Verifying security protocols by knowledge analysis

This paper describes a new interactive method to analyse knowledge of participants involved in security protocols and further to verify the correctness of the protocols. The method can detect attacks and flaws involving interleaving sessions besides normal attacks. The implementation of the method in a generic theorem proving environment, namely Isabelle, makes the verification of protocols mechanical and efficient; it can verify a medium-sized security protocol in less than ten seconds. As an example, the paper finds the flaw in the Needham-Schroeder public key authentication protocol and proves the secure properties and guarantees of the protocol with Lowe's fix to show the effectiveness of this method

A Bi-Hamiltonian Formulation for Triangular Systems by Perturbations

A bi-Hamiltonian formulation is proposed for triangular systems resulted by perturbations around solutions, from which infinitely many symmetries and conserved functionals of triangular systems can be explicitly constructed, provided that one operator of the Hamiltonian pair is invertible. Through our formulation, four examples of triangular systems are exhibited, which also show that bi-Hamiltonian systems in both lower dimensions and higher dimensions are many and varied. Two of four examples give local 2+1 dimensional bi-Hamiltonian systems and illustrate that multi-scale perturbations can lead to higher-dimensional bi-Hamiltonian systems.Comment: 16 pages, to appear in J. Math. Phy

A refined invariant subspace method and applications to evolution equations

The invariant subspace method is refined to present more unity and more diversity of exact solutions to evolution equations. The key idea is to take subspaces of solutions to linear ordinary differential equations as invariant subspaces that evolution equations admit. A two-component nonlinear system of dissipative equations was analyzed to shed light on the resulting theory, and two concrete examples are given to find invariant subspaces associated with 2nd-order and 3rd-order linear ordinary differential equations and their corresponding exact solutions with generalized separated variables.Comment: 16 page

Influences of magnetic coupling process on the spectrum of a disk covered by the corona

Recently, much attention has been paid to the magnetic coupling (MC) process, which is supported by very high emissivity indexes observed in Seyfert 1 galaxy MCG-6-30-15 and GBHC XTE J1650-500. But the rotational energy transferred from a black hole is simply assumed to be radiated away from the surrounding accretion disk in black-body spectrum, which is obviously not consistent with the observed hard power-law X-ray spectra. We intend to introduce corona into the MC model to make it more compatible with the observations. We describe the model and the procedure of a simplified Monte Carlo simulation, compare the output spectra in the cases with and without the MC effects, and discuss the influences of three parameters involved in the MC process on the output spectra. It is shown that the MC process augments radiation fluxes in the UV or X-ray band. The emergent spectrum is affected by the BH spin and magnetic field strength at the BH horizon, while it is almost unaffected by the radial profile of the magnetic field at the disk. Introducing corona into the MC model will improve the fitting of the output spectra from AGNs and GBHCs.Comment: 15 pages, 5 figures, accepted by A&

Resisting tracker attacks by query terms analysis

Tracker attacks pose a serious threat to databases, especially those used in manufactory and management in industry. These attacks can be used to infer sensitive information in databases and they are difficult to detect. This paper proposes a new approach to dealing with such attacks by analysing each disjunctive term in every query statement. Potential tracker attacks will be detected and then suppressed to avoid any further real attacks. A sample database table and a sample attack are given and analysed to show the effectiveness of the new approach

Analysing and attacking the 4-way handshake of IEEE 802.11i standard

The IEEE 802.11i standard has been designed to enhance security in wireless networks. In the 4-way handshake the supplicant and the authenticator use the pairwise master key (PMK) to derive a fresh pairwise transient key (PTK). The PMK is not used directly for security while assuming the supplicant and authenticator have the same PMK before running 4-way handshake. In this paper, the 4-way handshake phase has been analysed using Isabelle tool to identify a new Denial-of-Service (DoS) attack. The attack prevents the authenticator from receiving message 4 after the supplicant sends it out. This attack forces the authenticator to re-send the message 3 until time out and subsequently to de-authenticate supplicant. This paper has proposed improvements to the 4-way handshake to avoid the Denial-of-Service attack

Biometric identity-based cryptography for e-Government environment

Government information is a vital asset that must be kept in a trusted environment and efficiently managed by authorised parties. Even though e-Government provides a number of advantages, it also introduces a range of new security risks. Sharing confidential and top-secret information in a secure manner among government sectors tend to be the main element that government agencies look for. Thus, developing an effective methodology is essential and it is a key factor for e-Government success. The proposed e-Government scheme in this paper is a combination of identity-based encryption and biometric technology. This new scheme can effectively improve the security in authentication systems, which provides a reliable identity with a high degree of assurance. In addition, this paper demonstrates the feasibility of using Finite-state machines as a formal method to analyse the proposed protocols