Robbing the bank with a theorem prover
نویسندگان
چکیده
In this work, we present the first automated analysis of security application programming interfaces (security APIs). In particular, we analyze the API of the IBM 4758 CCA, a hardware security module for banking networks. Adapting techniques from formal analyses of security protocols, we model the API purely according its specification and assuming ideal encryption primitives. We then use the automated theorem-prover Otter to analyze this model, combining its standard reasoning strategies with novel techniques of our own (also presented here). In this way, we derive not only all published API-level attacks against the 4758 CCA, but an extension to these attacks as well. Thus, this work represents the first step toward fully-automated, rigorous analyses of security APIs. Our main contribution to the analysis of security APIs is thus three-fold:
منابع مشابه
Robbing the Bank with a Theorem Prover - (Transcript of Discussion)
So it’s a fairly provocative title, how did we get to that? Well automated tools have been successfully applied to modelling security protocols and finding attacks, and some good examples here are Gavin Lowe’s work, using FDR to model the Needham-Shroeder protocols, and Larry Paulson’s work using Isabella to prove the SET protocol secure. Now we come to the observation that security protocols, ...
متن کاملA Self-Modifying Theorem Prover
Theorem provers can be viewed as containing declarative knowledge (in the form of axioms and lemmas) and procedural knowledge (in the form of an algorithm for proving theorems). Sometimes, as in the case of commutative laws in a Knuth-Bendix prover, it is appropriate or necessary to transfer knowledge from one category to the other. We describe a theorem proving system that independently recogn...
متن کاملSystem Description: Leo – A Resolution based Higher-Order Theorem Prover
We present Leo, a resolution based theorem prover for classical higher-order logic. It can be employed as both an fully automated theorem prover and an interactive theorem prover. Leo has been implemented as part of the Ωmega environment [23] and has been integrated with the Ωmega proof assistant. Higher-order resolution proofs developed with Leo can be displayed and communicated to the user vi...
متن کاملMSPASS: Modal Reasoning by Translation and First-Order Resolution
mspass is an extension of the first-order theorem prover spass, which can be used as a modal logic theorem prover, a theorem prover for description logics and a theorem prover for the relational cal-
متن کاملSPEAR Theorem Prover
SPEAR is a modular arithmetic theorem prover designed for proving software verification conditions. The core of the theorem prover is a fast and simple SAT solver, which is described in this paper.
متن کامل