Provable Security: How Feasible Is It?
نویسندگان
چکیده
Strong, machine-checked security proofs of operating systems have been in the too hard basket long enough. They will still be too hard for large mainstream operating systems, but even for systems designed from the ground up for security they have been counted as infeasible. There are high-level formal models, nice security properties, ways of architecting and engineering secure systems, but no implementation level proofs yet, not even with the recent verification of the seL4 microkernel. This needs to change.
منابع مشابه
Practice-Oriented Provable-Security
This short article is intended to complement my talk. I would like to try to introduce you to a certain, relatively new sub-area of cryptography that we have been calling practice-oriented provable-security. It is about applying the ideas of “provably security” to the derivation of practical, secure protocols. I believe it is a fruitful blend of theory and practice that is able to enrich both s...
متن کاملAlgorithmic Tamper-Proof (ATP) Security: Theoretical Foundations for Security against Hardware Tampering
Traditionally, secure cryptographic algorithms provide security against an adversary who has only black-box access to the secret information of honest parties. However, such models are not always adequate. In particular, the security of these algorithms may completely break under (feasible) attacks that tamper with the secret key. In this paper we propose a theoretical framework to investigate ...
متن کاملProvable Data Possession Scheme based on Homomorphic Hash Function in Cloud Storage
Cloud storage can satisfy the demand of accessing data at anytime, anyplace. In cloud storage, only when the users can verify that the cloud storage server possesses the data correctly, users shall feel relax to use cloud storage. Provable data possession(PDP) makes it easy for a third party to verify whether the data is integrity in the cloud storage server. We analyze the existing PDP schemes...
متن کاملA secure ownership transfer protocol using EPCglobal Gen-2 RFID
Radio Frequency Identification (RFID) is a relatively new technology. In recent years, it has been shown to be convenient and feasible in many applications. However, there are security issues which need to be addressed. Due to the wireless transmission of the RFID system, malicious people can gain the information in the RFID tags, and the user’s privacy is invaded. Although there have been many...
متن کاملIdentity-based Key Management Scheme with Provable Security for Wireless Sensor Networks
Key management is the basis of security in wireless sensor networks. In the key management, more attentions should be paid to the public key schemes. An identity-based key management scheme for wireless sensor networks is proposed, where the node identity is used to encrypt the key generating material. The pairwise key is generated by the material ultimately. The security of the proposed scheme...
متن کامل