![Page 1: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/1.jpg)
Scyther Tool: Verifying of security protocols
Course 1
Nour EL MADHOUN
1
![Page 2: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/2.jpg)
Outline
• Cryptography: overview
• Introduction to the Scyther tool
2
![Page 3: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/3.jpg)
What is Cryptography ?
• Cryptography = the science (art) of encryption
• Cryptanalysis = the science (art) of breaking encryption
• Cryptology = cryptography + cryptanalysis
3
![Page 4: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/4.jpg)
Security Attacks
4
• Passive attacks
– Obtain message contents
– Monitoring traffic flows
• Active attacks
– Replay previous messages
– Modify messages in transmit
– Add, delete messages
– Denial of service
![Page 5: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/5.jpg)
Cryptography Goals (Security Properties)
5
• Confidentiality (Secrecy):
Prevent Z from intercepting and read the message content
Only the Alice and Bob should be able to understand the contents
of the transmitted message
Alice Bob
Attacker (Z)
Insecure Channel
![Page 6: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/6.jpg)
6
• Authentication:
Prevent Z from impersonating Alice Or Bob
Both Alice and Bob need to confirm the identity of other party
involved in the communication
Alice must authenticate himself to Bob
Bob must authenticate himself to Alice
Alice Bob
Attacker (Z)
Insecure Channel
Cryptography Goals (Security Properties)
![Page 7: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/7.jpg)
7
• Data Integrity:
Prevent Z from modifying the message content
The content of their communication is not altered, either maliciously
or by accident, in transmission
Alice Bob
Attacker (Z)
Insecure Channel
Cryptography Goals (Security Properties)
![Page 8: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/8.jpg)
8
• Non-repudiation:
An entity (Alice or Bob) is prevented from denying its previous
commitments or actions
Alice Bob
Attacker (Z)
Insecure Channel
Cryptography Goals (Security Properties)
![Page 9: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/9.jpg)
9
How to ensure these security properties during a
communication between Alice & Bob ?
Alice Bob
Attacker (Z)
Insecure Channel
Cryptography Goals (Security Properties)
![Page 10: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/10.jpg)
10
Cryptographic Functions
• Secret key functions (Symmetric Cryptography)
• Public key functions (Asymmetric Cryptography)
• Hash functions
![Page 11: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/11.jpg)
• Using a single key for encryption/decryption
• The plaintext and the ciphertext having the same size
• Also called symmetric key cryptography
plaintext
ciphertext plaintext
ciphertext
decryption
encryption
key
11
Symmetric cryptography
![Page 12: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/12.jpg)
12
Symmetric cryptography
![Page 13: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/13.jpg)
13
Symmetric cryptography
– Confidentiality: Prevent attackers from eavesdropping, only the entities knowing the key can decrypt it
– Authentication: Alice proves to Bob that she knows the Key
Alice Bob
r A
rA encrypted with KA,B
challenge
response
r B
rB encrypted with KA,B
![Page 14: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/14.jpg)
14
Asymmetric cryptography
plaintext
ciphertext plaintext
ciphertext
decryption
encryption
Private key
Public key
• Each individual has two keys
– a private key (d): need not be reveal to anyone
– a public key (e): preferably known to the entire world
![Page 15: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/15.jpg)
15
Asymmetric cryptography
It must not be possible to compute the private key from the public key
![Page 16: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/16.jpg)
16
Asymmetric cryptography
– Confidentiality: Nobody else can decrypt it (not knowing the private key of the data source)
– Authentication: How it is ensured ? If the key of encryption is public?
- The public key is certified by a Certification Authority (CA)- The public key is obtained from an electronic certificate
![Page 17: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/17.jpg)
17
Asymmetric cryptography
X Y
Clé
Publique
X
Clé
Publique
Y
Clé
privée
X
Clé
privée
Y
Clé
publique Z
Clé privée
Z
Clé
publique Z
![Page 18: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/18.jpg)
18
Asymmetric cryptography
Certificat
Électronique
Comment garantir l’identité lié
à la clé publique ?
Solution
![Page 19: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/19.jpg)
19
Asymmetric cryptography
![Page 20: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/20.jpg)
20
Asymmetric cryptography
![Page 21: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/21.jpg)
• Digital Signatures– Proving that a message is generated by a particular individual
– Non-repudiation: the signing individual can not be denied, because only him/her knows the private key
plaintext
Signed
message
plaintext
Signed
message
verification
signing
Public key
Private key
21
Asymmetric cryptography
![Page 22: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/22.jpg)
22
Hash Functions
A mathematical transformation that takes a message of arbitrary length and computes it a
fixed-length (short) number
![Page 23: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/23.jpg)
23
Hash Functions
– Let the hash of a message m be h(m)
– For any m, it is relatively easy to compute h(m)
– It is impossible to find m from h(m)
– It is computationally infeasible to find two values thathash to the same thing
Hash functions ensures message integrity
![Page 24: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/24.jpg)
24
What is a security protocol ?
