Modeling and Analysis of Advanced Cryptographic Primitives and Security Protocols in Maude-NPA

Tesis por compendio[ES] La herramienta criptográfica Maude-NPA es un verificador de modelos especializado para protocolos de seguridad criptográficos que tienen en cuenta las propiedades algebraicas de un sistema criptográfico. En la literatura, las propiedades criptográficas adicionales han descubierto debilidades de los protocolos de seguridad y, en otros casos, son parte de los supuestos de seguridad del protocolo para funcionar correctamente. Maude-NPA tiene una base teórica en la rewriting logic, la unificación ecuacional y el narrowing para realizar una búsqueda hacia atrás desde un patrón de estado inseguro para determinar si es alcanzable o no. Maude-NPA se puede utilizar para razonar sobre una amplia gama de propiedades criptográficas, incluida la cancelación del cifrado y descifrado, la exponenciación de Diffie-Hellman, el exclusive-or y algunas aproximaciones del cifrado homomórfico. En esta tesis consideramos nuevas propiedades criptográficas, ya sea como parte de protocolos de seguridad o para descubrir nuevos ataques. También hemos modelado diferentes familias de protocolos de seguridad, incluidos los Distance Bounding Protocols or Multi-party key agreement protocolos. Y hemos desarrollado nuevas técnicas de modelado para reducir el coste del análisis en protocolos con tiempo y espacio. Esta tesis contribuye de varias maneras al área de análisis de protocolos criptográficos y muchas de las contribuciones de esta tesis pueden ser útiles para otras herramientas de análisis criptográfico.[CAT] L'eina criptografica Maude-NPA es un verificador de models especialitzats per a protocols de seguretat criptogràfics que tenen en compte les propietats algebraiques d'un sistema criptogràfic. A la literatura, les propietats criptogràfiques addicionals han descobert debilitats dels protocols de seguretat i, en altres casos, formen part dels supòsits de seguretat del protocol per funcionar correctament. Maude-NPA te' una base teòrica a la rewriting lògic, la unificació' equacional i narrowing per realitzar una cerca cap enrere des d'un patró' d'estat insegur per determinar si es accessible o no. Maude-NPA es pot utilitzar per raonar sobre una amplia gamma de propietats criptogràfiques, inclosa la cancel·lació' del xifratge i desxifrat, l'exponenciacio' de Diffie-Hellman, el exclusive-or i algunes aproximacions del xifratge homomòrfic. En aquesta tesi, considerem noves propietats criptogràfiques, ja sigui com a part de protocols de seguretat o per descobrir nous atacs. Tambe' hem modelat diferents famílies de protocols de seguretat, inclosos els Distance Bounding Protocols o Multi-party key agreement protocols. I hem desenvolupat noves tècniques de modelització' de protocols per reduir el cost de l'analisi en protocols amb temps i espai. Aquesta tesi contribueix de diverses maneres a l’àrea de l’anàlisi de protocols criptogràfics i moltes de les contribucions d’aquesta tesi poden ser útils per a altres eines d’anàlisi criptogràfic.[EN] The Maude-NPA crypto tool is a specialized model checker for cryptographic security protocols that take into account the algebraic properties of the cryptosystem. In the literature, additional crypto properties have uncovered weaknesses of security protocols and, in other cases, they are part of the protocol security assumptions in order to function properly. Maude-NPA has a theoretical basis on rewriting logic, equational unification, and narrowing to perform a backwards search from an insecure state pattern to determine whether or not it is reachable. Maude-NPA can be used to reason about a wide range of cryptographic properties, including cancellation of encryption and decryption, Diffie-Hellman exponentiation, exclusive-or, and some approximations of homomorphic encryption. In this thesis, we consider new cryptographic properties, either as part of security protocols or to discover new attacks. We have also modeled different families of security protocols, including Distance Bounding Protocols or Multi-party key agreement protocols. And we have developed new protocol modeling techniques to reduce the time and space analysis effort. This thesis contributes in several ways to the area of cryptographic protocol analysis and many of the contributions of this thesis can be useful for other crypto analysis tools.This thesis would not have been possible without the funding of a set of research projects. The main contributions and derivative works of this thesis have been made in the context of the following projects: - Ministry of Economy and Business of Spain : Project LoBaSS Effective Solutions Based on Logic, Scientific Research under award number TIN2015-69175-C4-1-R, this project was focused on using powerful logic-based technologies to analyze safety-critical systems. - Air Force Office of Scientific Research of United States of America : Project Advanced symbolic methods for the cryptographic protocol analyzer Maude-NPA Scientific Research under award number FA9550-17-1-0286 - State Investigation Agency of Spain : Project FREETech: Formal Reasoning for Enabling and Emerging Technologies Scientific I+D-i Research under award number RTI2018-094403-B-C32Aparicio Sánchez, D. (2022). Modeling and Analysis of Advanced Cryptographic Primitives and Security Protocols in Maude-NPA [Tesis doctoral]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/190915Compendi

