9,139 Hits in 9.3 sec

The Application of Formal Methods to Real-World Cryptographic Algorithms, Protocols, and Systems

Nicky Mouha, Asmaa Hailane
2021 Computer  
COMPUTER: Where do you see the application of formal methods to cryptographic algorithms, protocols, and systems within five to 10 years?  ...  WANG: Formal methods have been used to verify cryptographic algorithms, protocols, and systems at smaller scales.  ... 
doi:10.1109/mc.2020.3033613 fatcat:qsrdehgerbakbibfkp7jpvx5wa

Practical Formal Methods for Real World Cryptography (Invited Talk)

Karthikeyan Bhargavan, Prasad Naldurg, Michael Wagner
2019 Foundations of Software Technology and Theoretical Computer Science  
Cryptographic algorithms, protocols, and applications are difficult to implement correctly, and errors and vulnerabilities in their code can remain undiscovered for long periods before they are exploited  ...  We describe a tool chain and framework based on the F * programming language to formally specify, verify and compile high-performance cryptographic software that is secure by design.  ...  For a full description of the syntax, type system, and semantics of F * , refer to [43] , and for the formal development of Low * and its compilation to C, see [41] . 1:4 Practical Formal Methods for  ... 
doi:10.4230/lipics.fsttcs.2019.1 dblp:conf/fsttcs/BhargavanN19 fatcat:uyj2x66q5rcr5ns6zidmsto7yi

miTLS: Verifying Protocol Implementations against Real-World Attacks

Karthikeyan Bhargavan, Cedric Fournet, Markulf Kohlweiss
2016 IEEE Security and Privacy  
knowledgeable of real-world security concerns and system performance.  ...  Formal foundations, to validate the protocol design and prevent any such attacks, became very attractive, and researchers from both the cryptographic and formal methods communities started applying various  ... 
doi:10.1109/msp.2016.123 fatcat:fisjry37bzexpdcl26l67e67p4

On PQC Migration and Crypto-Agility [article]

Alexander Wiesmaier
2021 arXiv   pre-print
Besides the development of PQC algorithms, the actual migration of IT systems to such new schemes has to be considered, best by utilizing or establishing crypto-agility.  ...  Much work in this respect is currently conducted all over the world, making it hard to keep track of the many individual challenges and respective solutions that have been identified.  ...  This tool will then be tested and evaluated in real-world settings in a real world IT system. / 4.3.1 Algorithm Parameter Selection and Trade-oj §'s.  ... 
arXiv:2106.09599v1 fatcat:itr6zdltirg2ri3ismbeo7vtiq

Security protocols over open networks and distributed systems: formal methods for their analysis, design, and verification

S Gritzalis, D Spinellis, P Georgiadis
1999 Computer Communications  
Finally, an outline is presented on current trends for the utilisation of formal methods for the analysis and verification of modern complicated protocols and protocol suites for the real commercial world  ...  Formal methods, theory, and supporting tools can aid the design, analysis, and verification of the security-related and cryptographic protocols used over open networks and distributed systems.  ...  Acknowledgements The authors would like to thank C. Meadows, Naval Research Laboratory, S.H. Brackin, ARCA Systems, Inc., L.C. Paulson, University of Cambridge, C.  ... 
doi:10.1016/s0140-3664(99)00030-4 fatcat:cv3vmaztf5drxc2edllnfgefva

Protocols for symmetric secret key establishment: Modern approach
Protokoli za ustanovljavanje tajnih simetričnih ključeva - savremen pristup

Meiran Galis, Tomislav Unkašević, Zoran Banjac, Milan Milosavljević
2022 Vojnotehnički Glasnik  
Methods: Using the methods of Information Theory and Secure Multiparty Computation, protocols for direct establishment of cryptographic keys between communication parties have been defined.  ...  Introduction/purpose: The problem of efficient distribution of cryptographic keys in communication systems has existed since its first days and is especially emphasized by the emergence of mass communication  ...  Let us introduce the following two functions R π, A (k, h) = 1 h belongs to real world 0 otherwise I π, A (k, h) = 1 h belongs to ideal world 0 otherwise Then we say that the protocol π safely calculates  ... 
doi:10.5937/vojtehg70-36607 fatcat:qvphvbwmv5eb5evdnoxtiwxjju

A Roadmap for High Assurance Cryptography [chapter]

Harry Halpin
2018 Lecture Notes in Computer Science  
identifying the so-called trusted code base (TCB) i.e., the part of the software system that is critical to achieving these goals; 3. isolating the TCB from the rest of the code, and implementing well-defined  ...  A new unified API with both formally verified primitives and an easy-to-use interface is needed to replace OpenSSL in future security-critical applications. 1. first defining clear security goals; 2. then  ...  Harry Halpin would like to thank Peter Schwabe for many of the original ideas in this paper and for some of the text itself, while taking sole responsibility for any lack of clarity or problems with this  ... 
doi:10.1007/978-3-319-75650-9_6 fatcat:fxwimrpesjddnjfvflveuqbz2q

Enforcing Ideal-World Leakage Bounds in Real-World Secret Sharing MPC Frameworks

Jose Bacelar Almeida, Manuel Barbosa, Gilles Barthe, Hugo Pacheco, Vitor Pereira, Bernardo Portela
2018 2018 IEEE 31st Computer Security Foundations Symposium (CSF)  
This allows non-experts to assess the impact of performancedriven authorized disclosure of intermediate values. Specifications are then compiled to multi-party protocols.  ...  We formalize protocol security using (distributed) probabilistic information-flow and prove security-preserving compilation: protocols only leak what is allowed by the source policy.  ...  enough to imply the existence of a cryptographic simulator that requires only the leakage allowed by the source-level upper-bound to perfectly simulate real-world traces.  ... 
doi:10.1109/csf.2018.00017 dblp:conf/csfw/AlmeidaBB0PP18 fatcat:ek4sejy3brfn7b34j3ozvowk44

