Jan Verschuren

PINPAS: a Tool for Power Analysis of Smartcards

This paper describes the PINPAS tool, a tool for the simulation of power analysis and other side-channel attacks on smartcards. The PINPAS tool supports the testing of algorithms for vulnerability to SPA, DPA, etc. at the software level. Exploitation of the PINPAS tool allows for the identification of weaknesses in the implementation in an early stage of development. A toy algorithm is discussed to illustrate the usage of the tool.

Architecting Security with Paradigm

For large security systems a clear separation of concerns is achieved through architecting. Particularly the dynamic consistency between the architectural components should be addressed, in addition to individual component behaviour. In this paper, relevant dynamic consistency is specified through Paradigm, a coordination modeling language based on dynamic constraints. As it is argued, this fits well with security issues. A smaller example introduces the architectural approach towards implementing security policies. A larger casestudy illustrates the use of Paradigm in analyzing the FOO voting scheme. In addition, translating the Paradigm models into process algebra brings model checking within reach. Security properties of the examples discussed, are formally verified with the model checker mCRL2.

Efficient Realisation of Security Services in the Osi-Rm

The IS0 Reference Model for Open Systems Interconnection (0%-RM) enables Application Processes (APs) on different computersystems to exchange information. In case sensitive infomation is exchanged, APs will intend to protect their information according to their respective security policies. In this article the assumption is made that the security policies of the APs intending to communicate are the same: they are defmed by the Bell-LaPadula model. I t is investigated how the OSI-security services can help in realising a security policy defined by the Bell-LaPadula model. I t turned out that enforcement of the BellLaPadula security policy on a network wide basis not only requires the confidentiality service to be implemented. Also integrity services are important in order to prevent undetected modification of the sensitivity class of the data transferred. To deal with the considerable amount of cryptographic mechanisms which can be applied, we chose to indicate them globally: it is specified what keys can be used by each AP. Thus it follows what key is available for enciphering information or for providing the integrity of informat ion. Several distributions of keys emerge, all of them able to support the B-LP-model. A selection out of these is made, after discussing their strong and weak points. For both individuals and companies, it is essential that they can exchange and receive information. Several ways can be used to do this e.g. by talking or by writing. Electronic exchange of messages (by means of e-mail for example) is also a possibility. As information can be very critical and important for individuals and certainly for companies, it is of the utmost importance that they keep control over it. Therefore the possessor of information has a security policy i.e. a set of laws, rules and practices that regulate how sensitive information is to be managed, protected and distributed. As these rules are written in a natural language, they are in general susceptible to multiple interpretations on specific points. To avoid this ambiguity, the policy needs to be restated in a formal language thus resulting in a so called formal security policy model (FSPM). The Bell-LaPadula (B-LP) model [l] is an example of a FSPM. The security policy needs to be fulfilled independent of the configuration which is used to transfer the information. More specifically, one can imagine a stand-alone configuration where communication takes place between two Application Processes (APs) which are both resident on the (same) machine. It is also possible that APs are running on different end-systems which are connected by means of public telecommuni-

Extending Paradigm with Data

We discuss an extension of the coordination modeling language Paradigm. The extension is geared towards data-dependent interaction among components, where the coordination is influenced by possibly distributed data. The approach is illustrated by the well-known example of a bakery where tickets are issued to serve clients in order. Also, it is described how to encode Paradigm models with data in the process language of the mCRL2 toolset for further analysis of the coordination.