The Fine Print of Security
Summary form only given. Simple views of systems are often convenient in their design and analysis. However, attackers may attempt to exploit any oversimplification. For security, it is therefore useful to understand the value and the limitations of simplistic models. Computational-soundness theorem...
Uložené v:
| Vydané v: | 2010 25th Annual IEEE Symposium on Logic in Computer Science s. 110 |
|---|---|
| Hlavný autor: | |
| Médium: | Konferenčný príspevok.. |
| Jazyk: | English |
| Vydavateľské údaje: |
IEEE
01.07.2010
|
| Predmet: | |
| ISBN: | 9781424475889, 1424475880 |
| ISSN: | 1043-6871 |
| On-line prístup: | Získať plný text |
| Tagy: |
Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
|
| Abstract | Summary form only given. Simple views of systems are often convenient in their design and analysis. However, attackers may attempt to exploit any oversimplification. For security, it is therefore useful to understand the value and the limitations of simplistic models. Computational-soundness theorems, which are the main subject of this lecture, can sometimes shed light on this question. We discuss them first in the context of security protocols. There, two distinct, rigorous views of cryptography have developed over the years. One of the views relies on a simple but powerful symbolic approach; the other, on a detailed computational model that considers issues of probability and complexity. In the last decade, however, we have made substantial progress in bridging the gap between these views. This progress, of which a paper with Phil Rogaway was one of the early steps, is due to many researchers. By now, this line of work provides computational justifications for formal treatments of cryptographic operations and security protocols, and also explores hybrid approaches. Similar ideas can apply in the domain of software protection, although they are less mature in this domain. Specifically, we can relate high-level security guarantees, of the kind offered by programming-language semantics, with lower-level properties of implementations. Layout randomization, one popular and effective implementation technique, again brings up issues of probability and complexity. The lecture introduces some recent work with Gordon Plotkin on this topic. |
|---|---|
| AbstractList | Summary form only given. Simple views of systems are often convenient in their design and analysis. However, attackers may attempt to exploit any oversimplification. For security, it is therefore useful to understand the value and the limitations of simplistic models. Computational-soundness theorems, which are the main subject of this lecture, can sometimes shed light on this question. We discuss them first in the context of security protocols. There, two distinct, rigorous views of cryptography have developed over the years. One of the views relies on a simple but powerful symbolic approach; the other, on a detailed computational model that considers issues of probability and complexity. In the last decade, however, we have made substantial progress in bridging the gap between these views. This progress, of which a paper with Phil Rogaway was one of the early steps, is due to many researchers. By now, this line of work provides computational justifications for formal treatments of cryptographic operations and security protocols, and also explores hybrid approaches. Similar ideas can apply in the domain of software protection, although they are less mature in this domain. Specifically, we can relate high-level security guarantees, of the kind offered by programming-language semantics, with lower-level properties of implementations. Layout randomization, one popular and effective implementation technique, again brings up issues of probability and complexity. The lecture introduces some recent work with Gordon Plotkin on this topic. |
| Author | Abadi, M |
| Author_xml | – sequence: 1 givenname: M surname: Abadi fullname: Abadi, M organization: Microsoft Res., Univ. of California, Santa Cruz, CA, USA |
