92 research outputs found
Deciding insecurity for non-atomic keys
Colloque avec actes et comité de lecture. internationale.International audienceWe present an NP decision procedure for insecurity in the case of finite sessions and non-atomic encryption keys (and no fixed bound on the size of messages). We also explain that in order to build an attack with a fixed number of sessions the intruder needs only to forge messages of linear size, provided that they are represented as dags. This is joint work with Mathieu Turuani and is based on our paper presented in June 2001 at 14th CSFW. for more information: http://www.loria.fr/equipes/protheo/SOFTWARES/CASROL
Deciding insecurity for non-atomic keys
Colloque avec actes et comité de lecture. internationale.International audienceWe present an NP decision procedure for insecurity in the case of finite sessions and non-atomic encryption keys (and no fixed bound on the size of messages). We also explain that in order to build an attack with a fixed number of sessions the intruder needs only to forge messages of linear size, provided that they are represented as dags. This is joint work with Mathieu Turuani and is based on our paper presented in June 2001 at 14th CSFW. for more information: http://www.loria.fr/equipes/protheo/SOFTWARES/CASROL
Validation of the ASW Contract Signing Protocol
International audienceWe consider the verification of contract signing protocol within a useful logical formalism, called the Protocol Composition Logic: here, a security proof is a combination of axioms and rules of the logic. We continue the case study of the verification of the ASW protocol by Turuani et al and propose an interactive proof of the fairness of ASW using the Isabelle theorem prover
The CL-Atse Protocol Analyser
We present a symbolic analysis of the ephemerizer's protocol by Radia Perlman, using the CL-Atse tool from the AVISPA's toolsuite. This protocol allows transmitting a data that will ``disappear'' (i.e. cannot be retrieved) after a certain time. We show that this protocol is secured for this property plus the secrecy of the data, but is trivially non secured for it's integrity. Therefore, we present two extensions of this protocol, one natural and probably already done in practice, the other one much less obvious. We shows that while the first extension guaranty the basic integrity property under certain conditions, the second one is much stronger and even allows faster computations
Protocol insecurity with a finite number of sessions, composed keys is NP-complete.
We investigate the complexity of the protocol insecurity problem for a finite number of sessions (fixed number of interleaved runs). We show that this problem is NP-complete with respect to a Dolev–Yao model of intruders. The result does not assume a limit on the size of messages and supports non-atomic symmetric encryption keys. We also prove that in order to build an attack with a fixed number of sessions the intruder needs only to forge messages of linear size, provided that they are represented as dags
Sécurité des protocoles cryptographiques (décidabilité et complexité)
NANCY1-SCD Sciences & Techniques (545782101) / SudocSudocFranceF
Adding Integrity to the Ephemerizer's Protocol
We present a symbolic analysis of the ephemerizer's protocol by Radia Perlman, using the CL-Atse tool from the AVISPA's tool-suite. This protocol allows transmitting a data that will "disappear" (i.e. cannot be retrieved) after a certain time. We show that this protocol is secured for this property plus the secrecy of the data, but is trivially non secured for it's integrity. Therefore, we present two extensions of this protocol, one natural and probably already done in practice, the other one much less obvious. We shows that while the first extension guaranty the basic integrity property under certain conditions, the second one is much stronger and even allows faster computations
Adding Integrity to the Ephemerizer's Protocol
We present a symbolic analysis of the ephemerizer's protocol by Radia Perlman, using the CL-Atse tool from the AVISPA's tool-suite. This protocol allows transmitting a data that will "disappear" (i.e. cannot be retrieved) after a certain time. We show that this protocol is secured for this property plus the secrecy of the data, but is trivially non secured for it's integrity. Therefore, we present two extensions of this protocol, one natural and probably already done in practice, the other one much less obvious. We shows that while the first extension guaranty the basic integrity property under certain conditions, the second one is much stronger and even allows faster computations
Validating Integrity for the Ephemerizer's Protocol with CL-Atse
International audienceIt is usually very difficult in Computer Science to make an information "disappear" after a certain time, once it has been published or mirrored by servers world wide. This, however, is the goal of the IBM ephemerizer's protocol by Radia Perlman. We present in this paper the general structure of the CL-Atse protocol analysis tool from the AVISPA's tool-suite, and symbolic analysis of the ephemerizer's protocol and its extensions using CL-Atse. This protocol allows transmitting a data which retrieval is guarantied to be impossible after a certain time. We show that this protocol is secure for this property plus the secrecy of the data, but is trivially non secure for its integrity. We model a standard integrity check as a first extension to this protocol, which is natural and close to common usage, and we present a second extension for integrity that is much less obvious and deeply integrated in the structure of the ephemerizer's protocol. Then, we show that while the first extension guaranty the basic integrity property under certain conditions, the second one is much stronger and allows faster computations
- …
