版權(quán)說明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請(qǐng)進(jìn)行舉報(bào)或認(rèn)領(lǐng)
文檔簡(jiǎn)介
1、MSR 3:One Year LaterIliano Cervesatoilianoitd.nrl.ITT Industries, inc NRL Washington, DC/ilianoProtocol eXchange Seminar, UMBCMay 27-28, 2004NSPK in MSR 3A: princ. L: princ B:princ.pubK B nonce mset. B: princ. kB: pubK B. nA: nonce. net (nA, AkB), L (A, B, kB, nA) B: princ.
2、kB: pubK B. kA: pubK A. kA: prvK kA. nA: nonce. nB: nonce. net (nA, nBkA), L (A, B, kB, nA) net (nBkB)A B: nA, AkBB A: nA, nBkAA B: nBkBInterpretation of LRule invocationImplementation detailControl flowLocal state of roleExplicit viewImportant for DOSMSR 2 spec.1MSR 3: One Year LaterNSPK in MSR 3A:
3、princ. B: princ. kB: pubK B. nA: nonce. net (nA, AkB), (kA: pubK A. kA: prvK kA. nB: nonce. net (nA, nBkA) net (nBkB)A B: nA, AkBB A: nA, nBkAA B: nBkBSuccinctContinuation-passing styleRule asserts what to do nextLexical control flowState is implicitAbstractNot an MSR 2 spec.2MSR 3: One Year LaterLo
4、oks Familiar?A B: nA, AkBB A: nA, nBkAA B: nBkBProcess calculusA:princ.B: princ. kB: pubK B.kA: pubK A. kA: prvK kA. nB: nonce.nnA: (nA, AkB) .net .net (nBkB) . 0NA, AKBNA, NBKANBKBAlice (A,B,NA,NB) :NA Fresh, pA (A,B)Parametric strand3MSR 3: One Year LaterWhat is MSR 3?A new language for security p
5、rotocolsSupports State transition specsConservative over MSR 2Process algebraic specsRewriting re-interpretation of logicRich composable set of connectivesUniversal connectorNeutral paradigm4MSR 3: One Year LaterMore than the Sum of its PartsProcess- and transition-based specs.in the same languageCh
6、oose the paradigmUsers preferenceHighlight characteristics of interestSupport various verification techniques (FW)Mix and match stylesWithin a spec.Within a protocolWithin a role5MSR 3: One Year LaterWhat is in MSR 3 ?Security-relevant signatureNetworkEncryption, Typing infrastructureDependent types
7、SubsortingData Access Specification (DAS)Module systemEquationsFromMSR 2FromMSR 1From MSR 2implementationw-MultisetsMSR 2ProtocolsRepr. gap6MSR 3: One Year Laterw-MultisetsSpecification language for concurrent systemsCrossroad ofState transition languagesPetri nets, multiset rewriting, Process calcu
8、liCCS, p-calculus, (Linear) logicBenefitsAnalysis methods from logic and type theoryCommon ground for comparingMultiset rewritingProcess algebraAllows multiple styles of specificationUnified approachw-MultisetsMSR 2ProtocolsRepr. gap7MSR 3: One Year LaterSyntaxA:= aatomic object| 1 empty|A BA, Bform
9、ation|A BA Brewrite|Tno-op|A & BA | B choice|x. Ainstantiation|x. Ageneration|! AreplicationGeneralizes FO multiset rewriting (MSR 1-2)x1xn. a(x) y1yk. b(x,y)8MSR 3: One Year LaterState and TransitionsStatesS ; G ; DS ; DS is a listG and D arecommutative monoidsTransitionsS; G; D S; G; DS; G; D * S;
10、 D* for reflexive and transitive closureConstructor: “,”Empty: “”- logic- system w- rewriting - processes- security9MSR 3: One Year LaterTransition SemanticsS ; G ; (D, A, A B)S ; G ; (D, B)T (no rule)&S ; G ; (D, A1 & A2)S ; G ; (D, Ai)S ; G ; (D, x. A)S ; G ; (D, t/xA)if S |- tS ; G ; (D, x. A)(S,
11、 x) ; G ; (D, A)!S ; G ; (D, !A)S ; (G, A) ; DS ; (G, A) ; D S ; (G, A) ; (D, A)S ; G ; D * S ; D S ; G ; D * S ; Dif S ; G ; D S ; G ; D and S ; G ; D * S ; D 10MSR 3: One Year LaterLinear LogicFormulasA, B := a | 1 | A B | A B | ! A | T | A & B | x. A | x. ALV sequentsG ; D -S CGoalformulaSignatur
