The Experts below are selected from a list of 303 Experts worldwide ranked by ideXlab platform
Peter Sewell - One of the best experts on this subject based on the ideXlab platform.
-
not quite so broken tls lessons in re engineering a security Protocol Specification and implementation
USENIX Security Symposium, 2015Co-Authors: David Kalopermersinjak, Hannes Mehnert, Anil Madhavapeddy, Peter SewellAbstract:Transport Layer Security (TLS) implementations have a history of security flaws. The immediate causes of these are often programming errors, e.g. in memory management, but the root causes are more fundamental: the challenges of interpreting the ambiguous prose Specification, the complexities inherent in large APIs and code bases, inherently unsafe programming choices, and the impossibility of directly testing conformance between implementations and the Specification. We present nqsb-TLS, the result of our re-engineered approach to security Protocol Specification and implementation that addresses these root causes. The same code serves two roles: it is both a Specification of TLS, executable as a test oracle to check conformance of traces from arbitrary implementations, and a usable implementation of TLS; a modular and declarative programming style provides clean separation between its components. Many security flaws are thus excluded by construction. nqsb-TLS can be used in standalone Unix applications, which we demonstrate with a messaging client, and can also be compiled into Xen unikernels (specialised virtual machine image) with a trusted computing base (TCB) that is 4% of a standalone system running a standard Linux/OpenSSL stack, with all network traffic being handled in a memory-safe language; this supports applications including HTTPS, IMAP, Git, and Websocket clients and servers. Despite the dual-role design, the high-level implementation style, and the functional programming language we still achieve reasonable performance, with the same handshake performance as OpenSSL and 73% - 84% for bulk throughput.
-
USENIX Security Symposium - Not-quite-so-broken TLS: lessons in re-engineering a security Protocol Specification and implementation
2015Co-Authors: David Kaloper-meršinjak, Hannes Mehnert, Anil Madhavapeddy, Peter SewellAbstract:Transport Layer Security (TLS) implementations have a history of security flaws. The immediate causes of these are often programming errors, e.g. in memory management, but the root causes are more fundamental: the challenges of interpreting the ambiguous prose Specification, the complexities inherent in large APIs and code bases, inherently unsafe programming choices, and the impossibility of directly testing conformance between implementations and the Specification. We present nqsb-TLS, the result of our re-engineered approach to security Protocol Specification and implementation that addresses these root causes. The same code serves two roles: it is both a Specification of TLS, executable as a test oracle to check conformance of traces from arbitrary implementations, and a usable implementation of TLS; a modular and declarative programming style provides clean separation between its components. Many security flaws are thus excluded by construction. nqsb-TLS can be used in standalone Unix applications, which we demonstrate with a messaging client, and can also be compiled into Xen unikernels (specialised virtual machine image) with a trusted computing base (TCB) that is 4% of a standalone system running a standard Linux/OpenSSL stack, with all network traffic being handled in a memory-safe language; this supports applications including HTTPS, IMAP, Git, and Websocket clients and servers. Despite the dual-role design, the high-level implementation style, and the functional programming language we still achieve reasonable performance, with the same handshake performance as OpenSSL and 73% - 84% for bulk throughput.
Elie Najm - One of the best experts on this subject based on the ideXlab platform.
-
Erratum to: Formal Description Techniques and Protocol Specification, Testing and Verification
IFIP Advances in Information and Communication Technology, 2017Co-Authors: Stan Budkowski, Ana Cavalli, Elie NajmAbstract:Erratum to: S. Budkowski et al. (Eds.) Formal Description Techniques and Protocol Specification, Testing and Verification DOI: 10.1007/978-0-387-35394-4
-
Formal Description Techniques and Protocol Specification, Testing and Verification: FORTE XI/PSTV XVIII'98 IFIP TC6 WG6.1 Joint International ... in Information and Communication Technology)
2013Co-Authors: Stan Budkowski, Ana Cavalli, Elie NajmAbstract:Formal Description Techniques and Protocol Specification, Testing and Verification addresses formal description techniques (FDTs) applicable to distributed systems and communication Protocols. It aims to present the state of the art in theory, application, tools and industrialization of FDTs. Among the important features presented are: FDT-based system and Protocol engineering; FDT-application to distributed systems; Protocol engineering; Practical experience and case studies. Formal Description Techniques and Protocol Specification, Testing and Verification comprises the proceedings of the Joint International Conference on Formal Description Techniques for Distributed Systems and Communication Protocols and Protocol Specification, Testing and Verification, sponsored by the International Federation for Information Processing, held in November 1998, Paris, France. Formal Description Techniques and Protocol Specification, Testing and Verification is suitable as a secondary text for a graduate-level course on Distributed Systems or Communications, and as a reference for researchers and practitioners in industry.
