scyther
play

Scyther Semantics and Verification of Security Protocols Cas - PowerPoint PPT Presentation

Scyther Semantics and Verification of Security Protocols Cas Cremers Insecure networks and communication Arie Beppie ATM machine Bank Mobile phone Mobile phone Insecure networks and communication Arie Beppie Insecure ATM machine Bank


  1. Scyther Semantics and Verification of Security Protocols Cas Cremers

  2. Insecure networks and communication Arie Beppie ATM machine Bank Mobile phone Mobile phone

  3. Insecure networks and communication Arie Beppie Insecure ATM machine Bank networks Mobile phone Mobile phone How can we ensure that communication over an insecure network is secure ? Answer: by using security protocols .

  4. Security protocols and encryption ● Security protocols use of a mathematical mechanism called encryption to make information unreadable. ● An encrypted message can only be opened by someone who has the right key. ● This is similar to a bike lock.

  5. Information security is more than just encryption ● Even when encryption is used, a security protocol can still be insecure. ● I will give an overview of the thesis by comparing the topics with bikes and locks.

  6. Chapter 2 : Operational semantics In order to assess the (in)security of a system we need to define precisely what we mean by... ● security protocol – a way to connect the chain to the bike and lock ● intruder model – bike thieves The meaning of the concepts is defined precisely in terms of a mathematical model.

  7. Chapter 3 : Security properties What do we mean by secure? Some examples: ● complete bike remains as it is ● bike frame cannot be stolen ● bike saddle cannot be stolen Security requirements for security protocols are defined precisely in the model.

  8. Chapter 4 : Verification Starting from the mathematical model, we develop the Scyther tool in Chapter 4. Secure Description of a security protocol Scyther with security requirements. attack Insecure example

  9. Chapter 5 : Multi-protocol attacks What happens when you combine several security protocols? Method 1: Bike chain around rack and front wheel. If everybody does this, a thief can't steal a whole bike, and bike away!

  10. Chapter 5 : Multi-protocol attacks What happens when you combine several security protocols? Method 2: Bike chain around rack and frame. If everybody does this, a thief can't steal a whole bike, and bike away!

  11. Chapter 5 : Multi-protocol attacks What happens when you combine several security protocols? Method 1: Method 2: If people mix the methods, a thief can steal a whole bike! Conclusion: mixing several correct (secure) security protocols together can be incorrect (insecure)!

  12. Chapter 6 : Multi-party authentication We design a (family of) new multi-party security protocols. Going out with a group of friends. Simple method: everybody uses his own lock. This requires as many locks as there are bikes. Can we do better? Design a way to use as few locks as possible for any number of bikes.

  13. Conclusions ● We develop a new model to reason about security protocols and their properties. – New properties defined. – Theoretical results about model and properties. ● We develop the Scyther tool based on the model. ● Application of the model and tool on case studies. – Discovery of new attacks. – Development of new multi-party protocols.

More recommend