Deduction with XOR Constraints in Security API Modelling
نویسنده
چکیده
We introduce XOR constraints, and show how they enable a theorem prover to reason effectively about security critical subsystems which employ bitwise XOR. Our primary case study is the API of the IBM 4758 hardware security module. We also show how our technique can be applied to standard security protocols.
منابع مشابه
Extending SAT Solver with Parity Reasoning
Aalto University, P.O. Box 11000, FI-00076 Aalto www.aalto.fi Author Tero Laitinen Name of the doctoral dissertation Extending SAT Solver with Parity Reasoning Publisher School of Science Unit Department of Information and Computer Science Series Aalto University publication series DOCTORAL DISSERTATIONS 177/2014 Field of research Theoretical Computer Science Manuscript submitted 10 September 2...
متن کاملRobbing the Bank with a Theorem Prover - (Transcript of Discussion)
So it’s a fairly provocative title, how did we get to that? Well automated tools have been successfully applied to modelling security protocols and finding attacks, and some good examples here are Gavin Lowe’s work, using FDR to model the Needham-Shroeder protocols, and Larry Paulson’s work using Isabella to prove the SET protocol secure. Now we come to the observation that security protocols, ...
متن کاملAutomatic Analysis of the Security of XOR-Based Key Management Schemes
We describe a new algorithm for analysing security protocols that use XOR, such as key-management APIs. As a case study, we consider the IBM 4758 CCA API, which is widely used in the ATM (cash machine) network. Earlier versions of the CCA API were shown to have serious flaws, and the fixes introduced by IBM in version 2.41 had not previously been formally analysed. We first investigate IBM’s pr...
متن کاملOn the Decidability of a Class of XOR-based Key-management APIs
We define a new class of security protocols using XOR, and show that secrecy after an unbounded number of sessions is decidable for this class. The new class is important as it contains examples of key-management APIs, such as the IBM 4758 CCA API, which lie outside the classes for which secrecy has previously been shown to be decidable. Earlier versions of the CCA API were shown to have seriou...
متن کاملExtending Sat Solver with Parity Constraints
Current methods for solving Boolean satisfiability problem (SAT) are scalable enough to solve discrete nonlinear problems involving hundreds of thousands of variables. However, modern SAT solvers scale poorly with problems involving parity constraints (linear equations modulo 2). Gaussian elimination can be used to solve a system of linear equation effectively but it cannot be applied as such w...
متن کامل