanied by information loss and a drop in energy efficiency. We investigate the biophysical causes of this loss of information and efficiency by comparing spiking neuron models, containing stochastic voltage-gated Na+ and K+ channels, with generator potential and graded potential models lacking voltage-gated Na+ channels. We identify three causes of information loss in the generator potential that are the by-product of action potential generation: (1) the voltage-gated Na+ channels necessary for action potential generation increase intrinsic noise and (2) introduce non-linearities, and (3) the finite duration of the action potential creates a ‘footprint’ in the generator potential that obscures incoming signals. These three processes reduce information rates by ~50% in generator potentials, to ~3 times that of spike trains. Both generator potentials and graded potentials consume almost an order of magnitude less energy per second than spike trains. Because of the lower information rates of generator potentials they are substantially less energy efficient than graded potentials. However, both are an order of magnitude more efficient than spike trains due to the higher energy costs and low information content of spikes, emphasizing that there is a two-fold cost of converting analogue to digital; information loss and cost inflation

    Medical decision making for patients with Parkinson disease under Average Cost Criterion

    Get PDF
    Parkinson's disease (PD) is one of the most common disabling neurological disorders and results in substantial burden for patients, their families and the as a whole society in terms of increased health resource use and poor quality of life. For all stages of PD, medication therapy is the preferred medical treatment. The failure of medical regimes to prevent disease progression and to prevent long-term side effects has led to a resurgence of interest in surgical procedures. Partially observable Markov decision models (POMDPs) are a powerful and appropriate technique for decision making. In this paper we applied the model of POMDP's as a supportive tool to clinical decisions for the treatment of patients with Parkinson's disease. The aim of the model was to determine the critical threshold level to perform the surgery in order to minimize the total lifetime costs over a patient's lifetime (where the costs incorporate duration of life, quality of life, and monetary units). Under some reasonable conditions reflecting the practical meaning of the deterioration and based on the various diagnostic observations we find an optimal average cost policy for patients with PD with three deterioration levels

    Modular Verification of Protocol Equivalence in the Presence of Randomness

    Get PDF
    Security protocols that provide privacy and anonymity guarantees are growing increasingly prevalent in the online world. The highly intricate nature of these protocols makes them vulnerable to subtle design flaws. Formal methods have been successfully deployed to detect these errors, where protocol correctness is formulated as a notion of equivalence (indistinguishably). The high overhead for verifying such equivalence properties, in conjunction with the fact that protocols are never run in isolation, has created a need for modular verification techniques. Existing approaches in formal modeling and (compositional) verification of protocols for privacy have abstracted away a fundamental ingredient in the effectiveness of these protocols, randomness. We present the first composition results for equivalence properties of protocols that are explicitly able to toss coins. Our results hold even when protocols share data (such as long term keys) provided that protocol messages are tagged with the information of which protocol they belong to.Ope

    Multiple-look effects on temporal discrimination within sound sequences

    Get PDF
    The multiple-look notion holds that the difference limen (DL) decreases with multiple observations. We investigated this notion for temporal discrimination in isochronous sound sequences. In Experiment 1, we established a multiple-look effect when sequences comprised nine standard time intervals (S) followed by an increasing number of comparison time intervals (C), but no multiple-look effect when one trailing C interval was preceded by an increasing number of S intervals. In Experiment 2, we extended the design. There were four sequential conditions: (a) 9 leading S intervals followed by 1, 2, …, or 9 C-intervals; (b) 9 leading C intervals followed by 1, 2, …, or 9 S intervals; (c) 9 trailing C-intervals preceded by 1, 2, …, or 9 S-intervals; and (d) 9 trailing S-intervals preceded by 1, 2, …, or 9 C-intervals. Both the interval accretions before and after the tempo change caused multiple-look effects, irrespective of the time order of S and C. Complete deconfounding of the number of intervals before and after the tempo change was accomplished in Experiment 3. The multiple-look effect of interval accretion before the tempo change was twice as big as that after the tempo change. The diminishing returns relation between the DL and interval accretion could be described well by a reciprocal function

    A Model for Damage Load and Its Implications for the Evolution of Bacterial Aging

    Get PDF
    Deleterious mutations appearing in a population increase in frequency until stopped by natural selection. The ensuing equilibrium creates a stable frequency of deleterious mutations or the mutational load. Here I develop the comparable concept of a damage load, which is caused by harmful non-heritable changes to the phenotype. A damage load also ensues when the increase of damage is opposed by selection. The presence of a damage load favors the evolution of asymmetrical transmission of damage by a mother to her daughters. The asymmetry is beneficial because it increases fitness variance, but it also leads to aging or senescence. A mathematical model based on microbes reveals that a cell lineage dividing symmetrically is immortal if lifetime damage rates do not exceed a threshold. The evolution of asymmetry allows the lineage to persist above the threshold, but the lineage becomes mortal. In microbes with low genomic mutation rates, it is likely that the damage load is much greater than the mutational load. In metazoans with higher genomic mutation rates, the damage and the mutational load could be of the same magnitude. A fit of the model to experimental data shows that Escherichia coli cells experience a damage rate that is below the threshold and are immortal under the conditions examined. The model estimates the asymmetry level of E. coli to be low but sufficient for persisting at higher damage rates. The model also predicts that increasing asymmetry results in diminishing fitness returns, which may explain why the bacterium has not evolved higher asymmetry
    corecore