Modeling partial attacks with ALLOY

Authors:
Amerson Lin;Mike Bond;Jolyon Clulow
Affiliations:
Computer Science and Artificial Intelligence Laboratory, Massachusetts Institute of Technology, Cambridge, MA;Computer Laboratory, University of Cambridge, Cambridge, United Kingdom;Computer Laboratory, University of Cambridge, Cambridge, United Kingdom
Venue:
Proceedings of the 15th international conference on Security protocols
Year:
2007

Citing 2
Cited 3

BerkMin: A Fast and Robust Sat-Solver

Proceedings of the conference on Design, automation and test in Europe
Special Feature Exhaustive Cryptanalysis of the NBS Data Encryption Standard

Computer

A Modeling Language for Program Design and Synthesis

Advances in Software Engineering
Experience on knowledge-based software engineering: A logic-based requirements language and its industrial applications

Journal of Systems and Software
Enforcing spatio-temporal access control in mobile applications

Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

The automated and formal analysis of cryptographic primitives, security protocols and Application Programming Interfaces (APIs) up to date has been focused on discovering attacks that completely break the security of a system. However, there are attacks that do not immediately break a system but weaken the security sufficiently for the adversary. We term these attacks partial attacks and present the first methodology for the modeling and automated analysis of this genre of attacks by describing two approaches. The first approach reasons about entropy and was used to simulate and verify an attack on the ECB|ECB|OFB triple-mode DES block-cipher. The second approach reasons about possibility sets and was used to simulate and verify an attack on the personal identification number (PIN) derivation algorithm used in the IBM 4758 Common Cryptographic Architecture.