scholarly journals Formal verification of the YubiKey and YubiHSM APIs in Maude-NPA

10.29007/c4xk ◽  
2018 ◽  
Author(s):  
Antonio González-Burgueño ◽  
Damián Aparicio-Sánchez ◽  
Santiago Escobar ◽  
Catherine Meadows ◽  
José Meseguer
Keyword(s):  
Automated Analysis ◽  
Cryptographic Protocol ◽  
Protocol Composition ◽  
Limited Support ◽  
Security Properties ◽  
Security Module ◽  
Complex Features ◽  
Exclusive Or ◽  
Event Based ◽  
Recent Version

We perform an automated analysis of two devices developed by Yubico: YubiKey, de- signed to authenticate a user to network-based services, and YubiHSM, Yubico’s hardware security module. Both are analyzed using the Maude-NPA cryptographic protocol an- alyzer. Although previous work has been done applying formal tools to these devices, there has not been any completely automated analysis. This is not surprising, because both YubiKey and YubiHSM, which make use of cryptographic APIs, involve a number of complex features: (i) discrete time in the form of Lamport clocks, (ii) a mutable memory for storing previously seen keys or nonces, (iii) event-based properties that require an analysis of sequences of actions, and (iv) reasoning modulo exclusive-or. Maude-NPA has provided support for exclusive-or for years but has not provided support for the other three features, which we show can also be supported by using constraints on natural numbers, protocol composition and reasoning modulo associativity. In this work, we have been able to automatically prove security properties of YubiKey and find the known at- tacks on the YubiHSM, in both cases beyond the capabilities of previous work using the Tamarin Prover due to the need of auxiliary user-defined lemmas and limited support for exclusive-or. Tamarin has recently been endowed with exclusive-or and we have rewritten the original specification of YubiHSM in Tamarin to use exclusive-or, confirming that both attacks on YubiHSM can be carried out by this recent version of Tamarin.

scholarly journals Formal Analysis of SET and NSL Protocols Using the Interpretation Functions-Based Method

2012 ◽  
Vol 2012 ◽  
pp. 1-18 ◽  
Author(s):  
Hanane Houmani ◽  
Mohamed Mejri
Keyword(s):  
Communication Channel ◽  
Formal Analysis ◽  
Sufficient Conditions ◽  
Main Idea ◽  
The Internet ◽  
Cryptographic Protocol ◽  
Cryptographic Primitives ◽  
Algebraic Properties ◽  
Security Properties ◽  
Set Protocol

Most applications in the Internet such as e-banking and e-commerce use the SET and the NSL protocols to protect the communication channel between the client and the server. Then, it is crucial to ensure that these protocols respect some security properties such as confidentiality, authentication, and integrity. In this paper, we analyze the SET and the NSL protocols with respect to the confidentiality (secrecy) property. To perform this analysis, we use the interpretation functions-based method. The main idea behind the interpretation functions-based technique is to give sufficient conditions that allow to guarantee that a cryptographic protocol respects the secrecy property. The flexibility of the proposed conditions allows the verification of daily-life protocols such as SET and NSL. Also, this method could be used under different assumptions such as a variety of intruder abilities including algebraic properties of cryptographic primitives. The NSL protocol, for instance, is analyzed with and without the homomorphism property. We show also, using the SET protocol, the usefulness of this approach to correct weaknesses and problems discovered during the analysis.

scholarly journals Design and Implementation of an Anonymous and Secure Online Evaluation Protocol

Electronics ◽  
2020 ◽  
Vol 9 (9) ◽  
pp. 1415
Author(s):  
Nikolaos Petrakos ◽  
Stefanos Monachos ◽  
Emmanouil Magkos ◽  
Panayiotis Kotzanikolaou
Keyword(s):  
Evaluation System ◽  
State Of The Art ◽  
Course Evaluations ◽  
Cryptographic Protocol ◽  
Web Based ◽  
Academic Environments ◽  
Design And Implementation ◽  
Online Evaluation ◽  
Evaluation Protocol ◽  
Security Properties

Course evaluations have become a common practice in most academic environments. To enhance participation, evaluations should be private and ensure a fair result. Related privacy-preserving method and technologies (e.g., anonymous credentials, Privacy Attribute-Based Credentials, and domain signatures) fail to address, at least in an obvious way, the minimal security and practicality requirements. In this paper, we propose, evaluate, and implement an efficient, anonymous evaluation protocol for academic environments. The protocol borrows ideas from well-known and efficient cryptographic approaches for anonymously submitting ballots in Internet elections for issuing one-time credentials and for anonymously broadcasting information. The proposed protocol extends the above approaches in order to provably satisfy properties such as the eligibility, privacy, fairness and verifiability of the evaluation system. Compared to the state of the art, our approach is less complex and more effective, while security properties of the proposed protocol are verified using the ProVerif cryptographic protocol verifier. A web-based implementation of the protocol has been developed and compared to other approaches and systems.