Formal methods for cryptographic protocol analysis: emerging issues and trends

C. Meadows
2003 IEEE Journal on Selected Areas in Communications  
The history of the application of formal methods to cryptographic protocol analysis spans over twenty years, and recently has been showing signs of new maturity and consolidation.  ...  Not only have a number of specialized tools been developed, and general-purpose ones been adapted, but people have begun applying these tools to realistic protocols, in many cases supplying feedback to  ...  In Section Two we give a brief history and survey of the state of the art in the field of the application of formal methods to cryptographic protocol analysis.  ... 
doi:10.1109/jsac.2002.806125 fatcat:tayyhsybp5d6hhlv5glx4ehe7e

Power performance analysis on secure and efficient authentication protcols in mobile devices

S Kharthikeyan, K Azarudeen, S Samsudeen
2016 International Journal Of Engineering And Computer Science  
Applications that use public key cryptography deals with computing power, key size to measure the efficiency of the protocol.  ...  Focusing to meet the mobile users' demand, many cryptographic protocols are chosen based on confidentiality, integrity and authentication.  ...  The JAVA archive files (jar) are then installed in the target mobile device to run them ready as real time applications using our cryptographic protocols.  ... 
doi:10.18535/ijecs/v5i3.15 fatcat:4hnv63yve5h7bd2zxhmvz4nsly

Towards computationally sound symbolic analysis of key exchange protocols

Prateek Gupta, Vitaly Shmatikov
2005 Proceedings of the 2005 ACM workshop on Formal methods in security engineering - FMSE '05  
We present a cryptographically sound formal method for proving correctness of key exchange protocols. Our main tool is a fragment of a symbolic protocol logic.  ...  As part of the logic, we present cryptographically sound abstractions of CMA-secure digital signatures and a restricted form of Diffie-Hellman exponentiation, which is a technical result of independent  ...  to distinguish between the real and ideal worlds must be the presence of some application operation.  ... 
doi:10.1145/1103576.1103580 dblp:conf/ccs/GuptaS05 fatcat:52xu4y4fkbfpfprwenwon3vaia

Why does cryptographic software fail?

David Lazar, Haogang Chen, Xi Wang, Nickolai Zeldovich
2014 Proceedings of 5th Asia-Pacific Workshop on Systems - APSys '14  
The results show that just 17% of the bugs are in cryptographic libraries (which often have devastating consequences), and the remaining 83% are misuses of cryptographic libraries by individual applications  ...  This paper presents a systematic study of cryptographic vulnerabilities in practice, an examination of state-of-the-art techniques to prevent such vulnerabilities, and a discussion of open problems and  ...  This work was supported by the DARPA Clean-slate design of Resilient, Adaptive, Secure Hosts (CRASH) program under contract #N66001-10-2-4089, and by NSF award CNS-1053143.  ... 
doi:10.1145/2637166.2637237 dblp:conf/apsys/LazarCWZ14 fatcat:upwjoelmfbhxnketl7jjazgiwe

The use of computer games for teaching and learning cybersecurity in higher education institutions

Mohammed Yahya Alghamdi, Assistant Professor, Department of Computer Science, Faculty of Science & Arts of Baljurshi AL-Baha University, Baha, Saudi Arabia, Younis A. Younis, Assistant Professor, Department of Computer Science, Faculty of Information Technology, University of Benghazi, Benghazi, Libya
2021 Maǧallaẗ al-abḥāṯ al-handasiyyaẗ  
One of the reasons for this is related to the inadequate mathematical knowledge of students, which limits their understanding of the cryptographic algorithms underlying the protocols.  ...  The aim of this research is to explore the use and potential effectiveness of game-based learning to assist in the teaching and learning of cybersecurity concepts in higher education.  ...  The game relies on the use of a real server to offer students with an environment resembling real-world security systems.  ... 
doi:10.36909/jer.v9i3a.10943 fatcat:rtwxnqkavveyphmccq5j4ugsym

Constructive Cryptography – A New Paradigm for Security Definitions and Proofs [chapter]

Ueli Maurer
2012 Lecture Notes in Computer Science  
This is in contrast to both the traditional, game-based security definitions for cryptographic schemes and the attack-based security definitions used in formal-methods based security research, which are  ...  Constructive cryptography allows to take a new look at cryptography and the design of cryptographic protocols.  ...  There exists a vast literature on applying formal methods to the design and the analysis of security protocols, and some of them deal with the composition of protocols (e.g., see [8, 11, 12, 23, 26]  ... 
doi:10.1007/978-3-642-27375-9_3 fatcat:rhqn3xyuvna6rnxivatvudjhxu

A Survey of Symbolic Methods in Computational Analysis of Cryptographic Systems

Véronique Cortier, Steve Kremer, Bogdan Warinschi
2010 Journal of automated reasoning  
Recently, significant research efforts attempt to develop paradigms for cryptographic systems analysis that combines the best of both worlds. There are two broad directions that have been followed.  ...  The other approach relies on a symbolic model of protocol executions in which cryptographic primitives are treated as black boxes.  ...  In the real world, the interaction is between an actual implementation of the protocol by machines M 1 , M 2 , . . . , Mn, and environment Env and an adversary Adv.  ... 
doi:10.1007/s10817-010-9187-9 fatcat:6qrlhc34mnbnpmap2mkkrnfqhm
« Previous Showing results 1 — 15 out of 9,139 results