Results 11 - 20
of
28
Formally-based black-box monitoring of security protocols
- International Symposium on Engineering Secure Software and Systems (ESSOS 2010), Lecture Notes in Computer Science 5965
, 2010
"... Abstract. In the challenge of ensuring the correct behaviour of legacy implementations of security protocols, a formally-based approach is presented to design and implement monitors that stop insecure protocol runs executed by such legacy implementations, without the need of their source code. We va ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
(Show Context)
Abstract. In the challenge of ensuring the correct behaviour of legacy implementations of security protocols, a formally-based approach is presented to design and implement monitors that stop insecure protocol runs executed by such legacy implementations, without the need of their source code. We validate the approach at a case study about monitoring several SSL legacy implementations. Recently, a security bug has been found in the widely deployed OpenSSL client; our case study shows that our monitor correctly stops the protocol runs otherwise allowed by the faulty OpenSSL client. Moreover, our monitoring approach allowed us to detect a new flaw in another open source SSL client implementation. 1
A novel identity-based network architecture for next generation internet
- Journal of Universal Computer Science
, 2012
"... Abstract: In this paper we show a network architecture for Next Generation Internet (NGI) that prevents operation traceability and protects the privacy of communication parties while raising their identity to be a central element of the network. As a side effect, our architecture inherently support ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
Abstract: In this paper we show a network architecture for Next Generation Internet (NGI) that prevents operation traceability and protects the privacy of communication parties while raising their identity to be a central element of the network. As a side effect, our architecture inherently supports authentication and mobility of the entities involved in the communication. Moreover, it is designed to be agnostic to any underlying network infrastructure and can be used to enhance them with reduced penalty, which makes it a perfect component to take its features to existing networks without defining a brand new transport layer. We also show the successful verification of the protocol security and demonstrate its feasibility and scalability showing its behavior when instantiated on top of two different architectures.
On-the-fly trace generation and textual trace analysis and their applications to the analysis of cryptographic protocols
- in Proceedings of the 30th Formal Techniques for Networked and Distributed Systems
, 2010
"... Abstract. Many model checking methods have been developed and applied to analyze cryptographic protocols. Most of them can analyze only one attack trace of a found attack. In this paper, we propose a very simple but practical model checking methodology for the analysis of cryptographic protocols. O ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Abstract. Many model checking methods have been developed and applied to analyze cryptographic protocols. Most of them can analyze only one attack trace of a found attack. In this paper, we propose a very simple but practical model checking methodology for the analysis of cryptographic protocols. Our methodology offers an efficient analysis of all attack traces for each found attack, and is independent to model checking tools. It contains two novel techniques which are on-the-fly trace generation and textual trace analysis. In addition, we apply our method to two case studies which are TMN authenticated key exchanged protocol and Micali's contract signing protocol. Surprisingly, it turns out that our simple method is very efficient when the numbers of traces and states are large. Also, we found many new attacks in those protocols.
b Tulane University
"... We report on a man-in-the-middle attack on PKINIT, the public key extension of the widely deployed Kerberos 5 authentication protocol. This flaw allows an attacker to impersonate Kerberos administrative principals (KDC) and end-servers to a client, hence breaching the authentication guarantees of Ke ..."
Abstract
- Add to MetaCart
We report on a man-in-the-middle attack on PKINIT, the public key extension of the widely deployed Kerberos 5 authentication protocol. This flaw allows an attacker to impersonate Kerberos administrative principals (KDC) and end-servers to a client, hence breaching the authentication guarantees of Kerberos. It also gives the attacker the keys that the KDC would normally generate to encrypt the service requests of this client, hence defeating confidentiality as well. The discovery of this attack caused the IETF to change the specification of PKINIT and Microsoft to release a security update for some Windows operating systems. We discovered this attack as part of an ongoing formal analysis of the Kerberos protocol suite, and we have formally verified several possible fixes to PKINIT—including the one adopted by the IETF—that prevent our attack as well as other authentication and secrecy properties of Kerberos with PKINIT.
On-board Credentials: An Open . . .
