Results 1 
8 of
8
A Quantitative Approach to Noninterference for Probabilistic Systems
, 2003
"... We present a technique for measuring the security of a system which relies on a probabilistic process algebraic formalisation of noninterference. We define a mathematical model for this technique which consists of a linear space of processes and linear transformations on them. In this model the meas ..."
Abstract

Cited by 6 (1 self)
 Add to MetaCart
We present a technique for measuring the security of a system which relies on a probabilistic process algebraic formalisation of noninterference. We define a mathematical model for this technique which consists of a linear space of processes and linear transformations on them. In this model the measured quantity corresponds to the norm of a suitably defined linear operator associated to the system. The probabilistic model we adopt is reactive in the sense that processes can react to the environment with a probabilistic choice on a set of inputs; it is also generative in the sense that outputs autonomously chosen by the system are governed by a probability distribution. In this setting, noninterference is formulated in terms of a probabilistic notion of weak bisimulation. We show how the probabilistic information in this notion can be used to estimate the maximal information leakage, i.e. the security degree of a system against a most powerful attacker.
The Java Virtual Machine Specification, http://java.sun.com/docs/books/vmspec
 In Proc. of GC’04, volume 3267 of Springer LNCS
, 2005
"... Abstract. Polynomial time adversaries based on a computational view of cryptography have additional capabilities that the classical DolevYao adversary model does not include. To relate these two different models of cryptography, in this paper we enrich a formal model for cryptographic expressions, ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
(Show Context)
Abstract. Polynomial time adversaries based on a computational view of cryptography have additional capabilities that the classical DolevYao adversary model does not include. To relate these two different models of cryptography, in this paper we enrich a formal model for cryptographic expressions, originally based on the DolevYao assumptions, with computational aspects based on notions of probability and computational power. The obtained result is that if the cryptosystem is robust enough, then the two adversary models turn out to be equivalent. As an application of our approach, we show how to determine a secrecy property against the computational adversary. 1
Approximating Imperfect Cryptography in a Formal Model
 MEFISTO 2003 PRELIMINARY VERSION
, 2003
"... We present a formal view of cryptography that overcomes the usual assumptions of formal models for reasoning about security of computer systems, i.e. perfect cryptography and DolevYao adversary model. In our framework, equivalence among formal cryptographic expressions is parameterized by a computa ..."
Abstract

Cited by 3 (3 self)
 Add to MetaCart
We present a formal view of cryptography that overcomes the usual assumptions of formal models for reasoning about security of computer systems, i.e. perfect cryptography and DolevYao adversary model. In our framework, equivalence among formal cryptographic expressions is parameterized by a computational adversary that may exploit weaknesses of the cryptosystem to cryptanalyze ciphertext with a certain probability of success. To validate our approach, we show that in the restricted setting of ideal cryptosystems, for which the probability of guessing information that the DolevYao adversary cannot derive is negligible, the computational adversary is limited to the allowed behaviors of the DolevYao adversary.
A General Framework for Nondeterministic, Probabilistic, and Stochastic Noninterference
 in Proc. of the Joint Workshop on Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security (ARSPAWITS’09), Springer, LNCS 5511:18–33
, 2009
"... Abstract. We introduce a notion of stochastic noninterference aimed at extending the classical approach to information flow analysis with finegrain information describing the temporal behavior of systems. In particular, we refer to a process algebraic setting that joins durational activities expr ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
Abstract. We introduce a notion of stochastic noninterference aimed at extending the classical approach to information flow analysis with finegrain information describing the temporal behavior of systems. In particular, we refer to a process algebraic setting that joins durational activities expressing time passing through exponentially distributed random variables, zero duration activities allowing for prioritized/probabilistic choices, and untimed activities with unspecified duration. In this setting unifying time, priority, probability, and nondeterminism, we highlight the expressive power of stochastic noninterference with respect to the existing definitions of nondeterministic and probabilistic noninterference. From this comparison, we obtain that stochastic noninterference turns out to be very strict and limiting in realworld applications and, therefore, requires the use of relaxation techniques. Among them we advocate performance evaluation as a means for achieving a reasonable balance between security requirements and quality.
On Quantitative Analysis of Probabilistic Protocols
, 2004
"... We advocate the use of approximate noninterference for the security analysis of probabilistic protocols. Our approach relies on a formalisation of the protocol in the setting of a probabilistic process algebra and a notion of process similarity based on weak probabilistic bisimulation. We illustrate ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
We advocate the use of approximate noninterference for the security analysis of probabilistic protocols. Our approach relies on a formalisation of the protocol in the setting of a probabilistic process algebra and a notion of process similarity based on weak probabilistic bisimulation. We illustrate this approach by presenting the analysis of a probabilistic nonrepudiation protocol which allows us to quantitatively estimate its fairness degree.
Noninterference and the Most Powerful Probabilistic Adversary
"... Abstract. Probabilistic noninterference extends the classical possibilistic notion introduced by Goguen and Meseguer in order to capture the information leakage caused by adversaries that set up probabilistic covert channels. In this setting we investigate how to evaluate the observational power of ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. Probabilistic noninterference extends the classical possibilistic notion introduced by Goguen and Meseguer in order to capture the information leakage caused by adversaries that set up probabilistic covert channels. In this setting we investigate how to evaluate the observational power of an adversary to the purpose of establishing the maximal security degree of a given system. We introduce three classes of probabilistic adversaries, which represent the different observational power of an adversary, and then we establish properties for each such classes which state the complexity of effectively computing the most powerful adversary. 1
MEFISTO 2003 Preliminary Version Approximating Imperfect Cryptography in a Formal Model
"... We present a formal view of cryptography that overcomes the usual assumptions of formal models for reasoning about security of computer systems, i.e. perfect cryptography and DolevYao adversary model. In our framework, equivalence among formal cryptographic expressions is parameterized by a computa ..."
Abstract
 Add to MetaCart
(Show Context)
We present a formal view of cryptography that overcomes the usual assumptions of formal models for reasoning about security of computer systems, i.e. perfect cryptography and DolevYao adversary model. In our framework, equivalence among formal cryptographic expressions is parameterized by a computational adversary that may exploit weaknesses of the cryptosystem to cryptanalyze ciphertext with a certain probability of success. To validate our approach, we show that in the restricted setting of ideal cryptosystems, for which the probability of guessing information that the DolevYao adversary cannot derive is negligible, the computational adversary is limited to the allowed behaviors of the DolevYao adversary. 1 Introduction The use of formal methods for modeling and analyzing cryptographic operations is wellestablished. Since the seminal paper by Dolev and Yao [10] introduced a simple and intuitive formalization of cryptographic operations, many alternative definitions have been proposed on the basis of several approaches, ranging from modal logics to process algebras (see, e.g., [8,17,14,12,19,18,11]). Key to success of such a theory was the very simple idea behind the definition of ciphertext, which is based on the assumption of perfect cryptography.