Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Protocols are programs too The meta-heuristic search for security protocols By John A. Clark.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Protocols are programs too The meta-heuristic search for security protocols By John A. Clark."— Presentation transcript:

1 1 Protocols are programs too The meta-heuristic search for security protocols By John A. Clark

2 2 1.BAN logic Was created by Burrows, Abadi and Needham. Was viewed as a protocol programming language.

3 3 1.BAN logic (Con.) Abstract view of design: 1. A characterisation of the design space 2. An evaluation (fitness) function 3. A search strategy: GA, Simulated annealing.

4 4 1.BAN logic (Con.) Term definition: Principal: A, B,S Belief: X, Y, Z Message: contains one or more belief. ex:

5 5 2. Protocols and belief logic representations 2.1 Notational conventions 2.2 Belief logic representations 2.2-1 Basic notation 2.2-2 Inference rules 2.3 Features of BAN logic

6 6 2.1 Notational conventions General protocol description. ex: A  B : F Keys and encryption. ex: Nonces. (have specific value to be used only once) ex: Na is a nonce created by principal A.

7 7 2.2-1 Basic notation 1. Key goodness: 2. Nonceness and freshness: 3. Once said:ex: 4. Believes: ex:

8 8 2.2-2 Inference rules Message meaning rule: Nonce verification rule:  It is a way of promoting once said assertions to actual belief. (It may cause some confusion)

9 9 2.2-2 Inference rules (Con.) Jurisdiction rule:  Ex: Q is a key server. Q has jurisdiction over X

10 10 Illustrative example

11 11 2.3 Features of BAN logic Principals are honest and they don’t lie. Any series of honest exchanges between two principals defines a feasible protocol. BAN logic is not only as a specification notation and proof system but also as a protocol programming language.

12 12 3. Solutions and fitness 3.1 Solutions as integer sequences. 3.2 Goals 3.3 Interpreting a solution 3.4 The fitness function 3.5 Search strategies

13 13 3.1 Solutions as integer sequences After S receive

14 14 3.1 Solutions as integer sequences (Cons.) The second message can be presented by a sequence of appropriate indices. Ex: (2,3,0,0),(0,3,2,0) or even by (0,2,2,3)

15 15 3.2 Goals Goals are read in from a file. They may have one, two or three operators from the set but the first such operator must be Ex:

16 16 3.3 Interpreting a solution 1. Using three inference rules to create beliefs until no more beliefs can be added. 2. Record # of goals achieved after this message has been processed.

17 17 3.4-1 The fitness function Fitness function:  wi: weightings  gi: # of goals achieved after message I  M: message

18 18 3.4-2 Weighting strategies 1. Early credit (EC) 2. Uniform credit (UC) 3. Delayed gratification (DG) 4. Advanced delayed gratification (ADG) 5. Uniform delayed gratification (UDG) 6. Destination judgement (DJ)

19 19 3.4-2 Weighting strategies (Con.)

20 20 3.5 Search strategies In this paper, author use two ways to find the best solution.  Simulated annealing  Genetic algorithms

21 21 4. From assumptions to goals The goals (six messages):

22 22 4. From assumptions to goals (Con.) The assumptions:

23 23 4.1 Simulated annealing results Temperature cooling factor: 0.95 150 iterations, 400 candidate moves within each inner loop. 20 runs of the algorithm for each fitness function strategy. A run takes at most a few minutes.

24 24 4.1 Simulated annealing results (Con.) Uniform credit performs both reliably and efficiently.

25 25 4.2 Genetic algorithm results Crossover probabilities took from {0.2, 0.4, 0.6, 0.8, 1.0} Mutation probabilities took from {0.005, 0.01, 0.015, 0.02, 0.025} Each combination of weighting strategy, corssover probability and mutation probability was tried. (making 150 combinations) Population size: 200 A run takes at most a few minutes.

26 26 4.2 Genetic algorithm results (Con.)

27 27 4.2 Genetic algorithm results (Con.)

28 28 Experimentation The six message can satisfy all the goals.

29 29 5. Reduced condition 5.1 Reduced goals 5.2 Reduced assumptions 5.3 Reducing # of beliefs per component to three of two 5.4 results

30 30 5.1 Reduced goals Original six goals can be reduced to four goals.

31 31 5.2 Reduced assumptions Original eight assumptions have two rather strange assumptions:

32 32 5.3 Reducing # of beliefs per component From the point of view of solution mechanism. To erase some beliefs and still can achieve the security goals. solution mechanism V.S component information (GA can increase reliability by increasing # of belief component per message)

33 33 5.4 results

34 34 5.4 results (Con.)

35 35 6. Summary GA seemed sensitive to parametric variation and fitness function choice. Annealing seemed more robust. The above work has indicated that be used to generate abstract protocols from end-to-end specifications.

Download ppt "1 Protocols are programs too The meta-heuristic search for security protocols By John A. Clark."

Similar presentations

Population-based metaheuristics Nature-inspired Initialize a population A new population of solutions is generated Integrate the new population into the.

