Progress Report on Java Based Protocol Analysis Presented by Stephen W. Mancini, 1Lt, USAF/AFIT Robert P. Graham, MAJ, USAF/AFIT Presentation date: 09.

Slides:



Advertisements
Similar presentations
Hash Functions A hash function takes data of arbitrary size and returns a value in a fixed range. If you compute the hash of the same data at different.
Advertisements

Programming for GCSE Topic 10.2: Designing for File I/O T eaching L ondon C omputing William Marsh School of Electronic Engineering and Computer Science.
Lecture 3Dr. Verma1 COSC 6397 – Information Assurance Module M2 – Protocol Specification and Verification University of Houston Rakesh Verma Lecture 3.
Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.
CS259: Security Analysis of Network Protocols Overview of Murphi Arnab Roy.
Luu Anh Tuan. Security protocol Intruder Intruder behaviors Overhead and intercept any messages being passed in the system Decrypt messages that are.
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
Oracle Fusion Middleware 11g Abhishek Khanolkar. What is Oracle Fusion? “Oracle Fusion Middleware is a ‘preintegrated’ portfolio of customer- proven software.
MIRC Matthew Forest. Introduction mIRC itself is a program designed for text based messaging via the IRC (internet relay chat) protocol. (Link:
Chapter 2: Algorithm Discovery and Design
Modelling and Analysing of Security Protocol: Lecture 1 Introductions to Modelling Protocols Tom Chothia CWI.
A progress report on using Maude to verify protocol properties using the strand space model Presented by Robert P. Graham, MAJ, USAF/AFIT Stephen W. Mancini,
1 Protocols are programs too The meta-heuristic search for security protocols By John A. Clark.
Asper School of Business University of Manitoba Systems Analysis & Design Instructor: Bob Travica System interfaces Updated: November 2014.
© 2005 The MITRE Corporation. All rights reserved For Internal MITRE Use Alice & Bob Specifications Jon Millen June 2005.
Formula Auditing, Data Validation, and Complex Problem Solving
With Microsoft Access 2010 © 2011 Pearson Education, Inc. Publishing as Prentice Hall1 PowerPoint Presentation to Accompany GO! with Microsoft ® Access.
Chapter 2: Algorithm Discovery and Design
Chapter 2: Algorithm Discovery and Design
Regression testing Tor Stållhane. What is regression testing – 1 Regression testing is testing done to check that a system update does not re- introduce.
Broadcast service Core tools. Agenda 1.Introduction – tool and its main features 2.Setting up and sending a simple broadcast 3.Achieving.
1.3 Executing Programs. How is Computer Code Transformed into an Executable? Interpreters Compilers Hybrid systems.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
Miser-C MISRA-C Compliance Checker Ian Biller, Phillippe Dass, Bryan Eldridge, Jon Senchyna, Tracy Thomas Faculty Coach: Professor Michael Lutz Project.
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 9 Introduction to ActionScript 3.0. Chapter 9 Lessons 1.Understand ActionScript Work with instances of movie clip symbols 3.Use code snippets.
Chapter 9 Collecting Data with Forms. A form on a web page consists of form objects such as text boxes or radio buttons into which users type information.
Bob can sign a message using a digital signature generation algorithm
Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall.
Chapter 1: Introduction to Visual Basic.NET: Background and Perspective Visual Basic.NET Programming: From Problem Analysis to Program Design.
CIS 375—Web App Dev II ASP.NET 2 Introducing Web Forms.
I. Pribela, M. Ivanović Neum, Content Automated assessment Testovid system Test generator Module generators Conclusion.
Outlook Lesson 4 Managing Messages Microsoft Office 2010 Advanced Cable / Morrison 1.
Working Out with KURL! Shayne Koestler Kinetic Data.
Zhonghua Qu and Ovidiu Daescu December 24, 2009 University of Texas at Dallas.
©2010 John Wiley and Sons Chapter 11 Research Methods in Human-Computer Interaction Chapter 11- Analyzing Qualitative.
IT 221: Introduction to Information Security Principles Lecture 6:Digital Signatures and Authentication Protocols For Educational Purposes Only Revised:
Chapter 1 Introduction Dr. Frank Lee. 1.1 Why Study Compiler? To write more efficient code in a high-level language To provide solid foundation in parsing.
Chapter 2: Algorithm Discovery and Design Invitation to Computer Science, C++ Version, Third Edition.
Invitation to Computer Science, Java Version, Second Edition.
Chapter 10: Compilers and Language Translation Invitation to Computer Science, Java Version, Third Edition.
9 Chapter Nine Compiled Web Server Programs. 9 Chapter Objectives Learn about Common Gateway Interface (CGI) Create CGI programs that generate dynamic.
Executable specification of cryptofraglets with Maude for security verification Fabio Martinelli and Marinella Petrocchi IIT-CNR, Pisa Italy presented.
BAN LOGIC Amit Chetal Monica Desai November 14, 2001
A Survey of Authentication Protocol Literature: Version 1.0 Written by John Clark and Jeremy Jacob Presented by Brian Sierawski.
1 Rake. 2 Automated Build Any non-trivial project needs facility to automate builds –Routine common tasks that need to be carried out several times a.
© UCL Crypto group oct.-15 On the Perfect Encryption Assumption in the Study of Security Protocols O. Pereira and J.-J. Quisquater UCL Crypto Group
Dr. Reuven Aviv, Nov 2008 Conventional Encryption 1 Conventional Encryption & Message Confidentiality Acknowledgements for slides Henric Johnson Blekinge.
1 Compiler Design (40-414)  Main Text Book: Compilers: Principles, Techniques & Tools, 2 nd ed., Aho, Lam, Sethi, and Ullman, 2007  Evaluation:  Midterm.
Introduction of Geoprocessing Lecture 9. Geoprocessing  Geoprocessing is any GIS operation used to manipulate data. A typical geoprocessing operation.
Lesson 4.  After a table has been created, you may need to modify it. You can make many changes to a table—or other database object—using its property.
Integrate, check and share documents Module 3.3. Integrate, check and share documents Module 3.3.
M1G Introduction to Programming 2 3. Creating Classes: Room and Item.
Concepts and Realization of a Diagram Editor Generator Based on Hypergraph Transformation Author: Mark Minas Presenter: Song Gu.
Chapter 2: Algorithm Discovery and Design Invitation to Computer Science.
APRIL 10, Meeting Agenda  Prototype 2 Goals  Robust Connections Demo  System Diagnostics Tool Demo  Final Prototype Risk Mitigation  Final.
Distributed Computing & Embedded Systems Chapter 4: Remote Method Invocation Dr. Umair Ali Khan.
Part 1 The Basics of Information Systems. Purpose of Information Systems Information systems ◦ Collects, stores and organizes information ◦ Retrieves.
Model Checking for Security Protocols Will Marrero, Edmund Clarke, Shomesh Jha.
111 State Management Beginning ASP.NET in C# and VB Chapter 4 Pages
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
Compiler Design (40-414) Main Text Book:
Vocabulary Prototype: A preliminary sketch of an idea or model for something new. It’s the original drawing from which something real might be built or.
^ About the.
Vocabulary Prototype: A preliminary sketch of an idea or model for something new. It’s the original drawing from which something real might be built or.
Lesson 12 -Maintaining Documents & Macros Lesson 13 - Protecting & sharing documents Lesson 14 - Advanced Options #1.12, #1.13, & #1.14.
Regression testing Tor Stållhane.
Chapter 10: Compilers and Language Translation
Presentation transcript:

