building and verifying a quasi certification entity over
play

Building and verifying a quasi-certification entity over - PowerPoint PPT Presentation

Jul 02, 2023 •111 likes •648 views

Building and verifying a quasi-certification entity over Distributed Hash Tables F. Kordon - Universit P. & M. Curie - CC2016 Join work with X. Bonnaire, R. Cortes & O. Marin UPMC (France), UFSM (Chile), NYUS (China)

  1. Building and verifying a quasi-certification entity over Distributed Hash Tables F. Kordon - Université P. & M. Curie - CC2016 Join work with X. Bonnaire, R. Cortes & O. Marin UPMC (France), UFSM (Chile), NYUS (China) Fabrice.Kordon@lip6.fr

  2. Certification, why? 2 Motivations Digital filling for tax purpose ‣ Certify that somebody did it before a given deadline Certified emails ‣ Use emails for legal purposes F. Kordon - Université P. & M. Curie - CC2016 Online game refereeing e-voting, etc.

  3. Certification, why? 2 Motivations Digital filling for tax purpose ‣ Certify that somebody did it before a given deadline Certified emails ‣ Use emails for legal purposes F. Kordon - Université P. & M. Curie - CC2016 Online game refereeing e-voting, etc. Existing Solutions Centralized ‣ Public Key Infrastructures (traditional PKI) ‣ Scaling problem/prone to faults/implementation (atomic multicast) Decentralized ‣ Certification on top of Distributed Hash Tables (DHT) ‣ Rapidly brings Byzantine consensus (for a 100.0% guarantee)

  4. Certification, why? 2 Motivations Digital filling for tax purpose ‣ Certify that somebody did it before a given deadline Certified emails ‣ Use emails for legal purposes Objective F. Kordon - Université P. & M. Curie - CC2016 Online game refereeing ( q u a s i ) - c e r t i f y t h a t a g i v e n a c t i o n h a s b e e e-voting, etc. n p e r f o r m e d a t a c e r t a i n t i m e D i s t r Existing Solutions i b u t e d c o n t e x t ( D H T ) Centralized ‣ Public Key Infrastructures (traditional PKI) ‣ Scaling problem/prone to faults/implementation (atomic multicast) Decentralized ‣ Certification on top of Distributed Hash Tables (DHT) ‣ Rapidly brings Byzantine consensus (for a 100.0% guarantee)

  5. DHT in a nutshell 3 Retrieve data (key + value) put (v,k) get(k) → v F. Kordon - Université P. & M. Curie - CC2016 Figure 3.6.

  6. DHT in a nutshell 3 Retrieve data (key + value) a c c e s s i n l put (v,k) o g ( n ) Totally decentralized + built)in get(k) → v redundancy for fault tolerance F. Kordon - Université P. & M. Curie - CC2016 Figure 3.6.

  7. DHT in a nutshell 3 Retrieve data (key + value) put (v,k) get(k) → v F. Kordon - Université P. & M. Curie - CC2016 R o o t n o d e

  8. DHT in a nutshell 3 Retrieve data (key + value) put (v,k) get(k) → v t e f s a e L F. Kordon - Université P. & M. Curie - CC2016 t ) o o r + ( e s d o n e o s l c L R o o t n o d e

  9. DHT in a nutshell 3 Retrieve data (key + value) put (v,k) get(k) → v t e f s a e L F. Kordon - Université P. & M. Curie - CC2016 t ) o o r + ( e s d o n e o s l c L R o o t n o d e L r o f e s u l a v l a c s i a s l C ) s t e ( b 2 3 , 1 6 , 8

  10. Quasi-certification — entities 4 A → an actor performing a service F. Kordon - Université P. & M. Curie - CC2016 A

  11. Quasi-certification — entities 4 A → an actor performing a service S → leafset hash(service) offering the service F. Kordon - Université P. & M. Curie - CC2016 1 - request init answers S A

  12. Quasi-certification — entities 4 A → an actor performing a service S → leafset hash(service) offering the service F. Kordon - Université P. & M. Curie - CC2016 1 - request init answers S A 2 - transaction End ack

