The Fine Print of Security
Summary form only given. Simple views of systems are often convenient in their design and analysis. However, attackers may attempt to exploit any oversimplification. For security, it is therefore useful to understand the value and the limitations of simplistic models. Computational-soundness theorem...
Uloženo v:
| Vydáno v: | 2010 25th Annual IEEE Symposium on Logic in Computer Science s. 110 |
|---|---|
| Hlavní autor: | |
| Médium: | Konferenční příspěvek |
| Jazyk: | angličtina |
| Vydáno: |
IEEE
01.07.2010
|
| Témata: | |
| ISBN: | 9781424475889, 1424475880 |
| ISSN: | 1043-6871 |
| On-line přístup: | Získat plný text |
| Tagy: |
Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
|
| Abstract | Summary form only given. Simple views of systems are often convenient in their design and analysis. However, attackers may attempt to exploit any oversimplification. For security, it is therefore useful to understand the value and the limitations of simplistic models. Computational-soundness theorems, which are the main subject of this lecture, can sometimes shed light on this question. We discuss them first in the context of security protocols. There, two distinct, rigorous views of cryptography have developed over the years. One of the views relies on a simple but powerful symbolic approach; the other, on a detailed computational model that considers issues of probability and complexity. In the last decade, however, we have made substantial progress in bridging the gap between these views. This progress, of which a paper with Phil Rogaway was one of the early steps, is due to many researchers. By now, this line of work provides computational justifications for formal treatments of cryptographic operations and security protocols, and also explores hybrid approaches. Similar ideas can apply in the domain of software protection, although they are less mature in this domain. Specifically, we can relate high-level security guarantees, of the kind offered by programming-language semantics, with lower-level properties of implementations. Layout randomization, one popular and effective implementation technique, again brings up issues of probability and complexity. The lecture introduces some recent work with Gordon Plotkin on this topic. |
|---|---|
| AbstractList | Summary form only given. Simple views of systems are often convenient in their design and analysis. However, attackers may attempt to exploit any oversimplification. For security, it is therefore useful to understand the value and the limitations of simplistic models. Computational-soundness theorems, which are the main subject of this lecture, can sometimes shed light on this question. We discuss them first in the context of security protocols. There, two distinct, rigorous views of cryptography have developed over the years. One of the views relies on a simple but powerful symbolic approach; the other, on a detailed computational model that considers issues of probability and complexity. In the last decade, however, we have made substantial progress in bridging the gap between these views. This progress, of which a paper with Phil Rogaway was one of the early steps, is due to many researchers. By now, this line of work provides computational justifications for formal treatments of cryptographic operations and security protocols, and also explores hybrid approaches. Similar ideas can apply in the domain of software protection, although they are less mature in this domain. Specifically, we can relate high-level security guarantees, of the kind offered by programming-language semantics, with lower-level properties of implementations. Layout randomization, one popular and effective implementation technique, again brings up issues of probability and complexity. The lecture introduces some recent work with Gordon Plotkin on this topic. |
| Author | Abadi, M |
| Author_xml | – sequence: 1 givenname: M surname: Abadi fullname: Abadi, M organization: Microsoft Res., Univ. of California, Santa Cruz, CA, USA |