12、eUnrestrictedcontextLinearcontextConstructor: “,”Empty: “”- logic- system w- rewriting - processes- security11MSR 3: One Year LaterLogical DerivationsProof of C from D and GEmphasis on CC is inputFiniteClosedRules shownMajor premisePreserves CMinor premiseStarts subderivationG; D -S CG; D -S CG; D -
13、S CG; C -S C- logic- system w- rewriting - processes- security12MSR 3: One Year LaterA Rewriting Re-InterpretationTransitionFrom conclusionTo major premiseEmphasis on G, D and SC is output, at bestDoes not changePossibly infiniteOpenMinor premiseAuxiliary rewrite chainFiniteTopped with axiomG; D -S
14、CG; D -S CG; D -S CG; C -S C- logic- system w- rewriting - processes- security13MSR 3: One Year LaterInterpreting Unary RulesS; G; (D, !A) S; (G, A); DG; D, A -S,x CG; D, $x.A -S C G, A; D -S CG; D , !A -S CS |- t G; D, t/xA -S CG; D, x.A -S CG; D, A, B -S CG; D, AB -S CS; G; (D, AB ) S; G; (D, A, B
15、)S; G; (D, x. A) S; G; (D, t/xA)if S |- tS; G; (D, x. A) (S, x); G; (D, A)- logic- system w- rewriting - processes- security14MSR 3: One Year LaterBinary Rules and AxiomMinor premiseAuxiliary rewrite chainTop of treeFocus shifts to RHSAxiom ruleObservationG; D -S A G; D, B -S CG; D, D , AB -S CG; A
16、-S A- logic- system w- rewriting - processes- security15MSR 3: One Year LaterObservationsObservation statesS ; DIn D, we identify, with with 1Categorical semanticsIdentified with x1. xn. DFor S = x1, , xnDe Bruijns telescopesObservation transitionsS; G; D * S; DAG,G; A -S,S AG; D -S S. AD = DS; D =
17、S. D- logic- system w- rewriting - processes- security16MSR 3: One Year LaterInterpreting Binary RulesS; G; (D, D, A B) S; G; (D, B)if S; G; D * S; AG; D -S A G; D, B -S CG; D, D , AB -S CG; D -S A G; D, A -S C G; D, D -S CS; G; D, D S; G; (A, D) if S; G; D * S; AG; A -S AS; G; D * S; DS; G; D * S;
18、Dif S; G; D S; G; Dand S; G; D * S; D- logic- system w- rewriting - processes- security17MSR 3: One Year LaterFormal CorrespondenceSoundnessIfS ; G ; D * S,S; DthenG ; D -S S. DCompleteness?No! We have only crippled right rules ; ; a b, b c * ; a c- logic- system w- rewriting - processes- security18
19、MSR 3: One Year LaterSystem wWith cut, rule for can be simplified toS; G; (D, A, A B) S; G; (D, B)Cut elimination holds= in-lining of auxiliary rewrite chainsBut Careful with extra signature symbolsCareful with extra persistent objectsNo rule for needs a premise does not depend on *- logic- system w
20、- rewriting - processes- security19MSR 3: One Year LaterMultiset RewritingMultiset: set with repetitions alloweda := | a, aCommutative monoidMultiset rewriting (a.k.a. Petri nets)Rewriting within the monoid Fundamental model of distributed computingAlternative: Process AlgebrasBasis for security pro
21、tocol spec. languagesMSR family several othersMany extensions, more or less ad hoc- logic- system w- rewriting - processes- security20MSR 3: One Year LaterThe Atomic Objects of MSR 3 Atomic termsPrincipalsAKeysKNoncesNOtherRaw data, timestamp, ConstructorsEncryption_Pairing(_, _)OtherSignature, hash
22、, MAC, Fully definablePredicatesNetwork netMemory MAIntruderIw-MultisetsMSR 2ProtocolsRepr. gap21MSR 3: One Year LaterTypesFully definablePowerful abstraction mechanismAt various user-definable levelFinely tagged messagesUntyped: msg onlySimplify specification and reasoningAutomated type checkingSim
23、ple typesA : princn : noncem : msg, Dependent typesk : shK A BK : pubK AK : privK K, w-MultisetsMSR 2ProtocolsRepr. gap22MSR 3: One Year LaterSubsortingAllows atomic terms in messagesDefinableNon-transmittable termsSub-hierarchiesDiscriminant for type-flaw attackst : tw-MultisetsMSR 2ProtocolsRepr.
