Formal Models and Techniques for Analyzing Security Protocols最新文献

筛选
英文 中文
Security Analysis using Rank Functions in CSP 基于秩函数的CSP安全分析
Formal Models and Techniques for Analyzing Security Protocols Pub Date : 2011-03-07 DOI: 10.3233/978-1-60750-714-7-258
Steve A. Schneider
{"title":"Security Analysis using Rank Functions in CSP","authors":"Steve A. Schneider","doi":"10.3233/978-1-60750-714-7-258","DOIUrl":"https://doi.org/10.3233/978-1-60750-714-7-258","url":null,"abstract":"Communicating Sequential Processes (CSP) is an abstract language for describing processes and reasoning about their interactions within concurrent systems. It is appropriate for investigating the overall behaviour that emerges. It has a mature theory, and powerful tool support [For03] and can be considered as an off-the-shelf framework which can be customised for particular domains through additional domain-specific constructions and theory. This chapter introduces the application of CSP to the analysis of security protocols. For the purposes of this chapter, we will introduce only those parts of CSP that we use in protocol analysis. Fuller descriptions of the language and theory can be found in [Hoa85,Ros97,Sch99].","PeriodicalId":253475,"journal":{"name":"Formal Models and Techniques for Analyzing Security Protocols","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-03-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134486837","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Types for Security Protocols 安全协议类型
Formal Models and Techniques for Analyzing Security Protocols Pub Date : 1900-01-01 DOI: 10.3233/978-1-60750-714-7-143
R. Focardi, Matteo Maffei
{"title":"Types for Security Protocols","authors":"R. Focardi, Matteo Maffei","doi":"10.3233/978-1-60750-714-7-143","DOIUrl":"https://doi.org/10.3233/978-1-60750-714-7-143","url":null,"abstract":"","PeriodicalId":253475,"journal":{"name":"Formal Models and Techniques for Analyzing Security Protocols","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125702756","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
Applied pi calculus 应用π微积分
Formal Models and Techniques for Analyzing Security Protocols Pub Date : 1900-01-01 DOI: 10.3233/978-1-60750-714-7-112
M. Ryan, B. Smyth
{"title":"Applied pi calculus","authors":"M. Ryan, B. Smyth","doi":"10.3233/978-1-60750-714-7-112","DOIUrl":"https://doi.org/10.3233/978-1-60750-714-7-112","url":null,"abstract":"The applied pi calculus is a language for modelling security protocols. It is an extension of the pi calculus, a language for studying concurrency and process interaction. This chapter presents the applied pi calculus in a tutorial style. It describes reachability, correspondence, and observational equivalence properties, with examples showing how to model secrecy, authentication, and privacy aspects of protocols.","PeriodicalId":253475,"journal":{"name":"Formal Models and Techniques for Analyzing Security Protocols","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130617197","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 41
Shapes: Surveying Crypto Protocol Runs 形状:测量加密协议运行
Formal Models and Techniques for Analyzing Security Protocols Pub Date : 1900-01-01 DOI: 10.3233/978-1-60750-714-7-222
J. Guttman
{"title":"Shapes: Surveying Crypto Protocol Runs","authors":"J. Guttman","doi":"10.3233/978-1-60750-714-7-222","DOIUrl":"https://doi.org/10.3233/978-1-60750-714-7-222","url":null,"abstract":"Given a cryptographic protocol, and some assumptions, can we present everything that can happen, subject to these assumptions? The assumptions may include: (i) some behavior assumed to have occurred, (ii) some keys assumed to be uncompromised, and (iii) some values assumed to have been freshly chosen. An object representing these types of information is called a skeleton. The shapes for a skeleton A are the minimal, essentially different executions that are compatible with the assumptions in A. The set of shapes for an A is frequently but not always finite. Given a finite set of shapes for A, it is evident whether a security goal such as authentication or confidentiality holds for A. In this paper, we describe a search that finds the shapes, starting from a protocol and a skeleton A. The search is driven by the challenge-response patterns formalized in the strand space authentication tests.","PeriodicalId":253475,"journal":{"name":"Formal Models and Techniques for Analyzing Security Protocols","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126331565","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 25
Constraint solving techniques and enriching the model with equational theories 约束求解技术和用方程理论丰富模型
Formal Models and Techniques for Analyzing Security Protocols Pub Date : 1900-01-01 DOI: 10.3233/978-1-60750-714-7-35
