Deciding Security for Protocols with Recursive Tests

Arnaud, Mathilde; Cortier, Véronique; Delaune, Stéphanie

doi:10.1007/978-3-642-22438-6_6

Cited by 11 publications

(7 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Indeed, we consider arbitrary cryptographic primitives (provided they can be expressed as terms) and arbitrary protocol transitions. For example, our model allows neighbourhood tests, recursive operations, and of course standard patternmatching, encompassing the models proposed in [25,7,8].…”

Section: Introductionmentioning

confidence: 99%

Analysing Routing Protocols: Four Nodes Topologies Are Sufficient

Cortier

Degrieck

Delaune

2012

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. Routing protocols aim at establishing a route between nodes on a network. Secured versions of routing protocols have been proposed in order to provide more guarantees on the resulting routes. Formal methods have proved their usefulness when analysing standard security protocols such as confidentiality or authentication protocols. However, existing results and tools do not apply to routing protocols. This is due in particular to the fact that all possible topologies (infinitely many) have to be considered.In this paper, we propose a simple reduction result: when looking for attacks on properties such as the validity of the route, it is sufficient to consider topologies with only four nodes, resulting in a number of just five distinct topologies to consider. As an application, we analyse the SRP applied to DSR and the SDMSR protocols using the ProVerif tool.

show abstract

Section: Introductionmentioning

confidence: 99%

Analysing Routing Protocols: Four Nodes Topologies Are Sufficient

Cortier

Degrieck

Delaune

2012

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…Such solutions often demand participation of system administrators during the verification phase, and require domain-specific expertise. The third aspect focuses on security properties, such as origin and route authenticity properties, in secure networking protocols that use cryptographic primitives [5,6,10,14,52].…”

Section: Related Workmentioning

confidence: 99%

Automated verification of safety properties of declarative networking programs

Chen

Loh

Jia

et al. 2015

Proceedings of the 17th International Symposium on Principles and Practice of Declarative Programming

View full text Add to dashboard Cite

Networks are complex systems that unfortunately are ridden with errors. Such errors can lead to disruption of services, which may have grave consequences. Verification of networks is key to eliminating errors and building robust networks. In this paper, we propose an approach to verify networks using declarative networking, where networks are specified in NDlog, a declarative language. We focus on analyzing safety properties. We develop a technique to statically analyze NDlog programs: first, we build a dependency graph of the predicates of NDlog programs; then, we build a summary data structure called a derivation pool to represent all possible derivations and their associated constraints for predicates in the program; finally, properties specified in first-order logic are checked on the data structure with the help of the SMT solver Z3. We build a prototype tool and demonstrate the effectiveness of the tool in validating and debugging several SDN applications.

show abstract

“…More formally, for any trace tr of a process, if tr satisfies (2) and is such that there no distinct insertion for the same voter, that is:…”

Section: Verifiability Propertiesmentioning

confidence: 99%

“…In our ProVerif model we have considered an arbitrary number of options n, an arbitrary number of voters m, and several values for the number of selections k. To be able to cope with an arbitrary number of selections, we would need to handle lists of arbitrary size (representing the selection of a voter). While there are some preliminary results for protocols with lists [10,2,28], none of them can be applied to our symbolic mocel for the Neufchâtel protocol. This is why we consider several fixed values for k. The security properties together with corresponding the trust assumptions are summarized in Table 1 while the experiments are presented in Table 2.…”

Section: So Proving the Equivalencementioning

confidence: 99%

A Formal Analysis of the Neuchatel e-Voting Protocol

Cortier

Galindo

Turuani

2018

2018 IEEE European Symposium on Security and Privacy (EuroS&P)

View full text Add to dashboard Cite

Remote electronic voting is used in several countries for legally binding elections. Unlike academic voting protocols, these systems are not always documented and their security is rarely analysed rigorously. In this paper, we study a voting system that has been used for electing political representatives and in citizen-driven referenda in the Swiss canton of Neuchâtel. We design a detailed model of the protocol in ProVerif for both privacy and verifiability properties. Our analysis mostly confirms the security of the underlying protocol: we show that the Neuchâtel protocol guarantees ballot privacy, even against a corrupted server; it also ensures cast-as-intended and recorded-as-cast verifiability, even if the voter's device is compromised. To our knowledge, this is the first time a full-fledged automatic symbolic analysis of an e-voting system used for politically-binding elections has been realized.

show abstract

Deciding Security for Protocols with Recursive Tests

Cited by 11 publications

References 16 publications

Analysing Routing Protocols: Four Nodes Topologies Are Sufficient

Analysing Routing Protocols: Four Nodes Topologies Are Sufficient

Automated verification of safety properties of declarative networking programs

A Formal Analysis of the Neuchatel e-Voting Protocol

Contact Info

Product

Resources

About