Worcester Polytechnic Institute (WPI)

 

How to Break a Protocol

 

Joshua D. Guttman

The MITRE Corporation

 

January 18th , 2008
11:00 a.m. - 12:00 p.m.
Fuller Labs 320

Cryptographic protocols are short sequences of messages that use cryptography.  SSL (the Secure Socket Layer protocol) and SSH (the Secure Shell protocol) are widely used examples.  Principals use cryptographic protocols to authenticate each other and to agree on new shared secrets.

Hence, protocols are fundamental to security in electronic commerce and networked systems generally.

However, it is tricky to be sure what a protocol achieves, even if it is implemented with the strongest cryptography.

It needs to work even if an attacker actively creates, modifies, or misdirects messages.  The attacker may invoke additional protocol sessions, splicing their results together to make an attack succeed.  Published attacks often look mysterious.

In this talk, we primarily take the attacker's point of view, providing a systematic view of how to find attacks.

We describe how to manipulate the protocol itself into producing the message ingredients that we need to dupe a legitimate protocol participant.  We also briefly reverse the point of view, indicating how many of the same ideas can help us find proofs that sound protocols allow no attacks.

Joint work with F. Javier Thayer and Jonathan C. Herzog.

 

_____

Joshua D Guttman is Senior Principal Scientist at The MITRE Corporation, where he has worked since 1984.  Dr. Guttman has specialized in information security, particularly application of logical techniques to information security. He has published extensively on the design and verification of cryptographic protocols.  He has also published work on

filtering routers, the IP security protocols, trust management, and operating system security.  He has also written on mechanized reasoning and on compiler verification. Educated at Princeton and the University of Chicago (PhD, 1984), Dr Guttman has served on many program committees, and has chaired the Computer Security Foundations Workshop and the Workshop on Issues in the Theory of Security.  He is a founding member of IFIP WG 1.7, Theoretical Foundations of Security Analysis and Design.

Host: Prof. Daniel Dougherty

Refreshments will be served

 

 

 

 

Maintained by webmaster@cs.wpi.edu
Last modified: Jan 11 2008

[WPI][Home][Top]

Department of Computer Science - Worcester Polytechnic Institute
100 Institute Road, Worcester, MA 01609-2280
Phone: +1-508-831-5357 - Fax: +1-508-831-5776 - cs@wpi.edu