  13. Quasi-certification — entities 4 A → an actor performing a service S → leafset hash(service) offering the service C → certification authority leafset hash(A/service) F. Kordon - Université P. & M. Curie - CC2016 3 - transaction ack 1 - request init C answers S A 2 - transaction End ack

  14. Quasi-certification — entities 4 A → an actor performing a service S → leafset hash(service) offering the service C → certification authority leafset hash(A/service) F. Kordon - Université P. & M. Curie - CC2016 3 - transaction ack 1 - request init C answers S A 4 - certificate generation Certificate 2 - transaction End ack Log Entry

  15. Quasi-certification — protocol structure 5 5 A S C F. Kordon - Université P. & M. Curie - CC2016

  16. Quasi-certification — protocol structure 5 5 A S C A requests leaf set receive leaf set A requests cert. service F. Kordon - Université P. & M. Curie - CC2016 ack cert. service

  17. Quasi-certification — protocol structure 5 5 A S C A requests leaf set receive leaf set A requests cert. service F. Kordon - Université P. & M. Curie - CC2016 ack cert. service the service

  18. Quasi-certification — protocol structure 5 5 A S C A requests leaf set receive leaf set A requests cert. service F. Kordon - Université P. & M. Curie - CC2016 ack cert. service the service nodes request leaf set nodes receive leaf set nodes ack transaction

  19. Quasi-certification — protocol structure 5 5 A S C } A requests leaf set receive leaf set 1 : A & S secure exchanges A requests cert. service F. Kordon - Université P. & M. Curie - CC2016 ack cert. service } 2 : exchanges to perform the service the service } 3 : S get trustset from C nodes request leaf set nodes receive leaf set } 4 : C elaborates the nodes ack transaction side certificate

  20. Quasi-certification — protocol structure 5 5 A S C } A requests leaf set receive leaf set 1 : A & S secure exchanges A requests cert. service F. Kordon - Université P. & M. Curie - CC2016 ack cert. service } 2 : exchanges to perform the service the service } 3 : S get trustset from C nodes request leaf set nodes receive leaf set } 4 : C elaborates the y t i r o j a M nodes ack transaction side certificate ⇒ L/2+1 answers

  21. Quasi-certification — protocol structure 5 5 A S C } A requests leaf set receive leaf set 1 : A & S secure exchanges D i v e A requests cert. service r s i t y r o u F. Kordon - Université P. & M. Curie - CC2016 t i n g ack cert. service To serre the leafset } 2 : exchanges to perform the service the service } 3 : S get trustset from C nodes request leaf set nodes receive leaf set } 4 : C elaborates the y t i r o j a M nodes ack transaction side certificate ⇒ L/2+1 answers

  22. The verification process 6 Proof (by any method?) Proven to be undecidable [FLP 85] F. Kordon - Université P. & M. Curie - CC2016

  23. The verification process 6 Proof (by any method?) Proven to be undecidable [FLP 85] So what? F. Kordon - Université P. & M. Curie - CC2016 Being pragmatic Going for «quasi»

  24. The verification process 6 Proof (by any method?) Proven to be undecidable [FLP 85] So what? F. Kordon - Université P. & M. Curie - CC2016 Being pragmatic Going for «quasi» Two steps 1. modeling the protocol in a perfect world (no error) Use of Petri nets 2. Probabilistic analysis to evaluate the failure rate Use of a classical fault model, building a formula + numeric evaluation

  25. Modeling the protocol (step 1) 7 Hypotheses H 1 : perfect world H 2 : service reduced to 1 interaction H 3 : L+1 answer requested instead of L/2+1 F. Kordon - Université P. & M. Curie - CC2016 ‣ Symmetric net with Bags?

  26. Modeling the protocol (step 1) 7 s e b l a i a r v d n a s e p y T L ; . 0 . s i d i t s e p t y ; > i d s t d , i t s < s i d s i t d x i t s e p t y ; i d s t i n i r v a F. Kordon - Université P. & M. Curie - CC2016

  27. Modeling the protocol (step 1) 7 Types and variables Sstart Astart <i> <i> malS1 <tsid.all> AreqTS <i> type tsid is 0..L; malA1 type tsidxtsid is <tsid, tsid>; n1 a1 SsendTS AgetTS <tsid.all> <i> <i> var i in tsid; malA2 malS2 n2 a2 s2 <i> <i> <tsid.all> AreqCS <i> F. Kordon - Université P. & M. Curie - CC2016 n3 malA3 a3 SackCS AackCS <tsid.all> <i> <i> malA4 malS3 n4 a4 s3 <i> malicious_reservoir

