Advertisement

Daemones Non Operantur Nisi Per Artem

Daemons Do Not Operate Save Through Trickery: Human Tailored Threat Models for Formal Verification of Fail-Safe Security Ceremonies
  • Taciane Martimiano
  • Jean Everson Martina
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11286)

Abstract

In this paper we argue that we must impoverish (or enrich in a different sense) threat models in order to be able to verify fail-safe security protocols that include human peers (a.k.a. security ceremonies). Some of the threat models we use nowadays for establishing the security of communication protocols are far too much concerned with failing deadly and do not encompass subtleties of the real world. Security is then maintained at all costs, especially in the presence of human constraints and expectations. Our position is that we must assume omnipresent and omnipotent evil beings (daemons) do not exist in order to be able to verify fail-safe security protocols that include human peers. We show how a popular security ceremony could be made fail-safe assuming a weaker threat model and compensating for that with usability. We also discuss the impact of our work for formal verification techniques and how they can be expanded for security ceremonies.

Keywords

Threat models Security ceremonies Formal verification Fail-safe security ceremonies Human-peer security protocols 

References

  1. 1.
    Arsac, W., Bella, G., Chantry, X., Compagna, L.: Multi-attacker protocol validation. J. Autom. Reason. 46(3–4), 353–388 (2011)MathSciNetCrossRefGoogle Scholar
  2. 2.
    Bella, G., Curzon, P., Giustolisi, R., Lenzini, G.: A socio-technical methodology for the security and privacy analysis of services. In: COMPSACW (2014)Google Scholar
  3. 3.
    Bella, G., Christianson, B., Viganò, L.: Invisible security. In: Anderson, J., Matyáš, V., Christianson, B., Stajano, F. (eds.) Security Protocols 2016. LNCS, vol. 10368, pp. 1–9. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-62033-6_1CrossRefGoogle Scholar
  4. 4.
    Bella, G., Coles-Kemp, L.: Layered analysis of security ceremonies. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds.) SEC 2012. IAICT, vol. 376, pp. 273–286. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-30436-1_23CrossRefGoogle Scholar
  5. 5.
    Carlos, M.C., Martina, J., Price, G., Custodio, R.F.: An updated threat model for security ceremonies. In: Proceedings of the 28th Annual ACM Symposium on Applied Computing, SAC 2013, pp. 1836–1843. ACM, New York (2013)Google Scholar
  6. 6.
    Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)MathSciNetCrossRefGoogle Scholar
  7. 7.
    Ellison, C.: Ceremony design and analysis. Cryptology ePrint Archive, Report 2007/399, October (2007)Google Scholar
  8. 8.
    Martimiano, T., Martina, J.E.: Threat modelling service security as a security ceremony. In: 2016 11th International Conference on Availability, Reliability and Security (ARES), pp. 195–204, August 2016Google Scholar
  9. 9.
    Martina, J.E., Carlos, M.C.: Why should we analyse security ceremonies? In: First CryptoForma workshop, May 2010Google Scholar
  10. 10.
    Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Commun. ACM 21(12), 993–999 (1978)CrossRefGoogle Scholar
  11. 11.
    Roscoe, A.W.: Detecting failed attacks on human-interactive security protocols (transcript of discussion). In: Anderson, J., Matyáš, V., Christianson, B., Stajano, F. (eds.) Security Protocols 2016. LNCS, vol. 10368, pp. 198–205. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-62033-6_22CrossRefGoogle Scholar
  12. 12.
    Weidenbach, C.: SPASS input syntax version 1.5. Max-Planck-Institut fur Informatik (2007)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.Programa de Pós-Graduação em Ciência da Computação, Departamento de Informática e EstatísticaUniversidade Federal de Santa CatarinaFlorianópolisBrazil

Personalised recommendations