AN APPLICATION OF ESOP EXPRESSIONS TO SECURE COMPUTATIONS

2007 ◽  
Vol 16 (02) ◽  
pp. 191-198 ◽  
Author(s):  
TAKAAKI MIZUKI ◽  
TARO OTAGIRI ◽  
HIDEAKI SONE
Keyword(s):  
Minimal Model ◽  
Communication Complexity ◽  
Cryptographic Protocols ◽  
Historical Research ◽  
Cryptographic Protocol ◽  
Sum Of Products ◽  
Exclusive Or

This paper gives an application of exclusive-or sum-of-products (ESOP) expressions to designing cryptographic protocols. That is, this paper deals with secure computations in a minimal model, and gives a protocol which securely computes every function by means of the techniques of ESOP expressions. The communication complexity of our protocol is proportional to the size of an obtained multiple-valued-input ESOP expression. Since the historical research on minimizing ESOP expressions is now still active, our protocol will "automatically" turn to an efficient one as this research progresses. Thus, we hope that the existence of our cryptographic protocol would motivate further research on minimizing ESOP expressions.

scholarly journals Events in Security Protocols

2001 ◽  
Vol 8 (13) ◽  
Author(s):  
Federico Crazzolara ◽  
Glynn Winskel
Keyword(s):  
Petri Nets ◽  
Expressive Language ◽  
Security Protocols ◽  
Security Protocol ◽  
Event Structures ◽  
Restricted Form ◽  
Wide Range ◽  
Strand Spaces ◽  
Security Properties ◽  
Event Based

<p>The events of a security protocol and their causal dependency<br />can play an important role in the analysis of security properties.<br /> This insight underlies both strand spaces and the inductive<br />method. But neither of these approaches builds up the events of<br />a protocol in a compositional way, so that there is an informal<br />spring from the protocol to its model. By broadening the models<br />to certain kinds of Petri nets, a restricted form of contextual nets,<br />a compositional event-based semantics is given to an economical,<br />but expressive, language for describing security protocols; so the<br />events and dependency of a wide range of protocols are determined<br /> once and for all. The net semantics is formally related to a<br />transition semantics, strand spaces and inductive rules, as well as<br />trace languages and event structures, so unifying a range of <br />approaches, as well as providing conditions under which particular,<br />more limited, models are adequate for the analysis of protocols.<br />The net semantics allows the derivation of general properties and<br />proof principles which are demonstrated in establishing an <br />authentication property, following a diagrammatic style of proof.</p>

scholarly journals Mind the Gap: Ceremonies for Applied Secret Sharing

2020 ◽  
Vol 2020 (2) ◽  
pp. 397-415
Author(s):  
Bailey Kacsmar ◽  
Chelsea H. Komlo ◽  
Florian Kerschbaum ◽  
Ian Goldberg
Keyword(s):  
Secret Sharing ◽  
Real World ◽  
Use Cases ◽  
Security And Privacy ◽  
Theoretical Research ◽  
Secret Sharing Schemes ◽  
Cryptographic Protocol ◽  
Security Assessment ◽  
Security Properties ◽  
Potential Loss

AbstractSecret sharing schemes are desirable across a variety of real-world settings due to the security and privacy properties they can provide, such as availability and separation of privilege. However, transitioning secret sharing schemes from theoretical research to practical use must account for gaps in achieving these properties that arise due to the realities of concrete implementations, threat models, and use cases. We present a formalization and analysis, using Ellison’s notion of ceremonies, that demonstrates how simple variations in use cases of secret sharing schemes result in the potential loss of some security properties, a result that cannot be derived from the analysis of the underlying cryptographic protocol alone. Our framework accounts for such variations in the design and analysis of secret sharing implementations by presenting a more detailed user-focused process and defining previously overlooked assumptions about user roles and actions within the scheme to support analysis when designing such ceremonies. We identify existing mechanisms that, when applied to an appropriate implementation, close the security gaps we identified. We present our implementation including these mechanisms and a corresponding security assessment using our framework.

scholarly journals An image encryption scheme based on public key cryptosystem and quantum logistic map

2020 ◽  
Vol 10 (1) ◽  
Author(s):  
Guodong Ye ◽  
Kaixin Jiao ◽  
Xiaoling Huang ◽  
Bok-Min Goi ◽  
Wun-She Yap
Keyword(s):  
Image Encryption ◽  
Logistic Map ◽  
Security Analysis ◽  
Encryption Scheme ◽  
Statistical Experiments ◽  
Encryption Schemes ◽  
Security Properties ◽  
Exclusive Or ◽  
And Diffusion ◽  
Confusion And Diffusion

AbstractMost of existing image encryption schemes are proposed in the spatial domain which easily destroys the correlation between pixels. This paper proposes an image encryption scheme by employing discrete cosine transform (DCT), quantum logistic map and substitution-permutation network (SPN). The DCT is used to transform the images in the frequency domain. Meanwhile, the SPN is used to provide the security properties of confusion and diffusion. The SPN provides fast encryption as compared to the asymmetric based image encryption since operations with low computational complexity are used (e.g., exclusive-or and permutation). Different statistical experiments and security analysis are performed against six grayscale and color images to justify the effectiveness and security of the proposed image encryption scheme.

The Effects of Questionnaire Length and Behavioral Consequences on Careless Responding

2020 ◽  
Vol 36 (2) ◽  
pp. 410-420 ◽  
Author(s):  
Anthony M. Gibson ◽  
Nathan A. Bowling
Keyword(s):  
Self Report ◽  
Randomized Experiments ◽  
High Quality ◽  
Buffering Effect ◽  
Careless Responding ◽  
Main Effect ◽  
Limited Support ◽  
Report Data ◽  
Self Report Data ◽  
Consistent Support

Abstract. The current paper reports the results of two randomized experiments designed to test the effects of questionnaire length on careless responding (CR). Both experiments also examined whether the presence of a behavioral consequence (i.e., a reward or a punishment) designed to encourage careful responding buffers the effects of questionnaire length on CR. Collectively, our two studies found (a) some support for the main effect of questionnaire length, (b) consistent support for the main effect of the consequence manipulations, and (c) very limited support for the buffering effect of the consequence manipulations. Because the advancement of many subfields of psychology rests on the availability of high-quality self-report data, further research should examine the causes and prevention of CR.

Sign in / Sign up

Export Citation Format

Share Document