UV - Verification Everywhere: Security, Dependability,...

Info iconThis preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon
Verifcation Everywhere: Security, Dependability, Reliability Lenore D. Zuck Usable Verifcation, May 25, 2011 1
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
“Trustworthy” Protocols: NTLM A suite of Microsoft security protocols Proves authentication, integrity, conFdentiality Had been replaced by Kerberos unless it can ʼ t: - domain controller unavailable/unreachable - client is not Kerberos capable - user remotely authenticating over the web - ... Vulnerable to a credential forwarding attack 2
Background image of page 2
“Trustworthy” Protocols 3
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
And then. .. 4
Background image of page 4
Why?? Protocols not carefully designed (hard to obtain exact specs from English description) Protocols not formally veriFed (“ we may never get a secure system, and we surely won ʼ t unless we verify it ”) Bugs take a long time to identify (usually long after deployment) Patching breaks backward compatibility and we lack . .. 5
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
We lack Integration of veriFcation methodologies - that operate on networks - that incorporate functional and non-functional properties - that implementations follow speciFcations - that check backward compatibility Agreed upon language(s) to formally specify the security properties we require from systems that can be veriFed ±ormal assumptions of attacker and attack models 6
Background image of page 6
Road Map Fully verifed protocols robust against security attacks + = Note: Attackable! expressive (pref decidable) logic for both functional and non-functional properties of protocol + + + http://www.faqs.org/photo-dict/phrase/374/scroll.html http://www.gilad.co.uk/writings/the-protocols-of-the-elders-of-zion-verse-2-by-gilad-atzmon.html http://www.alternative-zine.com/interviews/en/88 Translation Validation invariant generation theorem proving parame- terization http://www.faqs.org/photo-dict/phrase/457/building-blocks.html http://www.1stpositionmarketing.com/blog/?Tag=Twitter%20tools 7
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
On What There Is Tools to verify security protocols ( Avispa , Athena , Scyther , ProVerif ) - Cannot be easily accommodated to work on arbitrary topologies and arbitrarily large messages Handcrafted tools for particular protocols [Pereira, Paulson] Bugs found even on veriFed protocols (TLS) Implementation sometimes break security (side-channel attacks) [Bleichbaher, Kocher] Missing: General tools to verify protocols on any topology, careful speciFcations of protocol requirements and attack model, proofs that implementations do not introduce new ±aws 8
Background image of page 8
What Formal Methods offer A variety of methodologies to help veriFcation of: Protocols (arbitrary, even dynamic, topology and number of participants) even in case of attacks on network* Stepwise reFnement (functional and non-functional properties)* Theorem provers that allow integration of proofs about mathematics with proofs about software 9
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
On Refnement Techniques apply to high-level abstractions But it ʼ s actual code we want to verify Existing techniques can help verify that properties are preserved at reFned code, but Unlike many properties, security ±aws can pop up at the lower level implementation (e.g., Kocher attack on RSA) and may require new methodologies (to show that security is preserved) 10
Background image of page 10
Image of page 11
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 02/07/2012 for the course CS 4322 taught by Professor Martinrinard during the Spring '11 term at MIT.

Page1 / 45

UV - Verification Everywhere: Security, Dependability,...

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online