| BookMark | eNo1jkFLw0AQRkesYFtz8qaX_IHU2ezs7uxRgtVCQKH1XDbbCa5oKkk89N8bUN_l410-3gJm3bETgGuFK6XQ39WbarsqcVJ_BgtFJZEz7P05ZN7xv7OfwVwh6cKyU5eQDcM7TpApnaI53OzeJF-nTvKXPnVjfmzzrcTvPo2nK7how8cg2d8u4XX9sKueivr5cVPd10VSaMaiYXYOGzQBKTpiK9gYZ7XXJJrDFHFQTWz5YDkGbto2WG8lBG0IS7JRL-H29zeJyP6rT5-hP-2Ncei90T-TGT3M |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IH CBEJK RIE RIO |
| DOI | 10.1109/LICS.2010.9 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan (POP) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Xplore Digital Library (LUT) IEEE Proceedings Order Plans (POP) 1998-present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Xplore url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 1424475899 9781424475896 |
| EndPage | 110 |
| ExternalDocumentID | 5570995 |
| Genre | orig-research |
| GroupedDBID | --Z 23M 29P 6IE 6IF 6IH 6IK 6IL 6IM 6IN AAJGR AAWTH ADZIZ ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IEGSK IJVOP IPLJI M43 OCL RIE RIL RIO RNS |
| ID | FETCH-LOGICAL-i105t-b88770b05a04c7486e0b5763934e38a475d1bcf8d68ca8bffa696eaa3540246c3 |
| IEDL.DBID | RIE |
| ISBN | 9781424475889 1424475880 |
| ISICitedReferencesCount | 0 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000287454900014&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| ISSN | 1043-6871 |
| IngestDate | Wed Aug 27 03:06:33 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i105t-b88770b05a04c7486e0b5763934e38a475d1bcf8d68ca8bffa696eaa3540246c3 |
| PageCount | 1 |
| ParticipantIDs | ieee_primary_5570995 |
| PublicationCentury | 2000 |
| PublicationDate | 2010-July |
| PublicationDateYYYYMMDD | 2010-07-01 |
| PublicationDate_xml | – month: 07 year: 2010 text: 2010-July |
| PublicationDecade | 2010 |
| PublicationTitle | 2010 25th Annual IEEE Symposium on Logic in Computer Science |
| PublicationTitleAbbrev | LICS |
| PublicationYear | 2010 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0000452714 ssj0002640 |
| Score | 1.7311056 |
| Snippet | Summary form only given. Simple views of systems are often convenient in their design and analysis. However, attackers may attempt to exploit any... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 110 |
| SubjectTerms | Complexity theory Computational modeling Cryptography Protocols Semantics Silicon |
| Title | The Fine Print of Security |
| URI | https://ieeexplore.ieee.org/document/5570995 |
| WOSCitedRecordID | wos000287454900014&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV09T8MwED21FQNTgRZB-VAGRkyd2vHHXFGBVFWVClK3ynYcqUuKSsrv55y4QUgsbI6VIafYfnfne-8AHhyGGSKUVbBUaMIdtcR4lxKfIfjSokAPpVbXn8vFQq3XetmBx5YL472vi8_8UxjWd_n5zh1Cqmwc5KK0zrrQlVI2XK02nxKkwWWAmngKI9BHJQJGBEYFR1IX-seq1XqKzzoS91Kqx_PX6aqp-NK_Gq7UeDPr_-9Lz2D4Q9xLli0knUPHlxfQP3ZuSOJGHsAIV0cyQwcT396WVbIrklVsZDeE99nz2_SFxC4JZIu-UUUsHhOSWpoZyp3kSnhqMYhgmnHPlEED89S6QuVCOaNsURihhTcmJHwmXDh2Cb1yV_orSERQ87KOB016rujEYvCXM8kmXkqRM30Ng2Dq5qMRwthEK0d_T9_AaXPVHmpbb6FX7Q_-Dk7cV7X93N_Xf-8b29mP7A |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV3PT8IwFH5BNNETKhjFXzt4tNKtXX-ciQTiJCRgwo2sXZdwGQSHf7_tVmZMvHjrmh32srbfe6_v-x7Ak7ZhBnNlFSRkElGNFUqNDpGJLfjiPLceSqWun_DpVCyXctaC54YLY4ypis_MixtWd_nZRu9dqmzg5KKkjI_gOKY0Cmu2VpNRceLg3IGNP4ct1HstAoKYjQsOtC7rIYtG7ck_S0_dC7EcJJPhvK75kr9arlSIM-r871vPofdD3QtmDShdQMsUl9A59G4I_FbuQt-uj2BkXUz79roog00ezH0rux58jF4XwzHyfRLQ2npHJVL2oOBY4TjFVHMqmMHKhhFEEmqISK2BWah0LjImdCpUnqdMMpOmLuUTUabJFbSLTWGuIWBOz0tp6lTpqcCRsuFfRjiJDOcsI_IGus7U1baWwlh5K_t_Tz_C6XjxnqySyfTtFs7qi3dX6XoH7XK3N_dwor_K9efuofqT35aNkzM |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2010+25th+Annual+IEEE+Symposium+on+Logic+in+Computer+Science&rft.atitle=The+Fine+Print+of+Security&rft.au=Abadi%2C+M&rft.date=2010-07-01&rft.pub=IEEE&rft.isbn=9781424475889&rft.issn=1043-6871&rft.spage=110&rft.epage=110&rft_id=info:doi/10.1109%2FLICS.2010.9&rft.externalDocID=5570995 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1043-6871&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1043-6871&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1043-6871&client=summon |