of ssh implementations
play

of SSH Implementations Paul Fiterau, Toon Lenaerts, Erik Poll, - PowerPoint PPT Presentation

Jan 13, 2023 •483 likes •1.22k views

Model Learning and Model Checking of SSH Implementations Paul Fiterau, Toon Lenaerts, Erik Poll, Joeri de Ruiter, Frits Vaandrager, Patrick Verleg Introduction protocols: SSH, TLS, SMTP, FTP, TCP, UDP many implementations per

  1. Model Learning and Model Checking of SSH Implementations Paul Fiterau, Toon Lenaerts, Erik Poll, Joeri de Ruiter, Frits Vaandrager, Patrick Verleg

  2. Introduction • protocols: SSH, TLS, SMTP, FTP, TCP, UDP … • many implementations per protocol ➢ implementations MUST/SHOULD/MAY adhere to the specifications…

  3. Introduction • protocols: SSH, TLS, SMTP, FTP, TCP, UDP … • many implementations per protocol conformance ➢ implementations MUST/SHOULD/MAY adhere to testing the specifications…

  4. Motivation Model Learning  automatically infers models for concrete implementations  checking conformance of models may be difficult

  5. Motivation Model Learning  automatically infers models for concrete implementations  checking conformance of models may be difficult

  6. Motivation Model Checking  automatically checks conformance of models to specifications  requires models and formalized specifications Model Learning  automatically infers models for concrete implementations  checking conformance of models may be difficult

  7. Motivation Model Learning + Model Checking  automatically infers models for concrete implementations  automatically checks conformance of models to specifications  requires formalized specifications Model Checking  automatically checks conformance of models to specifications  requires models and formalized specifications Model Learning  automatically infers models for concrete implementations  checking conformance of models may be difficult

  8. What was done Model Learning + Model Checking  automatically infers models for concrete implementations  automatically checks conformance of models to specifications  requires formalized specifications Application of ML+MC on SSH (a real world protocol): 1. use Model Learning to infer models of 3 SSH server implementations 2. formalize specifications from the SSH RFC standards 3. use Model Checking to verify models against these specification

  9. What was done Model Learning + Model Checking  automatically infers models for concrete implementations  automatically checks conformance of models to specifications  requires formalized specifications SUL RFC Schematic Overview Model Learning Spec. formalization prop1_LTL prop2_LTL SUL: SUL: prop1_LTL Model Checking prop2_LTL

  10. What was done Model Learning + Model Checking  automatically infers models for concrete implementations  automatically checks conformance of models to specifications  requires formalized specifications enough for a publication?

  11. What was done Model Learning + Model Checking  automatically infers models for concrete implementations  automatically checks conformance of models to specifications  requires formalized specifications Model Learning: Model Checking:  requires mapper component  requires model transformation  requires thorough testing  requires counterexample validation

  12. What was done Model Learning + Model Checking  automatically infers models for concrete implementations  automatically checks conformance of models to specifications  requires mapper component Patrick’s M. Thesis  requires formalized specifications  requires thorough testing Toon’s B. Thesis Publication  requires model transformation  requires counterexample validation

  13. What was done SUL RFC Model Learning Spec. formalization prop1_LTL prop2_LTL SUL: SUL: prop1_LTL Model Checking prop2_LTL

  14. Model Learning SUL (System under Learning) inputs Learner outputs inferred state model

  15. Model Learning Learner Queries: register/ok login Learner SUL nok logout/ok register/ok Mealy login/ok Machine */nok */nok */nok Input Alphabet: [register, login, logout] Output Alphabet: [ok, nok]

  16. Model Learning Learner Queries: register/ok login/nok logout/nok register/ok register/nok register, login Learner SUL ok, ok logout/ok register/ok login/ok */nok */nok */nok Input Alphabet: [register, login, logout]

  17. Model Learning Learner Queries: register/ok login/nok logout/nok register register/ ok nok register, login Learner SUL ok, ok Hypothesis: logout/ok register/ok login/ok */nok */nok */nok

  18. Model Learning Learner SUL Hypothesis: logout/ok Tester register/ok login/ok */nok */nok */nok

  19. Model Learning Test Queries: register register login/ok nok nok Learner SUT tests Hypothesis: logout/ok Tester register/ok login/ok */nok */nok */nok

  20. Model Learning Learner SUT Hypothesis: logout/ok correct! Tester register/ok login/ok */nok */nok */nok

  21. Model Learning new queries Learner SUT New Hypothesis Tester

  22. Model Learning new queries Learner SUL tests New Hypothesis correct! Tester

  23. Model Learning Learner/ SUL Tester

  24. Model Learning Learner/ SUL Tester SUL.login, login, logout SUL.logout ok, nok true/false concrete i/o abstract i/o (strings) method calls, returned obj. packets

  25. Model Learning Learner/ SUL Tester login(uid) login_0 login_1 ok, nok … ok, nok parameterized small abstract i/o alphabet i/o alphabet

  26. Model Learning abstract i/o param i/o concrete i/o login(“admin”) SUL.login (“admin”) login_valid Learner/ Mapper SUL Tester ok true ok Mapper 1. translates: ➢ between abstract and param. i/o ➢ between param. i/o and concrete i/o

  27. Model Learning Learner/ Mapper SUL Tester Mapper 1. translates: ➢ between abstract and param. i/o ➢ between param. i/o and concrete i/o 2. gives a (deterministic) Mealy Machine representation ➢ removes time dependencies, non-determinism..

