Olga Siedlecka-Lamch

Parallel Bounded Model Checking of Security Protocols

The verification of security protocols is a difficult process taking into consideration a concept and computations. The difficulties start just during the appropriate adequate protocol specification, and during studying its properties. In case of the computation connected with constructing and searching of the modeling structures of protocol execution and scattered knowledge of the users, the problems are the sizes of those structures. For small values of parameters such as numbers of sessions, users, or encryption keys the proper models are usually not very big, and searching them is not a problem, however in case of increasing the values of the above mentioned parameters, the models are sometimes too big, and there is no possibility to construct them nor search properly. In order to increase the values of studying protocol parameters, and necessary increase the computation effectiveness, the appropriate solutions must be introduced. In the article, the solutions which enable full and effective parallelization of the computations during automatic verification of security protocols are introduced. The suitable experimental results are also presented.

Timed Analysis of Security Protocols

This paper presents some remarks on the analysis of security protocols taking into account their time properties. Usually untimed or timed protocols are investigated with security properties, such as the secrecy of some data or the allowance of mutual authentication. These properties are independent of time. In this paper we investigate different executions, sometimes executed simultaneously, of a protocol and different types of times: ciphering and deciphering time, step execution time, whole protocol execution time, and delays in the network. Taking this into account we can investigate how these times can be chosen regardless of the possibility of an attack execution. As part of the work we have implemented a tool that helps us in the mentioned work and allows to present some experimental results.

Probabilistic Model Checking of Security Protocols without Perfect Cryptography Assumption

This paper presents the description of a new, probabilistic approach to model checking of security protocols. The protocol, beyond traditional verification, goes through a phase in which we resign from a perfect cryptography assumption. We assume a certain minimal, but measurable probability of breaking/gaining the cryptographic key, and explore how it affects the execution of the protocol. As part of this work we have implemented a tool, that helps to analyze the probability of interception of sensitive information by the Intruder, depending on the preset parameters (number of communication participants, keys, nonces, the probability of breaking a cipher, etc.). Due to the huge size of the constructed computational spaces, we use parallel computing to search for states that contain the considered properties.

Using Backward Induction Techniques in (Timed) Security Protocols Verification

This paper shows a new way of automatic verification of properties of untimed and timed security protocols. To do this we use a modified version of previously introduced formal model based on a network of synchronized (timed) automata that expreses behaviour and distributed knowledge of users during protocol executions. In our new approach we will use the backward induction method for searching of a tree of all real executions of an investigated protocol. Our approach uses additionally the boolean encoding of constructed structures and SAT solvers for searching answers to the questions about investigated properties which are expressed as reachability or unreachability of undesired states in a considered model. We exemplify all our notions and formalisms on the well known NSPK, and show experimental results for checking authentication and security properties of a few untimed and timed protocols.

Interval probabilities of state transitions in probabilistic automata

Working principle of the probabilistic automaton is based on the state transition probability [4], [6]. Construction of the automaton depends on its purpose. We assume that all transitions probabilities are constant[3]. In situations where low levels of information (entropy) suggest assurance solutions, we use interval probabilities (remembering that the sum of the probabilities of transition to the given state must remain equal to 1). This variant generates additional problems, which are: how to prevent the redundancy of the probabilities sum; the physical interpretation of this situation; undervaluing of the probabilities sum; determine the criteria of the structure and parameters optimization (minimization) relative to the semantic resources of formal languages described by the automaton; change in the level of information entropy.

Parallel quantum algorithm for finding the consistency of saaty's matrices

Features of the quantum systems enable simple calculation of the eigenvalues in uniquely - parallel way. We propose the use of quantum algorithms for the implementation of an iterative method to search for consistency in the Saatys matrix of relative judgments, by step by step closing up to the consistent matrix structure. Typically, the matrix of relative judgments is prepared on the basis of the opinion of an expert or group of experts. In practice if is necessary to obtain consistent form of opinions set, but when we want to get the desired level of their consistency we must even in the minimal scope correct them. Criteria of correction are: the minimum number of seats of correcting (the fastest convergence to the consistency) or minimum summary value of alterations. In our proposition we can choose several variants of the iterative corrections as a way of consolidation. The method most often chosen by experts is based on the minimal correction in every iteration. Sometimes we want to make minimal iteration steps. Details of this classical approach are presented in [9]. In this paper we want to support the classical algorithm by the quantum convention and parameters. The measurement realization will be connected with the state transition and reading of the eigenvalue. The superposition procedure will be activated after the transition, what causes the change of the probability of the choice of location of next correction(s). In the aspect of quantum calculations we use quantum vectors, qubits, inner and tensor vectors, linear operators, projectors, gates etc. The resulting effect (for simulation of quantum calculations) concerning the complexity of the calculations is comparable to the classical algorithm.

Network’s Delays in Timed Analysis of Security Protocols

For several years, the analysis of security protocols time properties has been very important in the area of computer networks security. Up to now, however, it has been primarily used for timestamps analysis, without the other time related parameters being taken into account. As we can see in literature using formal, mathematical structures many problems can be considered and solved. In order to present the assets and liabilities of the tested protocol, depending on the known time parameters, we have proposed a mathematical model.

On Some Time Aspects in Security Protocols Analysis

In many verification approaches for security protocols analysis time aspects are omitted. According to this in our work we try to show how these problems are important in this area. To do this we present new ideas as well as methods for calculating and checking several types of time parameters that characterize some time aspects during and after the protocol’s execution. As an example we present the timed analysis in the case of the timed version of the well known the NSPKL protocol (Needham Schroeder Public Key Protocol revised by Lowe). The experimental results obtained using a proprietary tool are also shown. Using this, during the running of the protocol, the “presence” of the Intruder can be followed by observing incorrect time of the protocol execution. As we will see, both those too short and too long allows this.

Some Remarks on Security Protocols Verification Tools

The problem of security protocols correctness is one of the main security problems connected with communication in computer networks. Several automatic tools for verifying properties of such protocols have been proposed and used. These tools allow to find weaknesses in many variants of the protocols proposed so far. However, these tools are not entirely bug-free. In this paper, we investigate some selected problems of well known, and widely used tools for protocols verification such as AVISPA, Scyther, VerICS or PathFinder. In our considerations, we propose a few examples of protocols that cannot be used in practice or do not ensure security goals, but are positively verified by some tools. We discuss problems connected with these observations and compare how different verification tools can solve them.

Verification of Mutual Authentication Protocol for MobInfoSec System

This paper presents a detailed analysis of the mutual authentication protocol developed especially for the system MobInfoSec - for a mobile device to share and protect classified information. MobInfoSec uses fine-grained access rules described by general access structures. In this paper we describe the architecture and functioning of the system, and the requirements imposed on cryptographic authentication protocols, resulting from both: standards, the collection of good practices, as well as directly from the vision of the system. The article contains a description of the protocol’s parts and formal analysis of its security.