FocusST加密属性分析解决方案

International Conference on Evaluation of Novel Approaches to Software Engineering Pub Date : 2018-07-05 DOI:10.5220/0006772103200327

M. Spichkova, Radhika Bhat

{"title":"FocusST加密属性分析解决方案","authors":"M. Spichkova, Radhika Bhat","doi":"10.5220/0006772103200327","DOIUrl":null,"url":null,"abstract":"To analyse cryptographic properties of distributed systems in a systematic way, a formal theory is required. In this paper, we present a theory that allows (1) to specify distributed systems formally, (2) to verify their cryptographic wrt. composition properties, and (3) to demonstrate the correctness of syntactic interfaces for specified system components automatically. To demonstrate the feasibility of the approach we use a typical example from the domain of crypto-based systems: a variant of the Internet security protocol TLS. A security flaw in the initial version of TLS specification was revealed using a semi-automatic theorem prover, Isabelle/HOL.","PeriodicalId":420861,"journal":{"name":"International Conference on Evaluation of Novel Approaches to Software Engineering","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-07-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"FocusST Solution for Analysis of Cryptographic Properties\",\"authors\":\"M. Spichkova, Radhika Bhat\",\"doi\":\"10.5220/0006772103200327\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"To analyse cryptographic properties of distributed systems in a systematic way, a formal theory is required. In this paper, we present a theory that allows (1) to specify distributed systems formally, (2) to verify their cryptographic wrt. composition properties, and (3) to demonstrate the correctness of syntactic interfaces for specified system components automatically. To demonstrate the feasibility of the approach we use a typical example from the domain of crypto-based systems: a variant of the Internet security protocol TLS. A security flaw in the initial version of TLS specification was revealed using a semi-automatic theorem prover, Isabelle/HOL.\",\"PeriodicalId\":420861,\"journal\":{\"name\":\"International Conference on Evaluation of Novel Approaches to Software Engineering\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-07-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Conference on Evaluation of Novel Approaches to Software Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.5220/0006772103200327\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Conference on Evaluation of Novel Approaches to Software Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5220/0006772103200327","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

为了系统地分析分布式系统的密码特性，需要一个形式化的理论。在本文中，我们提出了一个理论，允许(1)正式指定分布式系统，(2)验证其加密wrt。(3)自动演示指定系统组件的语法接口的正确性。为了证明该方法的可行性，我们使用了一个来自基于加密的系统领域的典型示例:互联网安全协议TLS的变体。使用半自动定理证明器Isabelle/HOL揭示了TLS规范初始版本中的安全漏洞。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

FocusST Solution for Analysis of Cryptographic Properties

To analyse cryptographic properties of distributed systems in a systematic way, a formal theory is required. In this paper, we present a theory that allows (1) to specify distributed systems formally, (2) to verify their cryptographic wrt. composition properties, and (3) to demonstrate the correctness of syntactic interfaces for specified system components automatically. To demonstrate the feasibility of the approach we use a typical example from the domain of crypto-based systems: a variant of the Internet security protocol TLS. A security flaw in the initial version of TLS specification was revealed using a semi-automatic theorem prover, Isabelle/HOL.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International Conference on Evaluation of Novel Approaches to Software Engineering

自引率

0.00%

发文量