Filters








5,454 Hits in 4.8 sec

Strong Invariants for the Efficient Construction of Machine-Checked Protocol Security Proofs

Simon Meier, Cas Cremers, David Basin
2010 2010 23rd IEEE Computer Security Foundations Symposium  
We embed an operational semantics for security protocols in the interactive theorem prover Isabelle/HOL and derive two strong protocol-independent invariants.  ...  Moreover, we have strong correctness guarantees since all proofs, including those deriving the underlying theory from the semantics, are machine checked.  ...  Interactive Methods for Machine-Checked Proofs: The Inductive Approach is one of the most successful approaches for interactively constructing machine-checked security proofs.  ... 
doi:10.1109/csf.2010.23 dblp:conf/csfw/MeierCB10 fatcat:ajle3ju7mjhndm2fqx35icm7km

Efficient construction of machine-checked symbolic protocol security proofs

Simon Meier, Cas Cremers, David Basin
2013 Journal of Computer Security  
The resulting proofs provide strong correctness guarantees since all proofs, including those deriving our theory from the security protocol model, are machine-checked.  ...  The resulting theory is well-suited for interactively constructing human-readable, protocol security proofs.  ...  We thank Christoph Sprenger and the anonymous reviewers for their comments, which greatly improved the presentation of this paper.  ... 
doi:10.3233/jcs-2012-0455 fatcat:5xtucgogtzbothxyctpxb5tg4m

Constant-Round Concurrent Zero Knowledge from P-Certificates

Kai-Min Chung, Huijia Lin, Rafael Pass
2013 2013 IEEE 54th Annual Symposium on Foundations of Computer Science  
Zero-knowledge (ZK) interactive proofs [GMR89] are paradoxical constructs that allow one player (called the Prover) to convince another player (called the Verifier) of the validity of a mathematical statement  ...  " non-interactive proofs/arguments for P.  ...  However, since we restrict to languages in P, checking whether soundness of any of these constructions is broken now becomes efficiently checkable (and thus assuming that they are secure becomes falsifiable  ... 
doi:10.1109/focs.2013.14 dblp:conf/focs/ChungLP13 fatcat:wdkggfvz75d7vb3xl77dspcfmy

Analysing Security Protocols Using Refinement in iUML-B [chapter]

Colin Snook, Thai Son Hoang, Michael Butler
2017 Lecture Notes in Computer Science  
The specification is then refined to introduce implementable mechanisms for the protocol. A gluing invariant specifies why the protocol achieves the security principle.  ...  We propose a general approach based on abstraction and refinement for constructing and analysing security protocols using formal specification and verification.  ...  Acknowledgement This work is funded by the Enable-S3 Project, www.enable-s3.eu.  ... 
doi:10.1007/978-3-319-57288-8_6 fatcat:z6ojqa2xm5bavhpvgi7l5owoku

Event-B based invariant checking of secrecy in group key protocols

Amjad Gawanmeh, Sofiene Tahar, Leila Jemni Ben Ayed
2008 2008 33rd IEEE Conference on Local Computer Networks (LCN)  
The correctness of group key protocols in communication systems remains a great challenge because of dynamic characteristics of group key construction as we deal with an open number of group members.  ...  Event-B deals with tools allowing invariant checking, and can be used to verify group key secrecy property.  ...  A strong point of event-B is the availability of tools that support automatic invariant checking such as Click'n'Prove [3] , B4free [8] , and RODIN [17] .  ... 
doi:10.1109/lcn.2008.4664308 dblp:conf/lcn/GawanmehTA08 fatcat:ym3nlzzc3bghnibheyuckm4yyy

Mechanised Verification of Distributed State-Space Algorithms for Security Protocols

Frederic Gava, Arthur Hidalgo, Jean Fortin
2012 2012 13th International Conference on Parallel and Distributed Computing, Applications and Technologies  
We study five algorithms (one sequential and four distributed where three of them are dedicated and optimised for security protocol) of state-space construction as a first step towards mechanised verification  ...  But it is wellknown that for non trivial protocols, MC may enumerate statespaces of astronomical sizes -the famous state-space explosion problem.  ...  To our knowledge, there are three existing approaches for automatically generating machine-checked protocol security proofs.  ... 
doi:10.1109/pdcat.2012.93 dblp:conf/pdcat/GavaHF12 fatcat:dhsylybaznhf5ondi2znwwjnqe

Algebraic cryptography: new constructions and their security against provable break

D. Grigoriev, A. Kojevnikov, S. J. Nikolenko
2009 St. Petersburg Mathematical Journal  
For example, the RSA protocol is based on number theory; the very construction of the protocol requires computing the Euler totient ϕ(n).  ...  It is proved that the cryptosystems based on matrix group invariants and a version of the Anshel-Anshel-Goldfeld key agreement protocol for modular groups are secure against provable break unless NP =  ...  Acknowledgments The authors are grateful to Edward A. Hirsch for valuable discussions and for Remark 2.  ... 
doi:10.1090/s1061-0022-09-01079-6 fatcat:56dpn3v5jvb4bekjg36uj77pfy