Effects of Endocardial Microwave Energy Ablation

Until recently the treatment of atrial fibrillation (AF) consisted primarily of palliation, mostly in the form of pharmacological intervention. However because of recent advances in nonpharmacologic therapies, the current expectation of patients and referring physicians is that AF will be cured, rather than palliated. In recent years there has been a rapid expansion in the availability and variety of energy sources and devices for ablation. One of these energies, microwave, has been applied clinically only in the last few years, and may be a promising technique that is potentially capable of treating a wide range of ventricular and supraventricular arrhythmias. The purpose of this study was to review microwave energy ablation in surgical treatment of AF with special interest in histology and ultrastructure of lesions produced by this endocardial ablation procedure

Why a Virtual Assistant for Moral Enhancement When We Could have a Socrates?

This article was written as a part of the research project Digital Ethics. Moral Enhancement through an Interactive Use of Artificial Intelligence (PID2019-104943RB-I00), funded by the State Research Agency of the Spanish Government. The author is very grateful for the helpful suggestions and comments given on earlier versions of this paper by Jon Rueda, Juan Ignacio del Valle, Blanca Rodriguez, Miguel Moreno and Jan Deckers.Can Artificial Intelligence (AI) be more effective than human instruction for the moral enhancement of people? The author argues that it only would be if the use of this technology were aimed at increasing the individual’s capacity to reflectively decide for themselves, rather than at directly influencing behaviour. To support this, it is shown how a disregard for personal autonomy, in particular, invalidates the main proposals for applying new technologies, both biomedical and AI-based, to moral enhancement. As an alternative to these proposals, this article proposes a virtual assistant that, through dialogue, neutrality and virtual reality technologies, can teach users to make better moral decisions on their own. The author concludes that, as long as certain precautions are taken in its design, such an assistant could do this better than a human instructor adopting the same educational methodology.State Research Agency of the Spanish Government PID2019-104943RB-I0

Artificial Intelligence as a Socratic Assistant for Moral Enhancement

The moral enhancement of human beings is a constant theme in the history of humanity. Today, faced with the threats of a new, globalised world, concern over this matter is more pressing. For this reason, the use of biotechnology to make human beings more moral has been considered. However, this approach is dangerous and very controversial. The purpose of this article is to argue that the use of another new technology, AI, would be preferable to achieve this goal. Whilst several proposals have been made on how to use AI for moral enhancement, we present an alternative that we argue to be superior to other proposals that have been developed

Neurorehabilitation of Offenders, Consent and Consequentialist Ethics

The new biotechnology raises expectations for modifying human behaviour through its use. This article focuses on the ethical analysis of the not so remote possibility of rehabilitating criminals by means of neurotechnological techniques. The analysis is carried out from a synthetic position of, on the one hand, the consequentialist conception of what is right and, on the other hand, the emphasis on individual liberties. As a result, firstly, the ethical appropriateness of adopting a general predisposition for allowing the neurorehabilitation of prisoners only if it is safe and if they give their consent will be defended. But, at the same time, reasons will be given for requiring, in certain circumstances, the exceptional use of neurotechnology to rehabilitate severely psychopathic prisoners, even against their will, from the same ethical perspective.This article was written as a part of the research project Digital Ethics.Moral Enhancement through an Interactive Use of Artificial Intelligence (PID2019-104943RB-I00), funded by the State Research Agency of the Spanish Government. Funding for open access charge: Universidad de Granada / CBU

Variant-based Equational Unification under Constructor Symbols

Equational unification of two terms consists of finding a substitution that, when applied to both terms, makes them equal modulo some equational properties. A narrowing-based equational unification algorithm relying on the concept of the variants of a term is available in the most recent version of Maude, version 3.0, which provides quite sophisticated unification features. A variant of a term t is a pair consisting of a substitution sigma and the canonical form of tsigma. Variant-based unification is decidable when the equational theory satisfies the finite variant property. However, this unification procedure does not take into account constructor symbols and, thus, may compute many more unifiers than the necessary or may not be able to stop immediately. In this paper, we integrate the notion of constructor symbol into the variant-based unification algorithm. Our experiments on positive and negative unification problems show an impressive speedup.Comment: In Proceedings ICLP 2020, arXiv:2009.09158. arXiv admin note: substantial text overlap with arXiv:1909.0824

