A Protocol’s Life After Attacks...

摘要

I am going to be speaking about protocol verification again; I’m going to take a rather different perspective from the one we normally take, and I’ll be talking about what happens after an attack takes place. Is there a life for a protocol beyond the attacks? We all know about verification. On the one hand we have the model checking community trying to find a witness of an attack, trying to find if something went wrong and why the specific property of interest failed. On the other hand we have the opposite approach, assuring that there’s no such witness therefore the specific property holds. But the question here is, is this the whole story? It appears that everything is about finding the attack: is there an attack, is there no attack against confidentiality or authentication? It appears kind of weird. Is it only the attack we are really interested in? Is this really all we should look at? I’ll try and convince you that there’s something more. So, let’s suppose for a minute we own a jewellers, and one day we find that the main window has been completely smashed by someone. In the worst case there is no-one around and basically all we can do is suspect anyone, any passer-by, because there’s really no evidence against anyone. If we’re luckier, we could find the people there while they’re still at work carrying away the stuff. Basically we detect who actually mounted the attack and we’re kind of happy with that, as we’re sure who the attacker is because we saw them. But we can even do more than that, maybe we have time to call the police, and the attackers will be caught, punished, and sent to jail, so we basically retaliate against them. If you move this to a different context perhaps retaliating means that I go up to the attacker’s window and smash the window. Anyway, this is just a general notion of punishment and retaliation. This is certainly about the best we can do. This line attempts to convince us that there are some measures we normally take after an attack takes place in the real world. So the idea here is to apply these very same concepts to the world of security protocols and see what we can get out of it.