-
Proceedings of the FIP TC6 WG6.1 Joint International Conference on Formal Description Techniques for Distributed Systems and Communication Protocols (FORTE XI) and Protocol Specification, Testing and Verification (PSTV XVIII)
1998Co-Authors: Stan Budkowski, Ana Cavalli, Elie NajmAbstract:From the Publisher: Formal Description Techniques and Protocol Specification, Testing and Verification addresses formal description techniques (FDTs) applicable to distributed systems and communication Protocols. It aims to present the state-of-the-art in theory, application, tools and industrialization of FDTs. Formal Description Techniques and Protocol Specification, Testing and Verification compiles the proceedings of the Joint International Conference on Formal Description Techniques for Distributed Systems and Communication Protocols and Protocol Specification, Testing and Verification, sponsored by the International Federation for Information Processing and was held in November 1998, Paris, France. Formal Description Techniques and Protocol Specification, Testing and Verification is suitable as a secondary text for a graduate level course on Distributed Systems or Communications, and as a reference for researchers and practitioners in industry.
David Lee - One of the best experts on this subject based on the ideXlab platform.
-
a model based approach to security flaw detection of network Protocol implementations
International Conference on Network Protocols, 2008Co-Authors: Yating Hsu, Guoqiang Shu, David LeeAbstract:A lot of efforts have been devoted to the analysis of network Protocol Specification for reliability and security properties using formal techniques. However, faults can also be introduced during system implementation; it is indispensable to detect Protocol implementation flaws, yet due to the black-box nature of Protocol implementation and the unavailability of Protocol Specification most of the approaches resort to random or manual testing. In this paper we propose a model-based approach for security flaw detection of Protocol implementation with a high fault coverage, measurability, and automation. Our approach first synthesizes an abstract behavioral model from a Protocol implementation and then uses it to guide the testing process for detecting security and reliability flaws. For Protocol Specification synthesis we reduce the problem a trace minimization with a finite state machine model and an efficient algorithm is presented for state space reduction. Our method is implemented and applied to real network Protocols. Guided by the synthesized model our testing tool reveals a number of unknown reliability and security issues by automatically crashing the implementations of the Microsoft MSN instant messaging (MSNIM) Protocol. Analytical comparison between our model-based and prevalent syntax-based flaw detection schemes is also provided with the support of experimental results.
-
ICNP - Protocol Specification using parameterized communicating extended finite state machines-a case study of the ATM ABR rate control scheme
Proceedings of 1996 International Conference on Network Protocols (ICNP-96), 1Co-Authors: David Lee, K.k. Ramakrishnan, W.m. Moh, A.u. ShankarAbstract:Formal Specifications are indispensible for computer-aided verification and testing of communication Protocols. However, a large number of the practical Protocols, including ATM, have only informal Specifications mostly in English. There an no general procedures to derive formal Specifications from such informal Specifications. As a case study, we consider an important Protocol Specification-ATM's available bit rate (ABR) service Specification. The ABR source/destination policies have been specified using an English description in the main body of the ATM Forum's draft traffic management Specification from which it is hard to conduct a formal analysis. Furthermore, while considerable energy has been spent in providing a reasonably precise Specification, while allowing for appropriate implementation latitude, an English description still has the potential for different interpretations. We model the Protocol by parametrized communicating extended finite state machines with timers, which is often called a transitions system, and present a formal Specification by transitions of the system. We also provide insights gained in the derivation of the formal Specification. Furthermore, we introduce a scheduler involved in transmitting queued cells at the allowed cell rate to meet the minimal requirements from the source and destination Protocols. We present the transitions for the source/destination/scheduler machines, primarily for transmitting cells in-rate.
David Kalopermersinjak - One of the best experts on this subject based on the ideXlab platform.
