1,166 Hits in 7.2 sec

PFMC: a parallel symbolic model checker for security protocol verification [article]

Alex James, Alwen Tiu, Nisansala Yatapanage
2022 arXiv   pre-print
We present an investigation into the design and implementation of a parallel model checker for security protocol verification that is based on a symbolic model of the adversary, where instantiations of  ...  attacker model and more general algebraic attacker models.  ...  [5] using the SATMC model checker [4] . There is an attack when two sessions of the protocol are running concurrently.  ... 
arXiv:2207.09895v1 fatcat:kjiwvuwggbd4bfh65cqwyjofua

Ephemeral-Secret-Leakage Secure ID-Based Three-Party Authenticated Key Agreement Protocol for Mobile Distributed Computing Environments

Chao-Liang Liu, Wang-Jui Tsai, Ting-Yi Chang, Ta-Ming Liu
2018 Symmetry  
Each participant is ensured that no other participants or adversaries can learn or determine the value of a common session key in a protocol run.  ...  The participants can authenticate each other using the public/private key pair and construct a common session key.  ...  Figure 4 . 4 Simulation result of the proposed protocol on On-the-fly Model-Checker (OFMC) model checker.  ... 
doi:10.3390/sym10040084 fatcat:eeoczd3vnrg5fme7xkgjfp7bnm

Formal modelling and automatic detection of resource exhaustion attacks

Bogdan Groza, Marius Minea
2011 Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security - ASIACCS '11  
We have successfully tested an implementation of the methodology in a validation platform on relevant protocol examples, in what to the best of our knowledge is the first formal automated analysis of DoS  ...  Our classification separates excessive but legal protocol use (e.g., flooding) from illegal protocol manipulation that causes participants to waste computation time without reaching the protocol goals.  ...  To model multiple sessions run in parallel, which also covers the case of a potential distributed DoS (DDoS), we need to track the costs cumulated from sessions initiated by the adversary.  ... 
doi:10.1145/1966913.1966955 dblp:conf/ccs/GrozaM11 fatcat:txkfrfhegjdkbaihr3vysavei4

Cryptographic Protocols over Open Distributed Systems: A Taxonomy of Flaws and related Protocol Analysis Tools [chapter]

S. Gritzalis, D. Spinellis
1997 Safe Comp 97  
In this paper we divide possible flaws based on the flaw pathology and the corresponding attack method, into elementary protocol flaws, password/key guessing flaws, stale message flaws, parallel session  ...  When designing and implementing cryptographic protocols one must avoid a number of possible flaws.  ...  weaknesses, password/key guessing, message re-use, or the establishment of a parallel session.  ... 
doi:10.1007/978-1-4471-0997-6_10 dblp:conf/safecomp/GritzalisS97 fatcat:go4hkyeygrczjg63vlgyaopnde

Modelling, verification, and formal analysis of security properties in a P2P system

Sam B. Sanjabi, Franck Pommereau
2010 2010 International Symposium on Collaborative Technologies and Systems  
We present a security analysis of the SPREADS 1 system, a distributed storage service based on a centralized peer-topeer architecture.  ...  We discuss the implications of conducting similar research on a decentralized system, which fully distributes the central service, in section 6.  ...  An ABCD compiler is packaged with the distribution of SNAKES [12, 11] so we directly used SNAKES as a model checker also (although it is more dedicated to quick prototyping and provides low performance  ... 
doi:10.1109/cts.2010.5478474 dblp:conf/cts/SanjabiP10 fatcat:ltzy3jeh6ndgvpw67g5na2e4wq

Secure Deduplication of Encrypted Data without Additional Independent Servers

Jian Liu, N. Asokan, Benny Pinkas
2015 Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security - CCS '15  
Interestingly, the scheme is based on using a PAKE (password authenticated key exchange) protocol. We demonstrate that our scheme provides better security guarantees than previous efforts.  ...  Encrypting data on client-side before uploading it to a cloud storage is essential for protecting users' privacy.  ...  We thank Ivan Martinovic for suggesting the analogy between our system and web-caching proxies and Bogdan Warinschi for pointing out attacks from corrupt uploaders.  ... 
doi:10.1145/2810103.2813623 dblp:conf/ccs/LiuAP15 fatcat:df5ozdvhzjbnzoy4zayb47v6ci

Scalable, password-based and threshold authentication for smart homes

Andrea Huszti, Szabolcs Kovács, Norbert Oláh
2022 International Journal of Information Security  
We apply the on-the-fly model checker and the constraint-logic-based attack searcher to perform protocol verification for bounded numbers of sessions.  ...  We introduce a threshold and password-based, distributed, mutual authenticated key agreement with key confirmation protocol for a smart home environment.  ...  Using the Dolev-Yao model, the back-ends model checkers verify whether there is any manin-the-middle attack possible by the intruder.  ... 
doi:10.1007/s10207-022-00578-7 fatcat:oeezaxjyubeqjaujl3hidr2sdy