Progress Report on Java Based Protocol Analysis Presented by Stephen W. Mancini, 1Lt, USAF/AFIT Robert P. Graham, MAJ, USAF/AFIT Presentation date: 09 Feb 04

Objectives Understand a Java based Protocol Analysis Tool built for recognizing Authentication Tests in any Protocol

Overview Research goals Introduction into Java tool Perform demo of Java tool Summary

Research Goals Automate Guttman’s Authentication Tests Analyze numerous Protocols –Originally this was limited to a few protocols but since analysis is easy, numerous protocols are examined Search for alternative way to model penetrator activity –Still not there!

Java Based Analysis Initially developed to be used as a prototype for final Maude tool Most model checkers work in a similar fashion so try something different Why use Java language? –Input files in Java much easier to develop –Rules would be much easier to understand –Coding experience in Java reduced time necessary to develop the tool Big learning curve with Maude!

Java Based Analysis Input files in Java much easier to develop –The following shows Needham-Schroeder input file for Java tool: A -> B : {*Na1 A}Kb B -> A : {Na1 *Nb1}Ka A -> B : {Nb1}Kb * Marks the first time a nonce is generated

Java Based Analysis The parser breaks down each message into instances of that particular class –For example: A -> B : A B {A *Na1}Kb Protocol From: A To: B Message: A B {A *Na1}Kb Encryption: {A *Na1}KbText: BText: A Key: KbTerm: {A *Na1} Text: *Na1Text: A

Java Based Analysis The tool instantiates individual classes where sender and receiver roles are expressed –This instance will contain all relevant information pertaining to that principal For example: Components they send, nonce’s they generate, nonce’s they’ve seen and other properties particular for each participant in the run of the protocol The tool also keeps track of all messages sent in order to allow principals to check for duplication/spoofs or other errors regarding any message sent

Java Based Analysis Order of operations: 1.Run through protocol and grab all messages 1.Check for duplicates and store in vectors 2.Check for malformed messages (give errors) 2.Create instance for each Principal 3.Restart evaluation of protocol with above gained knowledge 4.Analyze each message 1.Populate sender/receiver with relevant information from the current message being evaluated 2.Depending on sender/receiver check for presence of authentication test in a particular message 3.Repeat 1 and 2

NS Output using Java Tool Parsing from file 'NSPublic.txt' File Contents: A -> B : {*Na1 A}Kb B -> A : {Na1 *Nb1}Ka A -> B : {Nb1}Kb : >> A -> B : {*Na1 A}Kb Encrypted term(s) with key Kb is readable by recipient only. Sender may be attempting to initiate an outgoing test by transmitting Na1 in encrypted form. Unsolicited test for B because of nonce Na1 within test component : >> B -> A : {Na1 *Nb1}Ka Encrypted term(s) with key Ka is readable by recipient only. The encrypted/fresh nonce Na1 has been received back in component: {Na1 Nb1}Ka Outgoing/Incoming test for A because fresh term Na1 was sent out earlier in Pseudo-unsolicited test for A because Nb1 is a newly received fresh nonce, but A has sent items to B previously Sender may be attempting to initiate an outgoing test by transmitting Nb1 in encrypted form. : >> A -> B : {Nb1}Kb Encrypted term(s) with key Kb is readable by recipient only. The encrypted/fresh nonce Nb1 has been received back in component: {Nb1}Kb Outgoing/Incoming test for B because fresh term Nb1 was sent out earlier in < {Na1 Nb1}Ka

Live Demo of Java Based Protocol Analyzer

Summary Introduction into Java tool Performed demo of Java tool on several protocols Summary

Bibliography 1.Cervesato, Iliano and others. A Comparison between Strand Spaces and Multiset Rewriting for Security Protocol Analysis. July Guttman, Joshua and F. J. Thayer Fabrega. Authentication Tests. March Song, Dawn. Athena: A New Efficient Automatic Checker for Security Protocol Analysis. June Clavel, Manuel and others. Maude 2.0 Manual: version 1. June