Modeling and Analyzing Security in the Presence of Compromising Adversaries
نویسندگان
چکیده
We present a framework for modeling adversaries in security protocol analysis, ranging from a Dolev-Yao style adversary to more powerful adversaries who can reveal different parts of principals’ states during protocol execution. Our adversary models unify and generalize many existing security notions from both the computational and symbolic settings. We extend an existing symbolic protocol-verification tool with our adversary models, resulting in the first tool that systematically supports notions such as weak perfect forward secrecy, key compromise impersonation, and adversaries capable of state-reveal queries. In case studies, we automatically find new attacks and rediscover known attacks that previously required detailed manual analysis.
منابع مشابه
From Dolev-Yao to Strong Adaptive Corruption: Analyzing Security in the Presence of Compromising Adversaries
We formalize a hierarchy of adversary models for security protocol analysis, ranging from a Dolev-Yao style adversary to more powerful adversaries who can reveal different parts of principals’ states during protocol execution. We define our hierarchy by a modular operational semantics describing adversarial capabilities. We use this to formalize various, practically-relevant notions of key and ...
متن کاملAnalyzing and Preventing MAC-Layer Denial of Service Attacks for Stock 802.11 Systems
Network survivability is fundamental to information security. Adversaries could compromise network functionality by attacking the physical layer, the medium access control (MAC) layer, or the network layer. Even though security mechanisms for the network layer have been extensively discussed, MAC layer security has not been deeply explored. Leveraging security flaws in the IEEE 802.11 MAC proto...
متن کامل2 Security Analysis of a System 2.1 Goals 2.2 Threat Model
Ron Rivest describes the problem of computer security as a problem of communicating in the presence of adversaries. The key point in this description is the ”presence of adversaries.” Indeed, the different between computer reliability and security lies precisely in the presence of adversaries. Reliable computer systems guarantee proper operation (and some other properties) under normal conditio...
متن کاملA new security proof for FMNV continuous non-malleable encoding scheme
A non-malleable code is a variant of an encoding scheme which is resilient to tampering attacks. The main idea behind non-malleable coding is that the adversary should not be able to obtain any valuable information about the message. Non-malleable codes are used in tamper-resilient cryptography and protecting memories against tampering attacks. Many different types of non-malleability have alre...
متن کاملToward an energy efficient PKC-based key management system for wireless sensor networks
Due to wireless nature and hostile environment, providing of security is a critical and vital task in wireless sensor networks (WSNs). It is known that key management is an integral part of a secure network. Unfortunately, in most of the previous methods, security is compromised in favor of reducing energy consumption. Consequently, they lack perfect resilience and are not fit for applications ...
متن کامل