Hubert Comon-Lundh, S. Delaune, J. Millen
{"title":"Constraint solving techniques and enriching the model with equational theories","authors":"Hubert Comon-Lundh, S. Delaune, J. Millen","doi":"10.3233/978-1-60750-714-7-35","DOIUrl":"https://doi.org/10.3233/978-1-60750-714-7-35","url":null,"abstract":"Derivability constraints represent in a symbolic way the in finite set of possible executions of a finite protocol, in presence of an ar bitr y active attacker. Solving a derivability constraint consists in computing a s implified representation of such executions, which is amenable to the verification of a ny (trace) security property. Our goal is to explain this method on a non-trivial combination of primitives. In this chapter we explain how to model the protocol executio ns using derivability constraints, and how such constraints are interpreted, d pending on the cryptographic primitives and the assumed attacker capabilitie s. Such capabilities are represented as a deduction system that has some specific prop erties. We choose as an example the combination of exclusive-or, symmetric encr yption/decryption and pairing/unpairing. We explain the properties of the deduct ion system in this case and give a complete and terminating set of rules that solves d erivability constraints. A similar set of rules has been already published for the clas sic l Dolev-Yao attacker, but it is a new result for the combination of primitiv es that we consider. This allows to decide trace security properties for this com bination of primitives and arbitrary finite protocols.","PeriodicalId":253475,"journal":{"name":"Formal Models and Techniques for Analyzing Security Protocols","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"113965583","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
Verifying a bounded number of sessions and its complexity 验证有限数量的会话及其复杂性
Formal Models and Techniques for Analyzing Security Protocols Pub Date : 1900-01-01 DOI: 10.3233/978-1-60750-714-7-13
M. Rusinowitch, Mathieu Turuani
{"title":"Verifying a bounded number of sessions and its complexity","authors":"M. Rusinowitch, Mathieu Turuani","doi":"10.3233/978-1-60750-714-7-13","DOIUrl":"https://doi.org/10.3233/978-1-60750-714-7-13","url":null,"abstract":"We investigate the complexity of the protocol insecurity pr oblem for a finite number of sessions (fixed number of interleaved runs). We show that this problem is NP-complete with respect to a Dolev-Yao model of i ntruders. The result does not assume a limit on the size of messages and supports as ymetric and nonatomic symmetric encryption keys. We also prove that in orde r to build an attack with a fixed number of sessions the intruder needs only to forg e messages of linear size, provided that they are represented as DAGs.","PeriodicalId":253475,"journal":{"name":"Formal Models and Techniques for Analyzing Security Protocols","volume":"89 22","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131770849","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Computational Soundness - The Case of Diffie-Hellman Keys 计算稳健性- Diffie-Hellman密钥的情况
Formal Models and Techniques for Analyzing Security Protocols Pub Date : 1900-01-01 DOI: 10.3233/978-1-60750-714-7-277
E. Bresson, Y. Lakhnech, L. Mazaré, B. Warinschi
{"title":"Computational Soundness - The Case of Diffie-Hellman Keys","authors":"E. Bresson, Y. Lakhnech, L. Mazaré, B. Warinschi","doi":"10.3233/978-1-60750-714-7-277","DOIUrl":"https://doi.org/10.3233/978-1-60750-714-7-277","url":null,"abstract":"Symbolic vs. Computational Models. A common criticism of symbolic approaches for security is that they rely on models that are too abstract to offer clear security guarantees. In such models the adversary appears to be severely restricted. The axioms that characterize security of primitives allow the adversary only a limited number of operations, and it is usually unclear how to enforce these axioms in actual implementations. Furthermore, the representation of messages as symbols does not permit reasoning about partial information, a real concern in many applications. This criticism is even more relevant given alternative models that offer clearly stronger guarantees. Under these computational models, security analysis of protocols considers a much lower level of abstraction. Typically, parties are viewed as algorithms (written in some Turing-complete language) and the messages with which they operate and communicate are actual bitstrings. The adversaries are required to operate efficiently (i.e. run in time polynomial in some security parameter), but are otherwise allowed to perform arbitrary computations. Furthermore, unlike in the case of symbolic methods where security of primitives is axiomatized, in