Mejoras en la interacción con la herramienta Maude-NPA

[EN] The security in modern online services is increasingly more and more vulnerable to intruder attacks. Companies like Yubiko works on devices like Yubikey, a USB device that provides strong identification. In this thesis, we have specified and analyzed the cryptographic protocol underneath the Yubikey device using the Maude-NPA tool, a state-of-the-art cryptographic protocol analyzer. During this thesis, we learned how the Yubikey protocol works, we learn how to use the Tamarin proper, another protocol analyzer, and how to specify and analysis this protocol using the Maude-NPA features.El desarrollo de este proyecto final de carrera tiene como objetivo mejorar los mecanismos de interacción con la herramienta Maude-NPA, ya sea mejorando la interfaz gráfica o el formato de entrada o los comandos asociados. Maude-NPA es una herramienta que permite el análisis de protocolos criptográficos y que ha sido realizada por el profesor Santiago Escobar de la Universidad Politécnica de Valencia en colaboración con el profesor José Meseguer (Universidad de Illinois en Urbana-Champaign, EE.UU.) y la profesora Catherine Meadows (Marina de los Estados Unidos, Washington, D.C, EE.UU.). Existen multitud de nuevas características aún pendientes de ser integradas en la interfaz de entrada de la herramienta, como nuevas propiedades algebraicas de los protocolos (como homomorfismos o ó-exclusivo), el manejo de composición de protocolos de comunicaciones o un lenguaje más rico de especificación de propiedades.Aparicio Sánchez, D. (2017). Mejoras en la interacción con la herramienta Maude-NPA. http://hdl.handle.net/10251/90079TFG

Síntesis Reflexiva: Aprendiendo a enseñar

En este Trabajo Fin de Máster presentamos una síntesis reflexiva que evidencia los aprendizajes adquiridos a lo largo del Máster, vinculando las prácticas en centros con los contenidos abordados a lo largo de los módulos teóricos. Para ello, haremos referencia a los módulos comunes y específicos. Finalmente, reflexionaremos sobre los conocimientos consolidados sobre la realidad profesional docente, cuestionándolos desde la práctica y valorando lo aprendido en el Máster.Número de páginas: 4

AI‑powered recommender systems and the preservation of personal autonomy

Recommender Systems (RecSys) have been around since the early days of the Internet, helping users navigate the vast ocean of information and the increasingly available options that have been available for us ever since. The range of tasks for which one could use a RecSys is expanding as the technical capabilities grow, with the disruption of Machine Learning representing a tipping point in this domain, as in many others. However, the increase of the technical capabilities of AI-powered RecSys did not come with a thorough consideration of their ethical implications and, despite being a well-established technical domain, the potential impacts of RecSys on their users are still under-assessed. This paper aims at filling this gap in regards to one of the main impacts of RecSys: personal autonomy. We first describe how technology can affect human values and a suitable methodology to identify these effects and mitigate potential harms: Value Sensitive Design (VSD). We use VSD to carry out a conceptual investigation of personal autonomy in the context of a generic RecSys and draw on a nuanced account of procedural autonomy to focus on two components: competence and authenticity. We provide the results of our inquiry as a value hierarchy and apply it to the design of a speculative RecSys as an exampleUniversidad de Granada/ CBUAAgencia Estatal de Investigación (PID2019-104943RB-I00) FEDER/ Junta de Andalucía (B-HUM-64- UGR20

Implementación de una interfaz gráfica para Maude-NPA

[ES] Maude-NPA es una herramienta de verificación de protocolos criptográficos desarrollada por la University of Illinois at Urbana- Champaign (EE.UU.), el Navy Research Laboratory en Washington D.C. (EE.UU.) y la Universitat Politècnica de València. Maude-NPA es un poderoso analizador, es flexible ya que puedes crear tu propia notación y permite una larga variedad de propiedades criptográficas como homomorfismo o or-exclusivo. Sin embargo, la interfaz existente para modelar protocolos y luego verificar propiedades de seguridad de éstos es compleja y difícil de entender, por lo que hace a la herramienta Maude-NPA poca atractiva. Andrew Russel Cholewa, estudiante de máster en la University of Illinois at Urbana-Champaign propuso un nuevo lenguaje de modelado de protocolos y de verificación de sus propiedades de seguridad, denominado Maude-NPA Protocol Specification Language (Maude- PSL). Maude-PSL utiliza la notación Alice y Bob estándar para definir protocolos de forma directa: la interpretación de cada uno de los mensajes enviados o recibidos por cada participante (rol) utilizando tanto la información asumida al comienzo de la ejecución del protocolo como la información de los participantes al final de la ejecución. En este proyecto de fin der grado durante una estancia en la University of Illinois at Urbana-Champaign de cinco meses, me he centrado en modelar y verificar la mayor cantidad de protocolos criptográficos descritos en Maude-PSL, incluyendo protocolos con homomorfismo, y conseguir que tengan el mismo resultado que con Maude-NPA original y, en el caso de no ser así, modificar los protocolos.Aparicio Sánchez, D. (2016). Implementación de una interfaz gráfica para Maude-NPA. http://hdl.handle.net/10251/70781.TFG