- Security protocol = a set of cryptoprimitives exchanged
between the communication actors
![Page 25: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/25.jpg)
25
What is a security protocol ?
Exemple 1:
![Page 26: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/26.jpg)
26
What is a security protocol ?
Exemple 2: TLS (overview) (next course)
![Page 27: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/27.jpg)
27
Scyther Tool
- Automatic verification of security protocols
- Verify the correctness of the security protocol written in Scyther
- Analysis of security protocols to identify potential attacks andvulnerabilities
- Able to detect several possible attacks
- Generate a graph for each attack found corresponding to thementioned claim
![Page 28: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/28.jpg)
28
Scyther Tool
- Language used to write protocols in Scyther is:Security Protocol Description Language (SPDL)
- Each actor of the security protocol is written in a rolewith SPDL
- The targeted security properties are verified thanks tothe Scyther claims
![Page 29: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/29.jpg)
29
Scyther Tool
- Language used to write protocols in Scyther is:Security Protocol Description Language (SPDL)
- Each actor of the security protocol is written in a rolewith SPDL
- The targeted security properties are verified thanks tothe Scyther claims
![Page 30: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/30.jpg)
30
Scyther Tool
![Page 31: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/31.jpg)
31
Scyther Tool
What are Scyther claims ? (formal defintions)
For authentication & non-repudiation between A and B:
Nisynch: Non-injective synchronization
Niagree: Non-injective agreement
Alive: Aliveness
Weakagree: Weak agreement
![Page 32: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/32.jpg)
32
Scyther Tool
For authentication & non-repudiation between A and B:
Alive: Aliveness
• We say that a protocol guarantees to an initiator A aliveness of an agent B if,whenever A (acting as initiator) completes a run of the protocol, apparentlywith responder B, then B has previously been running the protocol
What are Scyther claims ? (formal defintions)
![Page 33: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/33.jpg)
33
Scyther Tool
For authentication & non-repudiation between A and B:
Weakagree: Weak agreement
• We say that a protocol guarantees to an initiator A weak agreement withanother agent B if, whenever A (acting as initiator) completes a run of theprotocol, apparently with responder B, then B has previously been running theprotocol, apparently with A. Note that B may not necessarily have beenacting as responder
What are Scyther claims ? (formal defintions)
![Page 34: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/34.jpg)
34
Scyther Tool
For authentication & non-repudiation between A and B:
Niagree: Non-injective agreement
• We say that a protocol:- guarantees to an initiator A non-injective agreement with a responder Bon a set of data items ds (where ds is a set of free variables appearing inthe protocol description)
- if, whenever A (acting as initiator) completes a run of the protocol,apparently with responder B,
- then B has previously been running the protocol, apparently with A, and Bwas acting as responder in his run,
- and the two agents agreed on the data values corresponding to all thevariables in ds
What are Scyther claims ? (formal defintions)
![Page 35: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/35.jpg)
35
Scyther Tool
For authentication & non-repudiation between A and B:
Nisynch: Non-injective synchronization
• Ensures that messages are transmitted exactly as prescribed by theprotocol.
• That is to say that :- whenever A (initiator) completes running the protocol with B (responder),- and B has been running the protocol with A,- then, all messages are received exactly as they were sent, in the exact
order described by the protocol
• It is a Strong Authentication
What are Scyther claims ? (formal defintions)
![Page 36: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/36.jpg)
36
Scyther Tool
What are Scyther claims ? (formal defintions)
For Confidentially
Secret
![Page 37: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/37.jpg)
Scyther Tool
37
![Page 38: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/38.jpg)
Scyther Tool
![Page 39: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/39.jpg)
Scyther ToolAttack i1
![Page 40: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/40.jpg)
Scyther ToolAttack i2
![Page 41: Introduction to Cryptography - NPAtixeuil/m2r/uploads/Main/PR... · 2018. 3. 13. · • Cryptography: overview • Introduction to the Scyther tool 2. What is Cryptography ? •](https://reader036.vdocuments.us/reader036/viewer/2022062605/5fd93fde0cf67c2f5e5893ec/html5/thumbnails/41.jpg)
Scyther ToolAttack i3