Security Models
Nowadays security is one of the main concern. In a first part we present historical and modern cryptographic mechanisms. After we describe existing models for evaluation the security of cryptographic primitives presented. Then we see how it is possible to use these primitives in order to ensure secure communication over unsecure channels and in an hostile environment, i.e. in presence of an intruder controlling the communication. In order to prove the security or to discover flaws of such protocols we present existing verification technique. We start by the simple case, meaning the passive intruder that can only listen the network. Then we consider the case of an active intruder that can also play and replay some messages. Finally we survey the different models existing in order to obtain a secure access control and we give some hints for programmers by presenting non-interference and side channels attacks.
- 5 Lectures of 2h
- 5 Exercices sessions of 2h
- 1 Practical session of 2h
Planning
- Lecture 1: Friday 15 January 2021, 13h30 - 15h30 (P. Lafourcade)
- Exercice Session 1: Friday 15 January 2021, 15h30 - 17h30 (L. Robert)
- Lecture 2: Friday 22 January 2021, 13h30 - 15h30 (P. Lafourcade)
- Exercice Session 2: Friday 22 January 2021, 15h30 - 17h30 (L. Robert)
- Lecture 3: Friday 29 January 2021, 13h30 - 15h30 (P. Lafourcade)
- Exercice Session 3: Friday 29 January 2021, 15h30 - 17h30 (L. Robert)
- Lecture 4: Friday 5 February 2021, 13h30 - 15h30 (P. Lafourcade)
- Exercice Session 4: Friday 5 February 2021, 15h30 - 17h30 (L. Robert)
- Lecture 5: Friday 12 February 2021, 13h30 - 15h30 (P. Lafourcade)
- Exercice Session 5: Friday 12 February 2021, 15h30 - 17h30 (L. Robert)
- Practical Session: Friday 26 February 2021, 13h30 (L. Robert)
- Use full files for practical session: protocol1.spdl protocol2.spdl needham.horn
Tools
- Scyther
- Proverif
- AVISPA
For Avispa export the following variables in a terminal in your home for personal installation on your computer- export AVISPA_PACKAGE=/usr/local/avispa-1.1
- export PATH=$PATH:$AVISPA_PACKAGE
avispa /usr/local/avispa-1.1/testsuite/hlpsl/EKE.hlpsl --ofmc
AVISPA package if you want to install it on your personal computer Avispa1.1