  28. Modeling the protocol (step 1) 7 Types and variables Sstart Astart <i> <i> malS1 <tsid.all> AreqTS <i> type tsid is 0..L; malA1 type tsidxtsid is <tsid, tsid>; n1 a1 SsendTS AgetTS <tsid.all> <i> <i> var i in tsid; malA2 malS2 n2 a2 s2 <i> <i> <tsid.all> AreqCS <i> F. Kordon - Université P. & M. Curie - CC2016 n3 malA3 a3 SackCS AackCS <tsid.all> <i> <i> <i> malA4 malA4 malS3 malS3 n4 a4 a4 s3 <i> s3 <i> malicious_reservoir malicious_reservoir <i> AstartCS <tsid.all> <i> SstopAbort malA5 n5 Sperform a5 <i> malS4 <tsid.all> AendCS <i> s4 <i> n6 AstopOK AstopAbort

Recommend

Voluntary EU certification for Voluntary EU certification for non-residential buildings

Voluntary EU certification for Voluntary EU certification for non-residential buildings

Voluntary EU certification for Voluntary EU certification for non-residential buildings Definition of an Energy Performance Scale Jana Bendalov BUILDING TESTING AND RESEARCH INSTITUTE / Slovakia 09 January 2012 1 Context

609 views • 19 slides
Verifying Richard Birds On building trees of The algorithm Implementation minimum

Verifying Richard Birds On building trees of The algorithm Implementation minimum

The pearl Verifying Richard Birds On building trees of The algorithm Implementation minimum height L.T. van Binsbergen J.P. Pizani Flor Department of Information and Computing Sciences, Utrecht University Wednesday 26 th June, 2013

234 views • 11 slides
What it means for LIRs Alain P. AI NA Special Project M anager What is Resource Certification ?

What it means for LIRs Alain P. AI NA Special Project M anager What is Resource Certification ?

Resource Certification What it means for LIRs Alain P. AI NA Special Project M anager What is Resource Certification ? Resource Certification is is a security framework for verifying the association between resource holders and their

569 views • 20 slides
IEA SHC Task 57 Solar Standards and Certification Subtask C: Promotion and capacity building with

IEA SHC Task 57 Solar Standards and Certification Subtask C: Promotion and capacity building with

IEA SHC Task 57 Solar Standards and Certification Subtask C: Promotion and capacity building with respect to ISO standards and state-of-the-art certification schemes Khalid Salmi SHAMCI Network Secretariat (RCREEE) Standardization and

409 views • 18 slides
Entity Search: Building Bridges between Two Worlds Krisztian Balog , Edgar Meij, and Maarten de

Entity Search: Building Bridges between Two Worlds Krisztian Balog , Edgar Meij, and Maarten de

Entity Search: Building Bridges between Two Worlds Krisztian Balog , Edgar Meij, and Maarten de Rijke ISLA, University of Amsterdam http://ilps.science.uva.nl Entity search Information organized around entities Instead of finding

750 views • 27 slides
SpaceSearch: A Library for Building and Verifying Solver-Aided Tools Konstantin Steven S.

SpaceSearch: A Library for Building and Verifying Solver-Aided Tools Konstantin Steven S.

SpaceSearch: A Library for Building and Verifying Solver-Aided Tools Konstantin Steven S. Stefan Emina Michael Zachary Weitz Lyubomirsky Heule Torlak D. Ernst Tatlock Reduction SMT Reduction SMT Reduction SpaceSearch

696 views • 59 slides
C.H. GROUP PTY LTD UNITING CARE AGED CARE BUILDING CERTIFICATION AND BCA 9C WORKSHOP MARCH

C.H. GROUP PTY LTD UNITING CARE AGED CARE BUILDING CERTIFICATION AND BCA 9C WORKSHOP MARCH

03-64194 Aged Care Building Certification Assessment Instrument Uniting Care NSW- March 2003 C.H. GROUP PTY LTD UNITING CARE AGED CARE BUILDING CERTIFICATION AND BCA 9C WORKSHOP MARCH 2003 Presented by Peter Chenoweth TABLE OF CONTENTS

513 views • 27 slides
SpaceSearch: A Library for Building and Verifying Solver-Aided Tools Konstantin Steven S.

