Formal Methods for Assuring Security of Computer Networks

Transcription

1 for Assuring of Computer Networks May 8, 2012

2 Outline Testing 1 Testing 2 Tools for formal methods Model based software development 3 Principals of security Key security properties Assessing security protocols Needham Schroeder public key protocol 4 Analyzing Needham Schroeder by 5 6

3 Goals Testing Introduction to formal methods Motivation of using formal methods for assuring security Comparing with testing techniques We use Needham-Schroeder public-key protocol Logical method Modelling the messages Specifying and assessing authentication

4 Testing Important part of producing each and every product More important in IT area, More complicated More than 50% of software development process Software bugs cost the U.S. economy $59.5 billion annually [NIST report, 2006]

5 What is? Tools for formal methods Model based software development Definition Mathematical based techniques for the specification, development and verification of software and hardware systems. Why do we use formal methods? To prove that the system behaves as it is expected How do we use it? Model the systems mathematically Prove that the system satisfy the properties we are interested in Why don t we always use formal method techniques Formal method techniques are expensive to apply

6 Tools for formal methods Tools for formal methods Model based software development Automata Logic and Calculi Formal languages Semantics Algebra (e.g., process algebra)

7 Example of using formal methods Tools for formal methods Model based software development q0 Message-Rec(Req,1)/Message-Send(ack,0,1) Timeout()/Print("timeout",1) Timeout()/Print("timeout",2) Message-Rec(Req,2)/Message-Send(ack,0,2) q2 Timeout()/ErrMsg q3 Message-Rec(Req,1)/Connect(1) Message-Rec(Req,2)/ErrMsg Message-Rec(Req,1)/ErrMsg Message-Rec(Req,2)/Connect(2) q4 q1 q5

8 Model based software development Tools for formal methods Model based software development Design a model Verify the model Implement the model Validate the implementation Take existing implementation Extract a model from implementation Verify the model

9 Different modelling techniques Tools for formal methods Model based software development Models are extracted from the code Models are extracted from the requirements and specification Models are extracted from a black box

10 is achieved by: Testing Principals of security Key security properties Assessing security protocols Needham Schroeder public key protocol Sufficiently strong cryptographic algorithms and protocols Correct implementation of hardware and software Appropriate assumptions about trusted authorities Formal analytical techniques

11 Principals of security Testing Principals of security Key security properties Assessing security protocols Needham Schroeder public key protocol People Keys Processes and machines that send and receive information Access information resources

12 Key security properties Testing Principals of security Key security properties Assessing security protocols Needham Schroeder public key protocol privacy or confidentiality: knowing with accuracy which principals can read data integrity: detecting corruption of information authentication: knowing the identity of a principal or the source of information access control: restricting the use of a resource to privileged principals non-repudiation: preventing principals from subsequently denying their actions availability of service: guaranteeing authorised principals always have access to services

13 Public key infrastructure Principals of security Key security properties Assessing security protocols Needham Schroeder public key protocol Encryption through pairs of keys Public which is made known to others Private which should be known only to the principal Supports both privacy and digital signatures

14 Assessing security protocols Principals of security Key security properties Assessing security protocols Needham Schroeder public key protocol Defeat a protocol by using bits of previously successful protocol runs (known as replay attacks) or by some form of impersonation (e.g., man in the middle attacks)

15 Principals of security Key security properties Assessing security protocols Needham Schroeder public key protocol Needham Schroeder public key protocol key distribution protocols that enable secure communication sessions where both parties are active at the same time The Needham-Schroeder protocol is designed to allow two principals to mutually authenticate themselves through a series of message exchanges, as a prelude for some secure session

16 Principals of security Key security properties Assessing security protocols Needham Schroeder public key protocol

17 Testing Analyzing Needham Schroeder by

18 Analyzing Needham Schroeder by Analyzing Needham Schroeder by

19 Analyzing Needham Schroeder by

20 Analyzing Needham Schroeder by After step 2, A ( K b B) is the desired property.

21 Analyzing Needham Schroeder by After step 2, A ( K b B) is the desired property. Live proof

22 Testing

23 Testing CA1 CA2 CA2 B

24 Testing CA1 CA2 CA2 B CA2 p = CA1 p CA1 CA2 B p = CA2 p CA2 B

25 Notions and Axioms Testing Notions P says s P Q

26 Notions and Axioms Testing Notions P says s P Q Axioms (P says (Q P)) (Q P) (P Q) ((P says s) (Q says s))

27 Testing

28 The desired property is that A concludes B p B.

29 The desired property is that A concludes B p B. Live proof

30 Testing Formal methods is an interesting method for proving the correctness of programs, e.g., security protocols It is costy but worth

31 References Testing 1. Susan Older, Shu Kai Chin. for Assuring of Protocols. The Computer Journal, A. D. Rubin, P. Honeyman. for the Analysis of Authentication Protocols. CITI Technical Report, 1993

32 Thank You For Listening