Population-based metaheuristics Nature-inspired Initialize a population A new population of solutions is generated Integrate the new population into the.
Constraint Optimization We are interested in the general non-linear programming problem like the following Find x which optimizes f(x) subject to gi(x)

Constraint Optimization We are interested in the general non-linear programming problem like the following Find x which optimizes f(x) subject to gi(x)
Lecture 3Dr. Verma1 COSC 6397 – Information Assurance Module M2 – Protocol Specification and Verification University of Houston Rakesh Verma Lecture 3.

Lecture 3Dr. Verma1 COSC 6397 – Information Assurance Module M2 – Protocol Specification and Verification University of Houston Rakesh Verma Lecture 3.
BAN Logic A Logic of Authentication Presentation by Heather Goldsby Michelle Pirtle (Mike Burrows, Marin Abadi, Roger Needham) Published 1989, SRC Research.

BAN Logic A Logic of Authentication Presentation by Heather Goldsby Michelle Pirtle (Mike Burrows, Marin Abadi, Roger Needham) Published 1989, SRC Research.
1 15.053 Tuesday, May 14 Genetic Algorithms Handouts: Lecture Notes Question: when should there be an additional review session?

Tuesday, May 14 Genetic Algorithms Handouts: Lecture Notes Question: when should there be an additional review session?
CPSC 322, Lecture 16Slide 1 Stochastic Local Search Variants Computer Science cpsc322, Lecture 16 (Textbook Chpt 4.8) February, 9, 2009.

CPSC 322, Lecture 16Slide 1 Stochastic Local Search Variants Computer Science cpsc322, Lecture 16 (Textbook Chpt 4.8) February, 9, 2009.
Spie98-1 Evolutionary Algorithms, Simulated Annealing, and Tabu Search: A Comparative Study H. Youssef, S. M. Sait, H. Adiche

Spie98-1 Evolutionary Algorithms, Simulated Annealing, and Tabu Search: A Comparative Study H. Youssef, S. M. Sait, H. Adiche
1 Wendy Williams Metaheuristic Algorithms Genetic Algorithms: A Tutorial “Genetic Algorithms are good at taking large, potentially huge search spaces and.

1 Wendy Williams Metaheuristic Algorithms Genetic Algorithms: A Tutorial “Genetic Algorithms are good at taking large, potentially huge search spaces and.
Tabu Search for Model Selection in Multiple Regression Zvi Drezner California State University Fullerton.

Tabu Search for Model Selection in Multiple Regression Zvi Drezner California State University Fullerton.
Genetic Algorithms GAs are one of the most powerful and applicable search methods available GA originally developed by John Holland (1975) Inspired by.

Genetic Algorithms GAs are one of the most powerful and applicable search methods available GA originally developed by John Holland (1975) Inspired by.
Heuristic Optimisation in Design and Analysis John A Clark University of York, UK

Heuristic Optimisation in Design and Analysis John A Clark University of York, UK
Genetic Algorithm for Variable Selection

Genetic Algorithm for Variable Selection
A Logic of Authentication Michael Burrows, Martin Abadi, Roger Needham BAN Logic Presented by : Wenjin Hu.

A Logic of Authentication Michael Burrows, Martin Abadi, Roger Needham BAN Logic Presented by : Wenjin Hu.
Game of Life Changhyo Yu 2003. 06. 09. Game of Life2 Introduction Conway’s Game of Life  Rule Dies if # of alive neighbor cells =< 2 (loneliness) Dies.

Game of Life Changhyo Yu Game of Life2 Introduction Conway’s Game of Life  Rule Dies if # of alive neighbor cells =< 2 (loneliness) Dies.
Planning operation start times for the manufacture of capital products with uncertain processing times and resource constraints D.P. Song, Dr. C.Hicks.

Planning operation start times for the manufacture of capital products with uncertain processing times and resource constraints D.P. Song, Dr. C.Hicks.
Protocols are Programs Too: Using GAs to Evolve Secure Protocols John A Clark Dept. of Computer Science University of York, UK

Protocols are Programs Too: Using GAs to Evolve Secure Protocols John A Clark Dept. of Computer Science University of York, UK
Intro to AI Genetic Algorithm Ruth Bergman Fall 2004.

Intro to AI Genetic Algorithm Ruth Bergman Fall 2004.
Information Security of Embedded Systems 10.2.2010: BAN-Logic Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Information Security of Embedded Systems : BAN-Logic Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
Making and Breaking Security Protocols with Heuristic Optimisation John A Clark Dept. of Computer Science University of York, UK

Making and Breaking Security Protocols with Heuristic Optimisation John A Clark Dept. of Computer Science University of York, UK
Using Simulated Annealing and Evolution Strategy scheduling capital products with complex product structure By: Dongping SONG Supervisors: Dr. Chris Hicks.

Using Simulated Annealing and Evolution Strategy scheduling capital products with complex product structure By: Dongping SONG Supervisors: Dr. Chris Hicks.

Similar presentations

Ads by Google