SpaceSearch: A Library for Building and Verifying Solver-Aided Tools Konstantin Steven S.

SpaceSearch: A Library for Building and Verifying Solver-Aided Tools Konstantin Steven S. Stefan Emina Michael Zachary Weitz Lyubomirsky Heule Torlak D. Ernst Tatlock Reduction SMT Reduction SMT Reduction SpaceSearch Reduction

747 views • 57 slides
Testing and Certification of Building Products January 27, 2011 Presented by: Cameron Dodd,

Testing and Certification of Building Products January 27, 2011 Presented by: Cameron Dodd,

Testing and Certification of Building Products January 27, 2011 Presented by: Cameron Dodd, Account Manager Building Products Matt Lansdowne, Senior Engineer Building Products www.intertek.com Presentation Agenda Intertek

917 views • 47 slides
Designs Chapter 11 Quasi-Experimentation Quasi-experiments resemble experiments, but lack

Designs Chapter 11 Quasi-Experimentation Quasi-experiments resemble experiments, but lack

Quasi-Experimental Designs Chapter 11 Quasi-Experimentation Quasi-experiments resemble experiments, but lack experimental control lack of random assignment is the key point of distinction between quasi- experiments and true

888 views • 31 slides
1 2 3 KASS Certification Procedure Operation System Certification Certification Training

1 2 3 KASS Certification Procedure Operation System Certification Certification Training

1 2 3 KASS Certification Procedure Operation System Certification Certification Training Inspection/Audit Establish MoC Status of Operator/ Maintainer Manual, Function Identify CRB Record and Interfaces Result of Form Ground/

618 views • 24 slides
CAPLA CERTIFICATION PROGRAM EVERYTHING YOU NEED TO KNOW ABOUT THE CERTIFICATION EXAM HOW TO

CAPLA CERTIFICATION PROGRAM EVERYTHING YOU NEED TO KNOW ABOUT THE CERTIFICATION EXAM HOW TO

CAPLA CERTIFICATION PROGRAM EVERYTHING YOU NEED TO KNOW ABOUT THE CERTIFICATION EXAM HOW TO APPLY TO WRITE Once you have logged into the Then under Certification The Certification committee Application Forms may be CAPLA website using

687 views • 37 slides
1 quasi-newton in one variable: the secant method In a one dimensional problem, approximating the

1 quasi-newton in one variable: the secant method In a one dimensional problem, approximating the

QUASI-N E W TON MET HODS David F. Gleich February 29, 2012 Te material here is from Chapter 6 in No- Te idea behind Quasi-Newton methods is to make an optimization algorithm with cedal and Wright, and Section 12.3 in Griva, Sofer, and Nash.

56 views • 3 slides
Verifying filesystems in ACL2 Towards verifying file recovery tools Mihir Mehta Department of

Verifying filesystems in ACL2 Towards verifying file recovery tools Mihir Mehta Department of

Verifying filesystems in ACL2 Towards verifying file recovery tools Mihir Mehta Department of Computer Science University of Texas at Austin mihir@cs.utexas.edu 10 November, 2017 1/34 Outline Motivation and related work Our approach

681 views • 34 slides
Verifying filesystems in ACL2 Towards verifying file recovery tools Mihir Mehta Department of

Verifying filesystems in ACL2 Towards verifying file recovery tools Mihir Mehta Department of

Verifying filesystems in ACL2 Towards verifying file recovery tools Mihir Mehta Department of Computer Science University of Texas at Austin mihir@cs.utexas.edu 09 March, 2017 Overview 1. Why we need a verified filesystem 2. Our approach

514 views • 29 slides
1 CERTIFICATION Coming to you soon! 2 What is OPTA VIA Certification? OPTA VIA

1 CERTIFICATION Coming to you soon! 2 What is OPTA VIA Certification? OPTA VIA

1 CERTIFICATION Coming to you soon! 2 What is OPTA VIA Certification? OPTA VIA Certification is based on Dr. As Habits of Health Transformational System and is available to all Coaches who want to apply and reinforce their knowledge of