-
not quite so broken tls lessons in re engineering a security Protocol Specification and implementation
USENIX Security Symposium, 2015Co-Authors: David Kalopermersinjak, Hannes Mehnert, Anil Madhavapeddy, Peter SewellAbstract:Transport Layer Security (TLS) implementations have a history of security flaws. The immediate causes of these are often programming errors, e.g. in memory management, but the root causes are more fundamental: the challenges of interpreting the ambiguous prose Specification, the complexities inherent in large APIs and code bases, inherently unsafe programming choices, and the impossibility of directly testing conformance between implementations and the Specification. We present nqsb-TLS, the result of our re-engineered approach to security Protocol Specification and implementation that addresses these root causes. The same code serves two roles: it is both a Specification of TLS, executable as a test oracle to check conformance of traces from arbitrary implementations, and a usable implementation of TLS; a modular and declarative programming style provides clean separation between its components. Many security flaws are thus excluded by construction. nqsb-TLS can be used in standalone Unix applications, which we demonstrate with a messaging client, and can also be compiled into Xen unikernels (specialised virtual machine image) with a trusted computing base (TCB) that is 4% of a standalone system running a standard Linux/OpenSSL stack, with all network traffic being handled in a memory-safe language; this supports applications including HTTPS, IMAP, Git, and Websocket clients and servers. Despite the dual-role design, the high-level implementation style, and the functional programming language we still achieve reasonable performance, with the same handshake performance as OpenSSL and 73% - 84% for bulk throughput.
Hannes Mehnert - One of the best experts on this subject based on the ideXlab platform.
-
not quite so broken tls lessons in re engineering a security Protocol Specification and implementation
USENIX Security Symposium, 2015Co-Authors: David Kalopermersinjak, Hannes Mehnert, Anil Madhavapeddy, Peter SewellAbstract:Transport Layer Security (TLS) implementations have a history of security flaws. The immediate causes of these are often programming errors, e.g. in memory management, but the root causes are more fundamental: the challenges of interpreting the ambiguous prose Specification, the complexities inherent in large APIs and code bases, inherently unsafe programming choices, and the impossibility of directly testing conformance between implementations and the Specification. We present nqsb-TLS, the result of our re-engineered approach to security Protocol Specification and implementation that addresses these root causes. The same code serves two roles: it is both a Specification of TLS, executable as a test oracle to check conformance of traces from arbitrary implementations, and a usable implementation of TLS; a modular and declarative programming style provides clean separation between its components. Many security flaws are thus excluded by construction. nqsb-TLS can be used in standalone Unix applications, which we demonstrate with a messaging client, and can also be compiled into Xen unikernels (specialised virtual machine image) with a trusted computing base (TCB) that is 4% of a standalone system running a standard Linux/OpenSSL stack, with all network traffic being handled in a memory-safe language; this supports applications including HTTPS, IMAP, Git, and Websocket clients and servers. Despite the dual-role design, the high-level implementation style, and the functional programming language we still achieve reasonable performance, with the same handshake performance as OpenSSL and 73% - 84% for bulk throughput.
-
USENIX Security Symposium - Not-quite-so-broken TLS: lessons in re-engineering a security Protocol Specification and implementation
2015Co-Authors: David Kaloper-meršinjak, Hannes Mehnert, Anil Madhavapeddy, Peter SewellAbstract:Transport Layer Security (TLS) implementations have a history of security flaws. The immediate causes of these are often programming errors, e.g. in memory management, but the root causes are more fundamental: the challenges of interpreting the ambiguous prose Specification, the complexities inherent in large APIs and code bases, inherently unsafe programming choices, and the impossibility of directly testing conformance between implementations and the Specification. We present nqsb-TLS, the result of our re-engineered approach to security Protocol Specification and implementation that addresses these root causes. The same code serves two roles: it is both a Specification of TLS, executable as a test oracle to check conformance of traces from arbitrary implementations, and a usable implementation of TLS; a modular and declarative programming style provides clean separation between its components. Many security flaws are thus excluded by construction. nqsb-TLS can be used in standalone Unix applications, which we demonstrate with a messaging client, and can also be compiled into Xen unikernels (specialised virtual machine image) with a trusted computing base (TCB) that is 4% of a standalone system running a standard Linux/OpenSSL stack, with all network traffic being handled in a memory-safe language; this supports applications including HTTPS, IMAP, Git, and Websocket clients and servers. Despite the dual-role design, the high-level implementation style, and the functional programming language we still achieve reasonable performance, with the same handshake performance as OpenSSL and 73% - 84% for bulk throughput.