Colloquium: Verification of Cryptographic Protocols

Date: 
Friday, January 15, 2016 - 12:00pm
Location: 
Lab 2113

BIO

Reiner Dojen obtained his Bachelor of Engineering in Germany. This was followed with his Master of Engineering and PhD from the University of Limerick, where he is now teaching for over 15 years. He was introduced to cyber security as part of his Bachelor final year project and has been fascinated by its evolution ever since.

His research interest currently focusses on the development and verification of cryptographic security protocols and automated reasoning.

Research contributions to-date include verification of various cryptographic protocols, discovery of hitherto unknown protocol flaws and development of novel techniques and tools for the automated verification of cryptographic protocols. Reiner has published over 50 papers in various aspects of cyber security.

Abstract: Verification of Cryptographic Protocols

The security of electronic networks and information systems is a critical issue for the use of new technologies in all fields of life – particularly, as nowadays mobile and fixed networks are trusted with highly sensitive information. Thus, cryptographic protocols are required to ensure the security of both the infrastructure itself and the information that runs through it. These security protocols can be thought of as the keystones of any security architecture.

Cryptographic protocols are vulnerable to a host of subtle attacks, such as freshness attacks, interleaved session attacks and man-in-middle attacks. However, the design of cryptographic protocols immune to such attack is a highly complex and error-prone process. This is particularly evident from the surprisingly large number of published protocols, which have later been found to contain various flaws, in many cases several years after the original publication. The cost of errors or weaknesses in security systems can be very expensive, with an accompanying loss of confidence by the users of the system.

It has been shown that the use of informal or intuitive methods is insufficient to ensure the correctness of security protocols. Formal verification centred development processes for security protocols must be used to reveal any potential exploitable weaknesses in a systematic and thorough way. Thus, the risk of using faulty protocols is significantly reduced and the confidence in the security of the designed protocol is greatly increased.

This presentation will introduce security protocols and their verification. By way of case-studies, a close look will be taken at the reasons why security protocols may fail. Also, techniques and tools that enable protocol developers (or users of protocols) to detect such protocol failures will be discussed.

News

Ph.D. Thesis Defense

Thu, November, 17 2016

Ph.D defense. Anitie Andy Thesis Advisor: Dr. Robert Rwebangira Nove. 23, 2016 LKD - Room 2119Read More >>

Microsoft College Code Competition: CODE. EAT. WIN.

Tue, November, 15 2016

Microsoft College Code Competition CODE. EAT. WIN. Bring your laptop, charger, and up to two friends for your chance to win a $150 gift card or other great prizes. No Purchase Necessary. Open only to students 18+. For Official Rules and a full list of events, see MSFT3C.com.Read More >>

Events

No Events