24、gap23MSR 3: One Year LaterData Access SpecificationPrevent illegitimate use of informationProtocol specification divided in rolesOwner = principal executing the roleA signing/encrypting with Bs keyA accessing Bs private data, Simple static checkCentral meta-theoretic notionDetailed specification of
25、Dolev-Yao access modelGives meaning to Dolev-Yao intruderCurrent effort towards integration in type systemDefinablePossibility of going beyond Dolev-Yao modelw-MultisetsMSR 2ProtocolsRepr. gap24MSR 3: One Year LaterModules and EquationsModulesBundle declarations with simple import/export interfaceKe
26、ep specifications tidyReusableEquations(For free from underlying Maude engine)Specify useful algebraic propertiesAssociativity of pairsAllow to go beyond free-algebra modelDec(k, Enc(k, M) = Mw-MultisetsMSR 2ProtocolsRepr. gap25MSR 3: One Year LaterState-Based vs. Process-BasedState-based languagesMu
溫馨提示
- 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請(qǐng)下載最新的WinRAR軟件解壓。
- 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請(qǐng)聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
- 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁內(nèi)容里面會(huì)有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
- 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
- 5. 人人文庫網(wǎng)僅提供信息存儲(chǔ)空間,僅對(duì)用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對(duì)用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對(duì)任何下載內(nèi)容負(fù)責(zé)。
- 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請(qǐng)與我們聯(lián)系,我們立即糾正。
- 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對(duì)自己和他人造成任何形式的傷害或損失。
最新文檔
- 2023勞動(dòng)者就業(yè)協(xié)議書內(nèi)容七篇
- 2023雙方保密協(xié)議書七篇
- 協(xié)議書范本汽車
- 2023房子裝修雙方協(xié)議書七篇
- 新疆維吾爾自治區(qū)喀什地區(qū)疏勒縣實(shí)驗(yàn)學(xué)校教育集團(tuán)2023-2024學(xué)年七年級(jí)11月月考道德與法治試題(原卷版)-A4
- 2024秋新滬科版物理8年級(jí)上冊(cè)教學(xué)課件 第6章 熟悉而陌生的力 第3節(jié) 來自地球的力
- 2023年藥品包裝機(jī)械項(xiàng)目融資計(jì)劃書
- 2023年聚氨酯涂料項(xiàng)目融資計(jì)劃書
- 烹飪?cè)现R(shí)習(xí)題+參考答案
- 黑龍江省佳木斯市富錦市2024屆九年級(jí)上學(xué)期期末考試數(shù)學(xué)試卷(含答案)
- PHP編程基礎(chǔ)與實(shí)例教程第3版PPT完整全套教學(xué)課件
- 國開日常學(xué)習(xí)行為表現(xiàn)范文(精選5篇)
- 教師跟崗培訓(xùn)個(gè)人總結(jié)匯報(bào)
- 計(jì)量器具的檢定及校驗(yàn)分析獲獎(jiǎng)科研報(bào)告
- 建筑工程材料取樣送檢一覽表
- 多媒體課件制作的意義及多媒體課件制作課程教案
- 經(jīng)顱磁刺激技術(shù)(TMS)理論知識(shí)考核試題及答案
- 家庭教育名師工作室建設(shè)方案
- 2023年國航華北營銷中心招聘筆試參考題庫附帶答案詳解
- 肌肉骨骼康復(fù)學(xué)教案
- 醫(yī)院突發(fā)治安事件應(yīng)急預(yù)案及流程
評(píng)論
0/150
提交評(píng)論