, 2012
"... Traditional credential solutions have well-known drawbacks. Purely software-based credentials are vulnerable to many attacks, while hardware-based security tokens and smart cards are expensive to deploy and, due to their typical single-purpose nature, force users to carry multiple hardware credenti ..."
Abstract
- Add to MetaCart
Traditional credential solutions have well-known drawbacks. Purely software-based credentials are vulnerable to many attacks, while hardware-based security tokens and smart cards are expensive to deploy and, due to their typical single-purpose nature, force users to carry multiple hardware credentials with them. Recently, general-purpose security elements and architectures have started to become widely available on many commodity devices. On mobile devices, ARM TrustZone is a widely adopted security architecture. Such trusted execution environments enable realization of credentials that combine the flexibility of
Abstract Analysing Security Protocols with AVISPA
"... Usage of the Internet has increased rapidly over the past decade. Increased amount of network users has also brought along a need of network-based services that require security. Developing new security protocols is a difficult task and sometimes too difficult task for human mind. We need an efficie ..."
Abstract
- Add to MetaCart
Usage of the Internet has increased rapidly over the past decade. Increased amount of network users has also brought along a need of network-based services that require security. Developing new security protocols is a difficult task and sometimes too difficult task for human mind. We need an efficient tools to help the development and verification of the protocols. In this paper we introduce the protocol analysis tool called AVISPA. The paper describes the architecture of the tool and syntax for protocol specification language called HLPSL. We give an example of how a real protocol can be specified with the HLPSL language and how the output of the AVISPA Tool is analysed.
Technical Report No. 558 Comparing State Spaces in Automatic Security Protocol Verification ⋆
"... Abstract. Many tools exist for automatic security protocol verification, and most of them have their own particular language for specifying protocols and properties. Several protocol specification models and security properties have been already formally related to each other. However, there is an i ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract. Many tools exist for automatic security protocol verification, and most of them have their own particular language for specifying protocols and properties. Several protocol specification models and security properties have been already formally related to each other. However, there is an important difference between verification tools, which has not been investigated in depth before: the explored state space. Some tools explore all possible behaviors, whereas others explore strict subsets, often by using so-called scenarios. Ignoring such differences can lead to wrong interpretations of the output of a tool. We relate the explored state spaces to each other and find previously unreported differences between the various approaches. We apply our study of state space relations in a performance comparison of several well-known automatic tools for security protocol verification. We model a set of protocols and their properties as homogeneously as possible for each tool. We analyze the performance of the tools over comparable state spaces. This work enables us to effectively compare these automatic tools, i.e. using the same protocol description and exploring the same state space. We also propose some explanations for our experimental results, leading to a better understanding of the tools. 1
AN ENVIRONMENT FOR THE SPECIFICATION AND VERIFICATION OF TIME-DEPENDENT SECURITY PROTOCOLS
"... The use of formal methods in software engineering for the specification and the verification is suitable when developing complex systems. The distributed nature, the subtle time dependence and the strict requirements of time sensitive security protocols increase the inherent complexity of their vali ..."
Abstract
- Add to MetaCart
The use of formal methods in software engineering for the specification and the verification is suitable when developing complex systems. The distributed nature, the subtle time dependence and the strict requirements of time sensitive security protocols increase the inherent complexity of their validation. Using the TESLA authentication protocol as a case study, we shall discuss what are the functionalities that a verification environment should have to model and verify successfully a time-dependent security protocol and our environment which employs THLPSL as the modelling language and the UPPAAL model checker as the verification engine.
Model Checking Security Protocols Draft manuscript
, 2012
"... Cryptographic protocols are communication protocols that use cryptography to achieve security goals such as secrecy, authentication, and agreement in the presence of adversaries. Examples of well-known cryptographic protocols are SSL/TLS [DR06], IKEv2 [KHNE10], and Kerberos [NHR05], which can be ..."
Abstract
- Add to MetaCart
Cryptographic protocols are communication protocols that use cryptography to achieve security goals such as secrecy, authentication, and agreement in the presence of adversaries. Examples of well-known cryptographic protocols are SSL/TLS [DR06], IKEv2 [KHNE10], and Kerberos [NHR05], which can be