Automatic verification of cryptographic protocols

Bruno Blanchet
2003 Proceedings of the 5th ACM SIGPLAN international conference on Principles and practice of declaritive programming - PPDP '03  
We present a technique for cryptographic protocol verification, based on an intermediate representation of the protocol by a set of Horn clauses (a logic program).  ...  Furthermore, the obtained security proofs are valid for an unbounded number of sessions of the protocol.  ...  An extreme example is the well-known Needham-Schroeder public key protocol [13] : In this very simple protocol, a flaw was found 17 years after its publication, by Lowe [12] using the model checker  ... 
doi:10.1145/888251.888252 dblp:conf/ppdp/Blanchet03 fatcat:k7g7vqlvi5e7nfkz4beyhuctpm

Rewriting Techniques in the Constraint Solver

Jonathan Millen
2009 Electronical Notes in Theoretical Computer Science  
The constraint solver uses a free message algebra and a bounded-process network model with a Dolev-Yao attacker. These choices yield simplicity and decidability.  ...  The constraint solver is a symbolic cryptographic protocol security analysis tool that is based on a unique term rewriting approach.  ...  Using a model checker generally means making some approximation or imposing some theoretically severe limitation on the protocol and environment model.  ... 
doi:10.1016/j.entcs.2009.02.073 fatcat:uvt3p4oc3zf7vac5hpcbgwtkje

Formal Validation of OFEPSP+ with AVISPA [chapter]

Jorge L. Hernandez-Ardieta, Ana I. Gonzalez-Tablas, Benjamin Ramos
2009 Lecture Notes in Computer Science  
OFEPSP+ ensures that no party gains an unfair advantage over the other during the protocol execution, while substantially reducing the probability of a successful attack on the protocol due to a compromise  ...  formally specify and validate security protocols for the Internet. ⋆ The authors would like to thank the AVISPA project team, and specially Laurent Vigneron and Luca Viganò, for their useful comments on  ...  Session compilation with OFMC : With session compilation (sessco), OFMC finds a replay attack even without a second parallel session.  ... 
doi:10.1007/978-3-642-03459-6_9 fatcat:tw6sdm6opnclzpubqftxiyqply

Security Protocols in a Nutshell [article]

Mohsen Toorani
2016 arXiv   pre-print
Furthermore, a survey on computational security models for authenticated key exchange (AKE) and password-authenticated key exchange (PAKE) protocols, as the most important and well-studied type of security  ...  It reviews foundations of security protocols, taxonomy of attacks on security protocols and their implementations, and different methods and models for security analysis of protocols.  ...  A famous example is the Needham-Schroeder protocol [204] on which a man-in-the-middle attack was found using the FDR model checker, seventeen years after publication of the protocol [269] , although  ... 
arXiv:1605.09771v2 fatcat:mkbc3in6tvdo7madnvqaxogbfq

Knowledge Flow Analysis for Security Protocols [article]

Emina Torlak, Marten van Dijk, Blaise Gassend, Daniel Jackson, and Srinivas Devadas
2006 arXiv   pre-print
A generic framework in the Alloy modelling language is presented, and instantiated for two standard protocols, and a new key management scheme.  ...  A protocol is described by a collection of rules constraining the propagation of knowledge amongst principals.  ...  Acknowledgments We would like to thank Viktor Kuncak, Ishan Sachdev, and Ilya Shlyakhter for their contributions to and comments on earlier versions of this work.  ... 
arXiv:cs/0605109v1 fatcat:4fj3m5w2vzhe3pscpsp5loyl2e

Securing IMS against novel threats

Stefan Wahl, Konrad Rieck, Pavel Laskov, Peter Domschitz, Klaus-Robert Muller
2009 Bell Labs technical journal  
The crucial feature of our system is a signature-less detection of abnormal events and zero-day attacks. These attacks may be hidden in a single message or spread across a sequence of messages.  ...  Fixed mobile convergence (FMC) based on the 3GPP IP Multimedia Subsystem (IMS) is considered one of the most important communication technologies of this decade.  ...  IMS technology relies on principles and protocols of the Internet Engineering Task Force (IETF). The Session Initiation Protocol (SIP) plays the key role in controlling diverse multimedia services.  ... 
doi:10.1002/bltj.20365 fatcat:vf7shun26va2bn472nokba737i

Formal Verification of Payment protocol using AVISPA

A.R. Rizwana Shaikh, Satish Devane
2010 International Journal for Infonomics  
AVISPA is one of the evolving tools used mainly for verifying security properties. A newly designed electronic payment protocol is verified for its correctness and security properties.  ...  Specifically protocol used in ecommerce transactions needs to be verified for their security properties. Verification of these protocols is done using the formal verification tools.  ...  There is no attack found on session key by the intruder. Also secrecy of session key and transferred messages between parties are maintained.  ... 
doi:10.20533/iji.1742.4712.2010.0035 fatcat:72g7exi4c5ejriugnapb5vb6ky

On-the-Fly Trace Generation Approach to the Security Analysis of the TMN Protocol with Homomorphic Property: A Petri Nets-Based Method

2012 IEICE transactions on information and systems  
Similarly, the limitation of the analysis of one attack trace occurs in most model checking methods for cryptographic protocols.  ...  Then, we apply our new method to TMN authenticated key exchange protocol as a case study.  ...  Acknowledgements The first author would like to thank Kurt Jensen and his group for the suggestion about the names of the on-thefly trace generation and the textual trace analysis after his presentation  ... 
doi:10.1587/transinf.e95.d.215 fatcat:n2fwvdnynvepfgflokcaoyvryy
« Previous Showing results 1 — 15 out of 1,166 results