New DoS Defense Method Based on Strong Designated Verifier Signatures

Marcone de Almeida, Rafael de Sousa Júnior, Luis García Villalba, Tai-Hoon Kim
2018 Sensors  
Our scheme does not rely on an expensive public-key infrastructure and makes use of light cryptography machinery that is suitable in the context of the Internet of Things (IoT).  ...  We analyze our proposed scheme as a defense measure considering known DoS attacks and present a formal proof of its resilience face to eventual adversaries.  ...  The Invariant Principle Proving the security of a protocol by modeling it as a finite state machine can be hard because this kind of proof must trace all the paths the protocol can take throughout the  ... 
doi:10.3390/s18092813 pmid:30149678 fatcat:ynbwiotnrzgjlmkaqqttqdvbze

The Application of Formal Methods to Real-World Cryptographic Algorithms, Protocols, and Systems

Nicky Mouha, Asmaa Hailane
2021 Computer  
It tries to construct proofs for the absence of bugs and hence provides the second type of assurance as well.  ...  In the coming years, I see this process being replicated, and it will become understood that a new cryptographic protocol cannot be standardized without formal machine-checked proofs.  ... 
doi:10.1109/mc.2020.3033613 fatcat:qsrdehgerbakbibfkp7jpvx5wa

Domain Specific Languages (DSLs) for Network Protocols (Position Paper)

Saleem Bhatti, Edwin Brady, Kevin Hammond, James McKinna
2009 2009 29th IEEE International Conference on Distributed Computing Systems Workshops  
and testing of both the functional and the non-functional requirements for the network protocols that will be used.  ...  We therefore envisage new levels of programming language support that permit: (a) the design and implementation of new protocols with provably correct construction; (b) inline testing; and (c) the expression  ...  Given our enthusiastic and bold claims, there can be only one priority for further work: to build a system showing the use of DSLs and associated programmatic tools that will demonstrate the position we  ... 
doi:10.1109/icdcsw.2009.64 dblp:conf/icdcsw/BhattiBHM09 fatcat:uzsr5fukebcxpc4httu4icsizm

Cryptographically-Sound Protocol-Model Abstractions

Christoph Sprenger, David Basin
2008 2008 21st IEEE Computer Security Foundations Symposium  
Our starting point is the Backes-Pfitzmann-Waidner (BPW) model, which is a symbolic protocol model that is cryptographically sound in the sense of blackbox reactive simulatability.  ...  We present a formal theory for cryptographically-sound theorem proving.  ...  We thank Michael Backes and Birgit Pfitzmann for their past collaboration and support.  ... 
doi:10.1109/csf.2008.19 dblp:conf/csfw/SprengerB08 fatcat:m7oycg7iajbtfcjrlon35n33me

A Cryptographically Sound Dolev-Yao Style Security Proof of the Otway-Rees Protocol [chapter]

Michael Backes
2004 Lecture Notes in Computer Science  
We hope that it paves the way for cryptographically sound verification of security protocols by means of formal proof tools.  ...  We present the first cryptographically sound security proof of the well-known Otway-Rees protocol.  ...  We hope that it paves the way for the actual use of automatic proof tools for this and many similar cryptographically faithful proofs of security protocols.  ... 
doi:10.1007/978-3-540-30108-0_6 fatcat:thj2rmeylvhjtklfeujtl37u3u

Cryptographically-Sound Protocol-Model Abstractions

Christoph Sprenger, David Basin
2008 Logic in Computer Science  
Our starting point is the Backes-Pfitzmann-Waidner (BPW) model, which is a symbolic protocol model that is cryptographically sound in the sense of blackbox reactive simulatability.  ...  We present a formal theory for cryptographically-sound theorem proving.  ...  We thank Michael Backes and Birgit Pfitzmann for their past collaboration and support.  ... 
doi:10.1109/lics.2008.36 fatcat:qroyrqgponanzbbhc7hhz5ng7a

Proof-carrying code from certified abstract interpretation and fixpoint compression

Frédéric Besson, Thomas Jensen, David Pichardie
2006 Theoretical Computer Science  
Proof-carrying code (PCC) is a technique for downloading mobile code on a host machine while ensuring that the code adheres to the host's safety policy.  ...  Proof checkers carry their own correctness proofs and accepting a new proof checker amounts to type checking the checker in Coq.  ...  The strong semantic foundations of the theory of abstract interpretation and its recent formalisation inside the Coq proof assistant enables the construction of a certified proof checker from the certified  ... 
doi:10.1016/j.tcs.2006.08.012 fatcat:euvgvxbrcve6jkh5wzhuxahiyy

Verifiable Delegation of Computation over Large Datasets [chapter]

Siavosh Benabbas, Rosario Gennaro, Yevgeniy Vahlis
2011 Lecture Notes in Computer Science  
We generalize our result for PRFs with other types of closed form efficiency, which yield efficient and secure delegation protocols not only for single-variable polynomials of degree d, but also for multivariate  ...  We have several different variations of PRFs: the least efficient one is secure under the Decisional Diffie-Hellman assumption, while more efficient ones require a decisional variant of the Strong DH assumption  ...  The goal of an efficient proof of retrievability is to have short communication protocol, and an efficient computation (at least for the client) which will assure the client that the server is still storing  ... 
doi:10.1007/978-3-642-22792-9_7 fatcat:qqwpxqvan5hj7phqk7zrk2h76e
« Previous Showing results 1 — 15 out of 5,454 results