computational approaches security is defined. This enables rigorous proofs that implementations actually meet their required security levels starting from widely accepted assumptions. The technique most commonly used in such proofs is known as \"reduction\". The idea is to show that the security of a cryptographic construct can be reduced to solving some problem(s) that is believed to be hard. Specifically, one argues that any adversary that is successful against the cryptographic construct can be used to solve some underlying hard problem. Typical hard problems include factoring, taking discrete logarithms, the computational Diffie-Hellman problem, etc [24]. The low level of abstraction and the powerful and realistic adversarial model imply strong security guarantees schemes with computational security proofs. Unfortunately, reduction techniques do not scale well. While they enjoyed considerable success for","PeriodicalId":253475,"journal":{"name":"Formal Models and Techniques for Analyzing Security Protocols","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125957826","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Using Horn Clauses for Analyzing Security Protocols 利用Horn子句分析安全协议
Formal Models and Techniques for Analyzing Security Protocols Pub Date : 1900-01-01 DOI: 10.3233/978-1-60750-714-7-86
B. Blanchet
{"title":"Using Horn Clauses for Analyzing Security Protocols","authors":"B. Blanchet","doi":"10.3233/978-1-60750-714-7-86","DOIUrl":"https://doi.org/10.3233/978-1-60750-714-7-86","url":null,"abstract":"This chapter presents a method for verifying security protocols based on an abstract representation of protocols by Horn clauses. This method is the foundation of the protocol verifier ProVerif. It is fully automatic, efficient, and can handle an unbounded number of sessions and an unbounded message space. It supports various cryptographic primitives defined by rewrite rules or equations. Even if we focus on secrecy in this chapter, this method can also prove other security properties, including authentication and process equivalences.","PeriodicalId":253475,"journal":{"name":"Formal Models and Techniques for Analyzing Security Protocols","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126698657","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 51
Protocol Composition Logic 协议组合逻辑
Formal Models and Techniques for Analyzing Security Protocols Pub Date : 1900-01-01 DOI: 10.3233/978-1-60750-714-7-182
Anupam Datta, John C. Mitchell, Arnab Roy, Stephan Hyeonjun Stiller
{"title":"Protocol Composition Logic","authors":"Anupam Datta, John C. Mitchell, Arnab Roy, Stephan Hyeonjun Stiller","doi":"10.3233/978-1-60750-714-7-182","DOIUrl":"https://doi.org/10.3233/978-1-60750-714-7-182","url":null,"abstract":"Protocol Composition Logic (PCL) is a logic for proving authentication and secrecy properties of network protocols. This chapter presents the central concepts of PCL, including a protocol programming language, the semantics of protocol execution in the presence of a network attacker, the syntax and semantics of PCL assertions, and axioms and proof rules for proving authentication properties. The presentation draws on a logical framework enhanced with subtyping, setting the stage for mechanizing PCL proofs. and gives a new presentation of PCL semantics involving honest and unconstrained principals. Other papers on PCL provide additional axioms, proof rules, and case studies of standardized protocols in","PeriodicalId":253475,"journal":{"name":"Formal Models and Techniques for Analyzing Security Protocols","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128830689","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
Analysing Security Protocols using CSP 使用CSP分析安全协议
Formal Models and Techniques for Analyzing Security Protocols Pub Date : 1900-01-01 DOI: 10.3233/978-1-60750-714-7-62
G. Lowe
{"title":"Analysing Security Protocols using CSP","authors":"G. Lowe","doi":"10.3233/978-1-60750-714-7-62","DOIUrl":"https://doi.org/10.3233/978-1-60750-714-7-62","url":null,"abstract":"In this chapter we describe how security protocols can be analysed using the process algebra CSP and the model checker FDR. The basic technique is to build a CSP model of a small system running the protocol, together with the most general intruder who can interact with that protocol, and then to use the model checker FDR to explore the state space, looking for insecure behaviours. We will base our explanation of the technique upon the book’s running example:","PeriodicalId":253475,"journal":{"name":"Formal Models and Techniques for Analyzing Security Protocols","volume":"77 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126220203","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信