A First Step Towards the Automatic Generation of Security Protocols
نویسندگان
چکیده
This paper describes automatic protocol generation (APG for short), a novel mechanism to generate security protocols automatically. With APG, the protocol designer inputs the specification of the desired security properties and the system requirements. The system requirements include a metric function which specifies the cost or overhead of protocol primitives, which defines an ordering over protocols with respect to the metric function. Based on this ordering, APG explores the protocol space and outputs the correct protocol which has minimal cost with respect to the metric function, as well as satisfies the security properties and system requirements. The APG approach has several advantages over the current protocol design process. It is fully automatic, and hence, more efficient than a manual process. The protocols generated by APG offer higher confidence, because they are verified by a powerful protocol analyzer. Another significant advantage is that, because APG search through the protocol space in the order of increasing cost with respect to the metric function, APG generates correct protocols with minimal cost which ideally suit the system This research was done while the authors were at Carnegie Mellon University. This publication was supported in part by Contract Number 102590-98-C-3513 from the United States Postal Service. The contents of this publication are solely the responsibility of the author and do not necessarily reflect the official views of the United States Postal Service. requirements. Furthermore, APG is flexible in the sense that it can handle different security properties and different system requirements. To gain experience with APG, we conduct a case study on the automatic generation of twoparty, mutual authentication protocols. In one experiment, APG generates authentication protocols that are simpler than the standard protocols documented in the literature (i.e., ISO standards [Int93]). In another experiment, the automatic protocol generation generates different protocols with minimal cost for varying requirements, hence demonstrating its capability to produce high quality protocols.
منابع مشابه
Design of Fuzzy Logic Based PI Controller for DFIG-based Wind Farm Aimed at Automatic Generation Control in an Interconnected Two Area Power System
This paper addresses the design procedure of a fuzzy logic-based adaptive approach for DFIGs to enhance automatic generation control (AGC) capabilities and provide better dynamic responses in multi-area power systems. In doing so, a proportional-integral (PI) controller is employed in DFIG structure to control the governor speed of wind turbine. At the first stage, the adjustable parameters of ...
متن کاملAn Advanced Hybrid Honeypot for Providing Effective Resistance in Automatic Network Generation
Increasing usage of Internet and computer networks by individuals and organizations and also attackers’ usage of new methods and tools in an attempt to endanger network security, have led to the emergence of a wide range of threats to networks. A honeypot is one of the basic techniques employed for network security improvement. It is basically designed to be attacked so as to get the attackers’...
متن کاملDiffie-Hellman type key exchange protocols based on isogenies
In this paper, we propose some Diffie-Hellman type key exchange protocols using isogenies of elliptic curves. The first method which uses the endomorphism ring of an ordinary elliptic curve $ E $, is a straightforward generalization of elliptic curve Diffie-Hellman key exchange. The method uses commutativity of the endomorphism ring $ End(E) $. Then using dual isogenies, we propose...
متن کاملReverse Engineering of Network Software Binary Codes for Identification of Syntax and Semantics of Protocol Messages
Reverse engineering of network applications especially from the security point of view is of high importance and interest. Many network applications use proprietary protocols which specifications are not publicly available. Reverse engineering of such applications could provide us with vital information to understand their embedded unknown protocols. This could facilitate many tasks including d...
متن کامل