A THEORETICAL FRAMEWORK FOR MODELLING AND SIMULATING SECURITY PROTOCOLS - PowerPoint PPT Presentation

1 / 25
About This Presentation
Title:

A THEORETICAL FRAMEWORK FOR MODELLING AND SIMULATING SECURITY PROTOCOLS

Description:

finally, the Needham-Schroeder and DSE Transfer (DSET) protocols are considered ... Needham-Schroeder protocol. The Simulation Model. DSE transfer (DSET) protocol ... – PowerPoint PPT presentation

Number of Views:47
Avg rating:3.0/5.0
Slides: 26
Provided by: carl307
Category:

less

Transcript and Presenter's Notes

Title: A THEORETICAL FRAMEWORK FOR MODELLING AND SIMULATING SECURITY PROTOCOLS


1
A THEORETICAL FRAMEWORK FOR MODELLING AND
SIMULATING SECURITY PROTOCOLS
  • Frantz. Iwu
  • Richard Zobel

Department of Computer Science University of
Manchester
2
Studied Problem
  • Objective of this work to model and simulate
    cryptographic protocols using Agent-Based
    Simulation
  • Interests
  • agents-based simulation, cryptographic
    protocols,cryptographic protocol validation
  • Main Requirements
  • modelling cryptographic protocol behaviour and
    interaction
  • a generic framework for cryptographic protocol
    simulation
  • determining the correctness and efficiency of the
    design using simulation

3
Summary
  • Setting the scene
  • DEV agent framework
  • The simulation model
  • Evaluating the Protocol Design
  • Conclusion and Perspectives

4
Summary
  • Setting the scene
  • DEV agent framework
  • The simulation model
  • Evaluating the Protocol Design
  • Conclusion and Perspectives

5
Setting the scene
  • Cryptographic protocols are designed to provide
    security services
  • Research has shown that a good number of these
    protocols are flawed
  • lack of proper universally accepted technique and
    methodology for analysing protocols
  • weaknesses are not due to the underlying
    cryptographic algorithms but are as a result of
    logical errors.

6
Setting the scene
  • Several methods have been proposed
  • specification languages and verification tools
    Varadharajan, 1990
  • modal logic, expert systems, algebraic reasoning,
    and model-based approaches Nieh, 1992 Gong,
    1990 Burrows, 1990.
  • An approach to reasoning about protocol is
    proposed and it involves
  • the use of agent models to characterises how
    principals interact

7
Setting the scene
  • to describe how messages are sent and received
  • what messages a particular agent can assemble and
    transmit
  • the actions an agent can perform at a particular
    time
  • the use of simulation framework in modelling the
    activities of these agents.
  • These characterisations form the bases for asking
    security related questions such as
  • what are the possibilities of security
    compromises

8
Setting the scene
  • The proposed approach requires
  • first, a conceptual model of the system needs to
    be designed in (DEVS) formalism
  • second, there is a need to design a simulation
    model, which enables agents to react and respond
    to events such as an intruder activity
  • finally, the Needham-Schroeder and DSE Transfer
    (DSET) protocols are considered using this
    approach

9
Summary
  • Setting the scene
  • DEV Agent Framework
  • The Simulation Model
  • Evaluating the Protocol Design
  • Conclusion and Perspectives

10
DEV Agent Framework
  • Discrete Event System Specification (DEVS)
  • this is a system based simulation tool that
    provides expandability with modular and
    hierarchical features and flexibility
  • DEVS framework consists of
  • the real system (the protocol to be simulated)
  • the model
  • the simulator
  • There are two relations
  • modelling relation
  • simulation relation

11
DEV Agent Framework
  • In the DEVS formalism, there are two models to be
    specified
  • atomic model must contain
  • set of input ports,set of output ports
  • set of state variables and parameters
  • internal transition,external transition
  • output function
  • coupled model must contain
  • set of components
  • set of input ports, set of output ports
  • coupling specification

12
DEV Agent Framework
  • Modelling with DEVS involves
  • outline the function
  • identify the input events
  • identify internal states
  • identify output events

13
Summary
  • Setting the scene
  • DEV Agent Framework
  • The Simulation Model
  • Evaluating the Protocol Design
  • Conclusion and Perspectives

14
The Simulation Model
  • A simple protocol model
  • the aim is to convey the session key Kab
  • and data from agent A to agent B
  • agent A makes initial request to agent S
  • agent S provides agent A with key and
  • data(key) encrypted with agent B's key.
  • agent A sends the data to agent B who decrypts
    the data and stores the session key

15
The Simulation Model
16
The Simulation Model
  • Needham-Schroeder protocol
  • message 1 A ? SA, B, Na
  • message 2 S ? ANa, B, Kab, Kab, AKbs Kas
  • message 3 A? B Kab, AKbs
  • message 4 B ? A NbKab
  • message 5 A ? B Nb -1Kab

17
The Simulation Model
  • Needham-Schroeder protocol

18
The Simulation Model
  • DSE transfer (DSET) protocol
  • message 1 B ? S B,Rb, Tb, dkb, SL, Hbkbs
  • message 2 A ? S A, Ra, Ta, SL, Hbkas
  • message 3 S ? A Tb, dkbkas, Kb-1

19
The Simulation Model
  • DSE transfer (DSET) protocol

20
The Simulation Model
21
Summary
  • Setting the scene
  • DEV Agent Framework
  • The Simulation Model
  • Evaluating the Protocol Design
  • Conclusion and Perspectives

22
Evaluating the Protocol Design
  • Prototyping the Agent Model
  • the dynamics of the DEVS models were implemented
    using Simplex3
  • Attack Model Description includes
  • attempt to subvert the protocols objective by
    defeating the manner in which such mechanisms are
    combined
  • impersonation where the attack agent attempts to
    play the role of the sender or receiver
  • message interception where message content is
    modified.
  • agents could be simulated with this capability
    and other known security breaches

23
Summary
  • Setting the scene
  • DEV Agent Framework
  • The Simulation Model
  • Evaluating the Protocol Design
  • Conclusion and Perspectives

24
Conclusion and Perspectives
  • Main Points and Originalities
  • when complete will provide a benchmark for
    testing the security of a protocol with the hope
    of uncovering any potential failures in the
    design
  • the attack model should be capable of performing
    a number of attack scenarios
  • ability to send messages but not read messages
    that are not addressed to it
  • ability to send and read messages but not block
    messages
  • ability to send, read and block messages but
    could not replace the blocked messages with other
    messages
  • other capabilities

25
Conclusion and Perspectives
  • Summary
  • a framework, which utilises the merits of
  • agent-based and
  • simulation technologies for analysing
    cryptographic protocols has been proposed.
  • this approach is based on simulating an
    environment appropriate for describing
  • the DSE transfer protocol
  • the Needham Schroeder protocol
  • other known protocols
  • the environment allows agents to
  • interact amongst themselves and
  • react to external activities such as an intruder
    attack.
  • potentially useful for examining security flaws
    in protocol simulation.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "A THEORETICAL FRAMEWORK FOR MODELLING AND SIMULATING SECURITY PROTOCOLS" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!