Deduction with XOR Constraints in Security API Modelling
Conference paper
- 9 Citations
- 375 Downloads
Abstract
We introduce XOR constraints, and show how they enable a theorem prover to reason effectively about security critical subsystems which employ bitwise XOR. Our primary case study is the API of the IBM 4758 hardware security module. We also show how our technique can be applied to standard security protocols.
Keywords
Application Program Interface Security Protocol Automate Deduction Proof Search Electronic Payment
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Preview
Unable to display preview. Download preview PDF.
References
- 1.Antoniou, G., Ohlbach, H.J.: TERMINATOR. In: International Joint Conference on Artificial Intelligence, pp. 916–919 (1983)Google Scholar
- 2.Bachmair, L., Ganzinger, H., Lynch, C., Snyder, W.: Basic paramodulation and superposition. In: Kapur, D. (ed.) CADE 1992. LNCS, vol. 607, pp. 462–476. Springer, Heidelberg (1992)Google Scholar
- 3.Basin, D., Mödersheim, S., Viganò, L.: An on-the-fly model-checker for security protocol analysis. In: Proceedings of the, European Symposium on Research in Computer Security, pp. 253–270, Extended version available as Technical Report 404, ETH Zurich (2003)Google Scholar
- 4.Bond, M.: Understanding Security APIs. PhD thesis, University of Cambridge (2004)Google Scholar
- 5.Bond, M., Anderson, R.: API level attacks on embedded systems. IEEE Computer Magazine, 67–75 (October 2001)Google Scholar
- 6.Bundy, A. (ed.): CADE 1994. LNCS, vol. 814. Springer, Heidelberg (1994)zbMATHGoogle Scholar
- 7.Chevalier, Y., Küsters, R., Rusinowitch, M., Turuani, M.: An NP decision procedure for protocol insecurity with XOR. In: Kolaitis [15], pp. 261–270Google Scholar
- 8.Chevalier, Y., Vigneron, L.: Automated unbounded verification of security protocols. In: Brinksma, E., Larsen, K.G. (eds.) CAV 2002. LNCS, vol. 2404, pp. 324–337. Springer, Heidelberg (2002)CrossRefGoogle Scholar
- 9.Clulow, J.: The design and analysis of cryptographic APIs for security devices. Master’s thesis, University of Natal, Durban (2003)Google Scholar
- 10.Comon-Lundh, H., Shmatikov, V.: Intruder deductions, constraint solving and insecurity decision in presence of exclusive or. In: Kolaitis [15], pp. 271–281Google Scholar
- 11.Delaune, S., Jacquemard, F.: A decision procedure for the verification of security protocols with explicit destructors. In: CCS 2004: Proceedings of the 11th ACM conference on Computer and communications security, pp. 278–287. ACM Press, New York (2004)CrossRefGoogle Scholar
- 12.Ganapathy, V., Seshia, S.A., Jha, S., Reps, T.W., Bryant, R.E.: Automatic discovery of API-level exploits. In: ICSE 2005: Proceedings of the 27th International Conference on Software Engineering, New York, NY, USA, May 2005, pp. 312–321. ACM Press, New York (2005)CrossRefGoogle Scholar
- 13.Godoy, G., Nieuwenhuis, R.: Superposition with completely built-in abelian groups. J. Symb. Comput. 37(1), 1–33 (2004)zbMATHCrossRefMathSciNetGoogle Scholar
- 14.Jacquemard, F., Rusinowitch, M., Vigneron, L.: Compiling and verifying security protocols. In: Parigot, M., Voronkov, A. (eds.) LPAR 2000. LNCS (LNAI), vol. 1955, pp. 131–160. Springer, Heidelberg (2000)CrossRefGoogle Scholar
- 15.Kolaitis, P.G.: Proceedings 18th IEEE Symposium on Logic in Computer Science (LICS 2003), Ottawa, Canada, June 22-25. IEEE Computer Society, Los Alamitos (2003)Google Scholar
- 16.Longley, D., Rigby, S.: An automatic search for security flaws in key management schemes. Computers and Security 11(1), 75–89 (1992)CrossRefGoogle Scholar
- 17.Lowe, G.: An attack on the Needham-Schroeder public-key authentication protocol. Information Processing Letters 56(3), 131–133 (1995)zbMATHCrossRefGoogle Scholar
- 18.Lowe, G.: Breaking and fixing the Needham Schroeder public-key protocol using FDR. In: Proceedings of TACAS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996)Google Scholar
- 19.Millen, J.K.: On the freedom of decryption. Inf. Process. Lett. 86(6), 329–333 (2003)zbMATHCrossRefMathSciNetGoogle Scholar
- 20.Nieuwenhuis, R., Rubio, A.: Theorem proving with ordering constrained clauses. In: Kapur, D. (ed.) CADE 1992. LNCS, vol. 607, pp. 477–491. Springer, Heidelberg (1992)Google Scholar
- 21.R. Nieuwenhuis and A. Rubio. AC-superposition with constraints: No AC-unifiers needed. In: Bundy [6], pages 545–559.Google Scholar
- 22.Nieuwenhuis, R., Rubio, A.: Paramodulation-based theorem proving. In: Robinson, J.A., Voronkov, A. (eds.) Handbook of Automated Reasoning, pp. 371–443. Elsevier and MIT Press (2001)Google Scholar
- 23.Paulson, L.C.: The Inductive Approach to Verifying Cryptographic Protocols. Journal of Computer Security 6, 85–128 (1998)Google Scholar
- 24.Steel, G.: Visualising first-order proof search. In: Workshop on User Interfaces for Theorem Provers (UITP 2005), Edinburgh, Scotland, April 2005, pp. 179–189 (2005)Google Scholar
- 25.Vigneron, L.: Associative-commutative deduction with constraints. In: Bundy [6], pp. 530–544Google Scholar
- 26.Weidenbach, C., et al.: System description: Version 1.0.0. In: Ganzinger, H. (ed.) CADE 1999. LNCS (LNAI), vol. 1632, pp. 378–382. Springer, Heidelberg (1999)CrossRefGoogle Scholar
Copyright information
© Springer-Verlag Berlin Heidelberg 2005