Modelling and Analysing of Security Protocol: Lecture 11 Modelling Checking Tom Chothia CWI.

Slides:



Advertisements
Similar presentations
Authentication Applications Kerberos And X.509. Kerberos Motivation –Secure against eavesdropping –Reliable – distributed architecture –Transparent –
Advertisements

Modelling and Analysing of Security Protocol: Lecture 8 Automatically Checking Protocols II Tom Chothia CWI.
Modelling and Analysing of Security Protocol: Lecture 14 Some Real Life Protocols Tom Chothia CWI.
Modelling and Analysing of Security Protocol: Lecture 7 Automatically Checking Protocols Tom Chothia CWI.
CSE331: Introduction to Networks and Security Lecture 22 Fall 2002.
Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
Slides by Kent Seamons and Tim van der Horst Last Updated: Nov 8, 2013.
CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),
Bradley Cowie, Barry Irwin and Richard Barnett Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING.
Modelling and Analysing of Security Protocol: Lecture 10 Anonymity: Systems.
Privacy Terminology draft-hansen-privacy-terminology-03.txt Hannes Tschofenig.
Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.
Information Security Teaching, training, research.
Modelling and Analysing of Security Protocol: Lecture 3 Protocol Goals Tom Chothia CWI.
Cryptography: Keeping Your Information Safe. Information Assurance/Information Systems –What do we do? Keep information Safe Keep computers Safe –What.
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Modelling and Analysing of Security Protocol: Lecture 1 Introductions to Modelling Protocols Tom Chothia CWI.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
Modelling and Analysing of Security Protocol: Lecture 9 Anonymous Protocols: Theory.
Modelling and Analysing of Security Protocol: Lecture 2 Cryptology for Protocols Analysis Tom Chothia CWI.
Modelling and Analysing of Security Protocol: Lecture 12 Probabilistic Modelling Checking of Anonymous Systems Tom Chothia CWI.
Alice and Bob’s Revenge? AliceBob Elvis. If there is a protocol If there is a protocol then there must be a shortest protocol 1.Alice  Bob : ??? 2.Bob.
CS 300 – Lecture 2 Intro to Computer Architecture / Assembly Language History.
Modelling and Analysing of Security Protocol: Lecture 5 BAN logic Tom Chothia CWI.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Two Questions Coaching Program [Your Name] [Your Address] [Date] [please name the file: your-name-2questions.pptx] —e.g. bill-marshall-2questions.pptx.
Cryptography Lecture 1: Introduction Piotr Faliszewski.
Number Sequences Lecture 7: Sep 29 ? overhang. This Lecture We will study some simple number sequences and their properties. The topics include: Representation.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
Adv. Network Security How to Conduct Research in Network Security.
8-1Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity, authentication.
Linux Networking and Security Chapter 8 Making Data Secure.
Lecture 1: Introduction CS 6903: Modern Cryptography Spring 2009 Nitesh Saxena Polytechnic Institute of NYU.
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
Network Security by Behzad Akbari Spring 2012 In the Name of the Most High.
Formal Analysis of Security Protocols Dr. Changyu Dong
Network Security Essentials Chapter 5
Lecture 14 ISAKMP / IKE Internet Security Association and Key Management Protocol / Internet Key Exchange CIS CIS 5357 Network Security.
December 2008Prof. Reuven Aviv, SSL1 Web Security with SSL Network Security Prof. Reuven Aviv King Mongkut’s University of Technology Faculty of information.
Tunneling and Securing TCP Services Nathan Green.
ICOM 5018 Network Security and Cryptography Description This course introduces and provides practical experience in network security issues and cryptographic.
ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.
ICOM 5995 (crypto) - Noack Crypto - Administrivia Prontuario - Please time-share and ask questions Info is in my homepage amadeus.uprm.edu/~noack/ Make.
IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Your Wireless Network has No Clothes* William A. Arbaugh, Narendar Shankar Y.C. Justin Wan University of Maryland Presentation by Eddy Purnomo,
Cryptography and Network Security Chapter 16 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Lecture I : Internet Security Landscape Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University Fall 2005.
Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.
Invitation to Computer Science 5 th Edition Chapter 8 Information Security.
Dan Boneh Introduction Course Overview Online Cryptography Course Dan Boneh.
Hashes Lesson Introduction ●The birthday paradox and length of hash ●Secure hash function ●HMAC.
INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.
Lecture 6 (Chapter 16,17,18) Network and Internet Security Prepared by Dr. Lamiaa M. Elshenawy 1.
@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.
Cryptography CSS 329 Lecture 13:SSL.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
School of Computer Science and Engineering Pusan National University
Analyzing Key Distribution and Authentication Protocols
Lecture 36.
Lecture 36.
Presentation transcript:

Modelling and Analysing of Security Protocol: Lecture 11 Modelling Checking Tom Chothia CWI

Today Model Checking is useful Probabilities can be an important part of a protocol (also next week).

The Rest of the Course Today: Model Checking. 26th Oct: When you have to have probability and Fair Exchange protocols (Homework due). 2nd, 9th, 16th, 23rd and 30th Nov Student presentations. me your presentation idea’s by Friday

Today Model Checking for finite systems Specifying properties in CTL Dinning Philosophers BREAK Probabilistic finite systems Specifying probabilistic properties in PCTL Dinning Cryptographers

50 BC to 1960s : Not relevant: –Pre-computer: Caesar cipher to Enigma. Keys prearranged by hand 1960s to 1980s : Not considered necessary –ARPAnet, an open network, no or little secret, e.g. telnet. open relays A Quick History of Key Establishment and Authentication

1970s to 1990s : First tries –Early Internet, trying for security, e.g. SSL version 1, Needham-sroder s : Becomes a science –Principles for protocol design, attacker models, Kerberos, TLS, SSH 1990s to present: Automation –Understood well enough to check by machine.

Anonymity Protocols upto 1990s : Not relevant: –Little personal information on the Internet upto 2000s : Not considered necessary 1990 to Now: First tries, –Dinning Cryptographers, –anonymous proxies, –Tor.

Anonymity Protocols Only now: Becoming a Science Limited automatic checking of automata protocols –Only for finite systems, no dedicated tools

Model Checking Idea: –Make a model of your system with has a limited number of states –Check every single state to make sure its OK Problem: making the model finite Problem: “state space explosion” Very effective, many industrial applications

Model Checking 1994 Pentium chip was missing a few entries in a table. Almost never used so missed by standard testing. If x= & y = then x/y= rather than = But x-(x.y/y)= 256 not 0

Result Public relations disaster Jokes: –How many Pentium designers does it take to change a light bulb? – of millions of dollars of replacement costs. Intel now model checks all hardware.

PRISM

Traffic Lights Example

State Space

CTL examples

CTL

CTL Derived Operators.

Dinning Philosophers

Dinning Philosophers in PRISM

Checking the Dinning Philosphers

Fixing the Deadlock

Today Model Checking for finite systems Specifying properties in CTL Dinning Philosophers example BREAK Probabilistic finite systems Specifying probabilistic properties in PCTL Dinning Cryptographers

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.