| BookMark | eNo1jkFLw0AQRkesYFtz8qaX_IHU2ezs7uxRgtVCQKH1XDbbCa5oKkk89N8bUN_l410-3gJm3bETgGuFK6XQ39WbarsqcVJ_BgtFJZEz7P05ZN7xv7OfwVwh6cKyU5eQDcM7TpApnaI53OzeJF-nTvKXPnVjfmzzrcTvPo2nK7how8cg2d8u4XX9sKueivr5cVPd10VSaMaiYXYOGzQBKTpiK9gYZ7XXJJrDFHFQTWz5YDkGbto2WG8lBG0IS7JRL-H29zeJyP6rT5-hP-2Ncei90T-TGT3M |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IH CBEJK RIE RIO |
| DOI | 10.1109/LICS.2010.9 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan (POP) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE/IET Electronic Library IEEE Proceedings Order Plans (POP) 1998-present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE/IET Electronic Library (IEL) (UW System Shared) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 1424475899 9781424475896 |
| EndPage | 110 |
| ExternalDocumentID | 5570995 |
| Genre | orig-research |
| GroupedDBID | --Z 23M 29P 6IE 6IF 6IH 6IK 6IL 6IM 6IN AAJGR AAWTH ADZIZ ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IEGSK IJVOP IPLJI M43 OCL RIE RIL RIO RNS |
| ID | FETCH-LOGICAL-i105t-b88770b05a04c7486e0b5763934e38a475d1bcf8d68ca8bffa696eaa3540246c3 |
| IEDL.DBID | RIE |
| ISBN | 9781424475889 1424475880 |
| ISICitedReferencesCount | 0 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000287454900014&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| ISSN | 1043-6871 |
| IngestDate | Wed Aug 27 03:06:33 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i105t-b88770b05a04c7486e0b5763934e38a475d1bcf8d68ca8bffa696eaa3540246c3 |
| PageCount | 1 |
| ParticipantIDs | ieee_primary_5570995 |
| PublicationCentury | 2000 |
| PublicationDate | 2010-July |
| PublicationDateYYYYMMDD | 2010-07-01 |
| PublicationDate_xml | – month: 07 year: 2010 text: 2010-July |
| PublicationDecade | 2010 |
| PublicationTitle | 2010 25th Annual IEEE Symposium on Logic in Computer Science |
| PublicationTitleAbbrev | LICS |
| PublicationYear | 2010 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0000452714 ssj0002640 |
| Score | 1.730691 |
| Snippet | Summary form only given. Simple views of systems are often convenient in their design and analysis. However, attackers may attempt to exploit any... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 110 |
| SubjectTerms | Complexity theory Computational modeling Cryptography Protocols Semantics Silicon |
| Title | The Fine Print of Security |
| URI | https://ieeexplore.ieee.org/document/5570995 |
| WOSCitedRecordID | wos000287454900014&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV3NS8MwFH9sw4OnqZvo_KAHj9Z1S5aP83AoyBhMYbfxmrzALp3Mbn-_SZtVBC_e2hJoH0nzPvJ-vx_AgzUjZGOjUkHSphyRUkTp17KZoHIaLddYiU3I-VytVnrRgscGC0NEVfMZPYXL6izfbs0-lMqGgS5K60kb2lKKGqvV1FMCNbgMribuwt7RRyYClgqfFRxBXT4-Vg3XU7zXEbg3yvTw7XW6rDu-9C_BlcrfzLr_-9Iz6P8A95JF45LOoUXFBXSPyg1J_JF7MPCrI5n5ANOP3hRlsnXJMgrZ9eFj9vw-fUmjSkK68bFRmeZ-m5BZnk0w40ZyJSjLfRLBNOPEFHoD7Sg3TlmhDKrcORRaEGIo-Iy5MOwSOsW2oCtIRE5akWGcOeJEQjlFTqJ_g_X5qpXX0Aumrj9rIox1tHLw9-MbOK2P2kNv6y10yt2e7uDEHMrN1-6-mr1v1c2TQg |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV3NT8IwFH9BNNETKhjFrx08Ohm068fZSCAiIQETbqRrXxMuw-Dw77fdyoyJF2_b0mR7adf30ff7_QAejO4rMtAiZshNTJXCWCnu1rJOlbBSGSpVKTbBp1OxXMpZAx5rLAwils1n-OQvy7N8s9E7XyrrebooKdMDOEwpHSQVWquuqHhycO6dTdiHnasPXAQkZi4v2MO6XIQsarancC8DdK-fyN5k_Dyver7kL8mV0uMMW__71lPo_ED3olntlM6ggfk5tPbaDVH4ldvQdesjGroQ041e50W0sdE8SNl14H34sngexUEnIV676KiIM7dR8CRLUpVQzalgmGQujSCSUCRCOQNNP9NWGCa0Epm1ikmGSvmSz4AyTS6gmW9yvISIZSgFakKJRYrIhBVouXJvMC5jNfwK2t7U1UdFhbEKVnb_fnwPx6PF22Q1GU9fr-GkOnj3na430Cy2O7yFI_1VrD-3d-VMfgO7qZaJ |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2010+25th+Annual+IEEE+Symposium+on+Logic+in+Computer+Science&rft.atitle=The+Fine+Print+of+Security&rft.au=Abadi%2C+M&rft.date=2010-07-01&rft.pub=IEEE&rft.isbn=9781424475889&rft.issn=1043-6871&rft.spage=110&rft.epage=110&rft_id=info:doi/10.1109%2FLICS.2010.9&rft.externalDocID=5570995 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1043-6871&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1043-6871&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1043-6871&client=summon |