Luu Anh Tuan. Security protocol Intruder Intruder behaviors Overhead and intercept any messages being passed in the system Decrypt messages that are.

Slides:



Advertisements
Similar presentations
Security attacks. - confidentiality: only authorized parties have read access to information - integrity: only authorized parties have write access to.
Advertisements

CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.
Chapter 10 Real world security protocols
Lecture 3Dr. Verma1 COSC 6397 – Information Assurance Module M2 – Protocol Specification and Verification University of Houston Rakesh Verma Lecture 3.
1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.
Digital Signatures and Hash Functions. Digital Signatures.
Netprog: Cryptgraphy1 Cryptography Reference: Network Security PRIVATE Communication in a PUBLIC World. by Kaufman, Perlman & Speciner.
Analysis of Security Protocols (I) John C. Mitchell Stanford University.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
G Robert Grimm New York University Using Encryption for Authentication in Computer Networks.
CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
Modelling and Analysing of Security Protocol: Lecture 1 Introductions to Modelling Protocols Tom Chothia CWI.
EEC 688/788 Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Progress Report on Java Based Protocol Analysis Presented by Stephen W. Mancini, 1Lt, USAF/AFIT Robert P. Graham, MAJ, USAF/AFIT Presentation date: 09.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Security Security is a measure of the system’s ability to protect data and information from unauthorized access while still providing access to people.
8-1Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity, authentication.
Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University.
IT 221: Introduction to Information Security Principles Lecture 6:Digital Signatures and Authentication Protocols For Educational Purposes Only Revised:
Executable specification of cryptofraglets with Maude for security verification Fabio Martinelli and Marinella Petrocchi IIT-CNR, Pisa Italy presented.
Cryptography, Authentication and Digital Signatures
Formal Analysis of Security Protocols Dr. Changyu Dong
CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Security protocols  Authentication protocols (this lecture)  Electronic voting protocols  Fair exchange protocols  Digital cash protocols.
Security protocols and their verification Mark Ryan University of Birmingham Midlands Graduate School University of Birmingham April 2005 Steve Kremer.
23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.
Network Security Introduction Light stuff – examples with Alice, Bob and Trudy Serious stuff - Security attacks, mechanisms and services.
1 Cryptography NOTES. 2 Secret Key Cryptography Single key used to encrypt and decrypt. Key must be known by both parties. Assuming we live in a hostile.
CSCE 813 Internet Security Cryptographic Protocol Analysis.
Lecture 16: Security CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Digital Signatures, Message Digest and Authentication Week-9.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 28 Omar Meqdadi Department of Computer Science and Software Engineering.
1 Needham-Schroeder A --> S: A,B, N A S --> A: {N A,B,K AB,{K AB,A} KBS } KAS A --> B:{K AB,A} KBS B --> A:{N B } KAB A --> B:{N B -1} KAB.
6 June Lecture 2 1 TU Dresden - Ws on Proof Theory and Computation Formal Methods for Security Protocols Catuscia Palamidessi Penn State University,
Cryptography: Digital Signatures Message Digests Authentication
Authentication Issues and Solutions CSCI 5857: Encoding and Encryption.
Authentication. Goal: Bob wants Alice to “prove” her identity to him Protocol ap1.0: Alice says “I am Alice” Failure scenario?? “I am Alice”
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Network Security Continued. Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender.
Ch 13 Trustworthiness Myungchul Kim
Key Management. Authentication Using Public-Key Cryptography  K A +, K B + : public keys Alice Bob K B + (A, R A ) 1 2 K A + (R A, R B,K A,B ) 3 K A,B.
Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.
Introduction to Network Systems Security Mort Anvari.
1 Chapter 3-3 Key Distribution. 2 Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
Security. Cryptography (1) Intruders and eavesdroppers in communication.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Pertemuan #8 Key Management Kuliah Pengaman Jaringan.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Network Security and It’s Issues
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
Security attacks.
Cryptographic Hash Function
CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9
Security Analysis of Network Protocols
Protocol ap1.0: Alice says “I am Alice”
CDK: Chapter 7 TvS: Chapter 9
Formal Methods for Security Protocols
Presentation transcript:

Luu Anh Tuan

Security protocol Intruder

Intruder behaviors Overhead and intercept any messages being passed in the system Decrypt messages that are encrypted with his public key so as to learn new knowledge Introduce new messages into the systems, using his knowledge he knows Replay any message he has seen (possibly changing plain-text parts), even if he does not understand the contents of the encrypted part.

Network together (Dolev-Yao model) System = (||| X Agent X ) |[send_message,receive_message]| Intruder

Security goals Authentication: confirm something/someone as authentic Secrecy: prevent the intruder from deriving secret information Non-repudiation: the author of a message cannot later claim not to be the author Integrity: any message corruption will always be detected Anonymity: the identity of an agent is protected with respect to the message he sent Fairness: each player receives the item it expects and neither player receives any additional information about other’s item

Security module in PAT Easy for user to specify and verify → SEVE language. Has the powerful expressiveness, but still be friendly with the user Fully automatic specification and verification Support many kinds of security goals verification and user requirement Flexibility and adaptability

Framework for SEVE module (translator way) User specification using SEVE language Automatic translation from SEVE language to PAT language Adding intruder behavior and specification Using PAT tool to check the security requirement Transformation from counter example (if have) to human reading form Verification output to user Blackbox with the user

Framework for SEVE module (direct way) User specification using SEVE language Compiling and System analysis Adding intruder behavior and specification Transformation from counter example (if have) to human reading form Verification output to user Blackbox with the user

An example: Needham-Schroeder protocol {A,N A } pkB {N A,N B } pkA { N B } pkB A B

SEVE language Declaration language. Easy to specify as similar with security protocol declaration. #Variables Agents: a,b; Nonces: na,nb; Public_keys: {ka,kb}; #Initial declare a knows {na,ka}; b knows {nb,kb}; #Protocol description a -> b : {a, na}kb; b -> a : {na, nb}ka; a -> b : {nb}kb; Declaration part

SEVE language #System Initiator: Alice; Responder: Bob; Intruder: Caron; #Verification Secrecy: {ka} of Alice Agent authentication: Alice is authenticated with Bob using {na} Alice sends na before Bob sends nb Actual system part Verification part

An attack on the Needham protocol {A,N A } pkI {N A,N B } pkA { N B } pkI {A,N A } pkB {N A,N B } pkA { N B } pkB

Future work Build in the time model semantic for security program. Support others cryptography scheme: Diffle-Hellman key agreements, hash key function. Apply some techniques to reduce the state space: symmetry reduction … Support not only for security protocols but also for other transaction protocols, e.g. network layer.

Thank you Q & A

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.