613 views • 19 slides
Certification Pathway to CCC-A Todd R. Philbrick, CAE Director, Certification Ex Officio to the

Certification Pathway to CCC-A Todd R. Philbrick, CAE Director, Certification Ex Officio to the

ASHA Certification Pathway to CCC-A Todd R. Philbrick, CAE Director, Certification Ex Officio to the CFCC Presentation Overview What is Certification? CCC-A Certification Standards CCC-A Application Process FAQs Keep your

209 views • 19 slides
SCHEME FOR THE CERTIFICATION OF DESIGN (BUILDING STRUCTURES) IN SCOTLAND Presentation by Robert

SCHEME FOR THE CERTIFICATION OF DESIGN (BUILDING STRUCTURES) IN SCOTLAND Presentation by Robert

SCHEME FOR THE CERTIFICATION OF DESIGN (BUILDING STRUCTURES) IN SCOTLAND Presentation by Robert Jopling BEng, CEng, MICE Chairman of Scottish Registration Board Structural Engineers Registration Ltd About me Regional Director in Glasgow

851 views • 39 slides
Building a Potable Water Operator Certification Framework Erin Mackey, Ph.D., P.E. Who is CUWA?

Building a Potable Water Operator Certification Framework Erin Mackey, Ph.D., P.E. Who is CUWA?

Building a Potable Water Operator Certification Framework Erin Mackey, Ph.D., P.E. Who is CUWA? Population Served 26 m millio ion n (in 2 2013) 013) Retail Agencies: Alameda County Water District (ACWD) East Bay Municipal Utility

287 views • 27 slides
Ruijsenaars-Schneider system from reduction Quasi- quasi-Hamiltonian reduction Hamiltonian

Ruijsenaars-Schneider system from reduction Quasi- quasi-Hamiltonian reduction Hamiltonian

Marsden- Weinstein Ruijsenaars-Schneider system from reduction Quasi- quasi-Hamiltonian reduction Hamiltonian reduction Classification of compact integrable Timo Kluck systems Larger coupling Mathematisch Instituut, Universiteit

660 views • 62 slides
D ISCUSSION ON NERC CIP V 5 September 25, 2014 Requirement Asset Entity Impact Determination

D ISCUSSION ON NERC CIP V 5 September 25, 2014 Requirement Asset Entity Impact Determination

S ECURITY U SERS G ROUP D ISCUSSION ON NERC CIP V 5 September 25, 2014 Requirement Asset Entity Impact Determination Applicability B IG P ICTURE E NTITY A PPLICABILITY http://www.nerc.com/pa/comp/Pages/Registration-and-Certification.aspx E

383 views • 20 slides
LEED Certification Litigation: Emerging Risks Minimizing Liability Through Green Building Contracts

LEED Certification Litigation: Emerging Risks Minimizing Liability Through Green Building Contracts

Presenting a live 90 minute webinar with interactive Q&amp;A LEED Certification Litigation: Emerging Risks Minimizing Liability Through Green Building Contracts and Effective Insurance Coverage THURS DAY, JANUARY 6, 2011 1pm Eastern |

1.13k views • 91 slides
CSCE 790 Computer Systems Security Entity Authentication Professor Qiang Zeng Spring 2020

CSCE 790 Computer Systems Security Entity Authentication Professor Qiang Zeng Spring 2020

CSCE 790 Computer Systems Security Entity Authentication Professor Qiang Zeng Spring 2020 Previous Class PKI Digital Certificate Certificate Authority Verifying Certificates and Chain of Trust Revoking Certificates

310 views • 30 slides
Weighted Quasi-optimal and Recursive Quasi-optimal Satellite Selection Techniques for GNSS V.

Weighted Quasi-optimal and Recursive Quasi-optimal Satellite Selection Techniques for GNSS V.

Weighted Quasi-optimal and Recursive Quasi-optimal Satellite Selection Techniques for GNSS V. Satya Srinivas 1 , A.D. Sarma 2 and A. Supraja Reddy 2 1 Geethanj ali College of Engineering and Technology, Cheeryal (V), Telangana 501301 India 2

466 views • 35 slides

More recommend