Presentation is loading. Please wait.

Presentation is loading. Please wait.

Luu Anh Tuan. Security protocol Intruder Intruder behaviors Overhead and intercept any messages being passed in the system Decrypt messages that are.

Published byEustacia Bates Modified over 9 years ago

Similar presentations

Presentation on theme: "Luu Anh Tuan. Security protocol Intruder Intruder behaviors Overhead and intercept any messages being passed in the system Decrypt messages that are."— Presentation transcript:

1 Luu Anh Tuan

2 Security protocol Intruder

3 Intruder behaviors Overhead and intercept any messages being passed in the system Decrypt messages that are encrypted with his public key so as to learn new knowledge Introduce new messages into the systems, using his knowledge he knows Replay any message he has seen (possibly changing plain-text parts), even if he does not understand the contents of the encrypted part.

4 Network together (Dolev-Yao model) System = (||| X Agent X ) |[send_message,receive_message]| Intruder

5 Security goals Authentication: confirm something/someone as authentic Secrecy: prevent the intruder from deriving secret information Non-repudiation: the author of a message cannot later claim not to be the author Integrity: any message corruption will always be detected Anonymity: the identity of an agent is protected with respect to the message he sent Fairness: each player receives the item it expects and neither player receives any additional information about other’s item

6 Security module in PAT Easy for user to specify and verify → SEVE language. Has the powerful expressiveness, but still be friendly with the user Fully automatic specification and verification Support many kinds of security goals verification and user requirement Flexibility and adaptability

7 Framework for SEVE module (translator way) User specification using SEVE language Automatic translation from SEVE language to PAT language Adding intruder behavior and specification Using PAT tool to check the security requirement Transformation from counter example (if have) to human reading form Verification output to user Blackbox with the user

8 Framework for SEVE module (direct way) User specification using SEVE language Compiling and System analysis Adding intruder behavior and specification Transformation from counter example (if have) to human reading form Verification output to user Blackbox with the user

9 An example: Needham-Schroeder protocol {A,N A } pkB {N A,N B } pkA { N B } pkB A B

10 SEVE language Declaration language. Easy to specify as similar with security protocol declaration. #Variables Agents: a,b; Nonces: na,nb; Public_keys: {ka,kb}; #Initial declare a knows {na,ka}; b knows {nb,kb}; #Protocol description a -> b : {a, na}kb; b -> a : {na, nb}ka; a -> b : {nb}kb; Declaration part

11 SEVE language #System Initiator: Alice; Responder: Bob; Intruder: Caron; #Verification Secrecy: {ka} of Alice Agent authentication: Alice is authenticated with Bob using {na} Alice sends na before Bob sends nb Actual system part Verification part

12

13 An attack on the Needham protocol {A,N A } pkI {N A,N B } pkA { N B } pkI {A,N A } pkB {N A,N B } pkA { N B } pkB

14 Future work Build in the time model semantic for security program. Support others cryptography scheme: Diffle-Hellman key agreements, hash key function. Apply some techniques to reduce the state space: symmetry reduction … Support not only for security protocols but also for other transaction protocols, e.g. network layer.

15 Thank you Q & A

Download ppt "Luu Anh Tuan. Security protocol Intruder Intruder behaviors Overhead and intercept any messages being passed in the system Decrypt messages that are."

Similar presentations

Security attacks. - confidentiality: only authorized parties have read access to information - integrity: only authorized parties have write access to.

Security attacks. - confidentiality: only authorized parties have read access to information - integrity: only authorized parties have write access to.
CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.
Chapter 10 Real world security protocols

Chapter 10 Real world security protocols
Lecture 3Dr. Verma1 COSC 6397 – Information Assurance Module M2 – Protocol Specification and Verification University of Houston Rakesh Verma Lecture 3.

Lecture 3Dr. Verma1 COSC 6397 – Information Assurance Module M2 – Protocol Specification and Verification University of Houston Rakesh Verma Lecture 3.
1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.

1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Netprog: Cryptgraphy1 Cryptography Reference: Network Security PRIVATE Communication in a PUBLIC World. by Kaufman, Perlman & Speciner.

Netprog: Cryptgraphy1 Cryptography Reference: Network Security PRIVATE Communication in a PUBLIC World. by Kaufman, Perlman & Speciner.
Analysis of Security Protocols (I) John C. Mitchell Stanford University.

Analysis of Security Protocols (I) John C. Mitchell Stanford University.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
G22.3250-001 Robert Grimm New York University Using Encryption for Authentication in Computer Networks.

G Robert Grimm New York University Using Encryption for Authentication in Computer Networks.
CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
Modelling and Analysing of Security Protocol: Lecture 1 Introductions to Modelling Protocols Tom Chothia CWI.

Modelling and Analysing of Security Protocol: Lecture 1 Introductions to Modelling Protocols Tom Chothia CWI.
EEC 688/788 Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Progress Report on Java Based Protocol Analysis Presented by Stephen W. Mancini, 1Lt, USAF/AFIT Robert P. Graham, MAJ, USAF/AFIT Presentation date: 09.

Progress Report on Java Based Protocol Analysis Presented by Stephen W. Mancini, 1Lt, USAF/AFIT Robert P. Graham, MAJ, USAF/AFIT Presentation date: 09.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Similar presentations

Ads by Google