Download presentation
Presentation is loading. Please wait.
1
1 Protocols are programs too The meta-heuristic search for security protocols By John A. Clark
2
2 1.BAN logic Was created by Burrows, Abadi and Needham. Was viewed as a protocol programming language.
3
3 1.BAN logic (Con.) Abstract view of design: 1. A characterisation of the design space 2. An evaluation (fitness) function 3. A search strategy: GA, Simulated annealing.
4
4 1.BAN logic (Con.) Term definition: Principal: A, B,S Belief: X, Y, Z Message: contains one or more belief. ex:
5
5 2. Protocols and belief logic representations 2.1 Notational conventions 2.2 Belief logic representations 2.2-1 Basic notation 2.2-2 Inference rules 2.3 Features of BAN logic
6
6 2.1 Notational conventions General protocol description. ex: A B : F Keys and encryption. ex: Nonces. (have specific value to be used only once) ex: Na is a nonce created by principal A.
7
7 2.2-1 Basic notation 1. Key goodness: 2. Nonceness and freshness: 3. Once said:ex: 4. Believes: ex:
8
8 2.2-2 Inference rules Message meaning rule: Nonce verification rule: It is a way of promoting once said assertions to actual belief. (It may cause some confusion)
9
9 2.2-2 Inference rules (Con.) Jurisdiction rule: Ex: Q is a key server. Q has jurisdiction over X
10
10 Illustrative example
11
11 2.3 Features of BAN logic Principals are honest and they don’t lie. Any series of honest exchanges between two principals defines a feasible protocol. BAN logic is not only as a specification notation and proof system but also as a protocol programming language.
12
12 3. Solutions and fitness 3.1 Solutions as integer sequences. 3.2 Goals 3.3 Interpreting a solution 3.4 The fitness function 3.5 Search strategies
13
13 3.1 Solutions as integer sequences After S receive
14
14 3.1 Solutions as integer sequences (Cons.) The second message can be presented by a sequence of appropriate indices. Ex: (2,3,0,0),(0,3,2,0) or even by (0,2,2,3)
15
15 3.2 Goals Goals are read in from a file. They may have one, two or three operators from the set but the first such operator must be Ex:
16
16 3.3 Interpreting a solution 1. Using three inference rules to create beliefs until no more beliefs can be added. 2. Record # of goals achieved after this message has been processed.
17
17 3.4-1 The fitness function Fitness function: wi: weightings gi: # of goals achieved after message I M: message
18
18 3.4-2 Weighting strategies 1. Early credit (EC) 2. Uniform credit (UC) 3. Delayed gratification (DG) 4. Advanced delayed gratification (ADG) 5. Uniform delayed gratification (UDG) 6. Destination judgement (DJ)
19
19 3.4-2 Weighting strategies (Con.)
20
20 3.5 Search strategies In this paper, author use two ways to find the best solution. Simulated annealing Genetic algorithms
21
21 4. From assumptions to goals The goals (six messages):
22
22 4. From assumptions to goals (Con.) The assumptions:
23
23 4.1 Simulated annealing results Temperature cooling factor: 0.95 150 iterations, 400 candidate moves within each inner loop. 20 runs of the algorithm for each fitness function strategy. A run takes at most a few minutes.
24
24 4.1 Simulated annealing results (Con.) Uniform credit performs both reliably and efficiently.
25
25 4.2 Genetic algorithm results Crossover probabilities took from {0.2, 0.4, 0.6, 0.8, 1.0} Mutation probabilities took from {0.005, 0.01, 0.015, 0.02, 0.025} Each combination of weighting strategy, corssover probability and mutation probability was tried. (making 150 combinations) Population size: 200 A run takes at most a few minutes.
26
26 4.2 Genetic algorithm results (Con.)
27
27 4.2 Genetic algorithm results (Con.)
28
28 Experimentation The six message can satisfy all the goals.
29
29 5. Reduced condition 5.1 Reduced goals 5.2 Reduced assumptions 5.3 Reducing # of beliefs per component to three of two 5.4 results
30
30 5.1 Reduced goals Original six goals can be reduced to four goals.
31
31 5.2 Reduced assumptions Original eight assumptions have two rather strange assumptions:
32
32 5.3 Reducing # of beliefs per component From the point of view of solution mechanism. To erase some beliefs and still can achieve the security goals. solution mechanism V.S component information (GA can increase reliability by increasing # of belief component per message)
33
33 5.4 results
34
34 5.4 results (Con.)
35
35 6. Summary GA seemed sensitive to parametric variation and fitness function choice. Annealing seemed more robust. The above work has indicated that be used to generate abstract protocols from end-to-end specifications.
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.