  28. Model Learning queries concrete queries/tests Learner Mapper SUL tests New Hypothesis correct! Tester

  29. SUL RFC Spec. Model Learning Model Learning formalization prop1_LTL prop2_LTL SUL: SUL: prop1_LTL Model Checking prop2_LTL queries concrete queries/tests Learner Mapper SUL tests New Hypothesis correct! Tester

  30. Model Learning queries concrete queries/tests Learner Mapper SUL tests TODOs: correct! Tester 1. know your SUL 2. define i/o alphabet 3. implement mapper 4. choose learner and tester algorithms 5. connect and execute!

  31. Model Learning queries concrete queries/tests Learner Mapper SUL tests TODOs: correct! Tester 1. know your SUL 2. define i/o alphabet 3. implement mapper 4. choose learner and tester algorithms 5. connect and execute!

  32. The SSH Protocol ➢ protocol for operating network services (e.g. terminal) securely over an unsecured network ➢ client/server application layer protocol, runs on top of TCP CLIENT APPLICATION SERVER APPLICATION UNSECURE NETWORK

  33. The SSH Protocol ➢ protocol for operating network services (e.g. terminal) securely over an unsecured network ➢ client/server application layer protocol, runs on top of TCP ➢ Learner + Mapper replaces the SSH CLIENT, goal learn the SSH Server! SERVER APPLICATION LEARNER APPLICATION (= SUL) UNSECURE Learner + Mapper NETWORK

  34. The SSH Protocol ➢ comprises three layers which interoperate (no encapsulation) ➢ each layer responsible for each of the 3 protocol steps, ➢ for each we define the happy flow at an abstract level User Authentication Connection Layer Layer Transport Layer TCP/IP Layer CLIENT APPLICATION SERVER APPLICATION UNSECURE NETWORK

  35. The SSH Protocol User Authentication Connection Layer Layer ➢ 3 steps Transport Layer 1. establish a secure connection ( by exchanging keys) TCP/IP Layer CLIENT APPLICATION SERVER APPLICATION UNSECURE NETWORK

  36. The SSH Protocol User Authentication Connection Layer Layer ➢ 3 steps Transport Layer 1. establish a secure connection ( by exchanging keys) TCP/IP Layer CLIENT APPLICATION SERVER APPLICATION UNSECURE NETWORK

  37. The SSH Protocol User Authentication Connection Layer Layer ➢ 3 steps Transport Layer 1. establish a secure connection ( by exchanging keys) TCP/IP Layer 1. exchange preferences (KEXINIT) 2. perform key exchange (KEXxx) 3. put new keys to use (NEWKEYS) 4. engage the auth. service (SR_AUTH) Happy flow: Other inputs: DEBUG, IGNORE, DISCONNECT.. Other outputs: DEBUG, IGNORE, DISCONNECT..

  38. The SSH Protocol User Authentication Connection Layer Layer ➢ 3 steps Transport Layer 1. establish a secure connection ( by exchanging keys) TCP/IP Layer CLIENT APPLICATION SERVER APPLICATION UNSECURE NETWORK

  39. The SSH Protocol User Authentication Connection Layer Layer ➢ 3 steps Transport Layer 1. establish a secure connection ( by exchanging keys) TCP/IP Layer key re-exchange (rekey): same procedure, old keys are replaced by new ones can happen any time after the initial key exchange protocol should not affect operation of higher layer protocols CLIENT APPLICATION SERVER APPLICATION UNSECURE NETWORK

  40. The SSH Protocol User Authentication Connection Layer Layer ➢ 3 steps Transport Layer 1. establish a secure connection ( by exchanging keys) TCP/IP Layer 2. authentication with server password auth CLIENT APPLICATION SERVER APPLICATION user: john pwd: password auth successful

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Threshold Implementations Svetla Nikova Threshold Implementations A provably secure

Threshold Implementations Svetla Nikova Threshold Implementations A provably secure

Threshold Implementations Svetla Nikova Threshold Implementations A provably secure countermeasure Against (first) order power analysis based on multi party computation and secret sharing 2 Outline Threshold Implementations

990 views • 58 slides
Contracts vs. Implementations: Where? Common Eiffel Errors: Instructions for Implementations :

Contracts vs. Implementations: Where? Common Eiffel Errors: Instructions for Implementations :

Contracts vs. Implementations: Where? Common Eiffel Errors: Instructions for Implementations : inst 1 , inst 2 Contracts vs. Implementations Boolean expressions for Contracts: exp 1 , exp 2 , exp 3 , exp 4 , exp 5 feature -- Commands

231 views • 6 slides
Stack Implementations Tiziana Ligorio 1 Todays Plan Stack Implementations: Array

Stack Implementations Tiziana Ligorio 1 Todays Plan Stack Implementations: Array

Stack Implementations Tiziana Ligorio 1 Todays Plan Stack Implementations: Array Vector Linked Chain 2 Stack ADT #ifndef STACK_H_ #define STACK_H_ template<<typename ItemType> class

1.19k views • 71 slides
MPRI 2-30: Automated Verification of Cryptographic Protocol Implementations K Bhargavan

MPRI 2-30: Automated Verification of Cryptographic Protocol Implementations K Bhargavan

MPRI 2-30: Automated Verification of Cryptographic Protocol Implementations K Bhargavan (Slides from A.D. Gordon and C. Fournet) Spring, 2014 Outline of Lectures Lecture 1 (Jan 22, Today) Intro to Verified Protocol Implementations

1.32k views • 112 slides
Lightweight Implementations of SHA-3 Candidates on FPGAs Jens-Peter Kaps Panasayya Yalla

Lightweight Implementations of SHA-3 Candidates on FPGAs Jens-Peter Kaps Panasayya Yalla

Introduction Methodology Implementations Results Lightweight Implementations of SHA-3 Candidates on FPGAs Jens-Peter Kaps Panasayya Yalla Kishore Kumar Surapathi Bilal Habib Susheel Vadlamudi Smriti Gurung John Pham Cryptographic

461 views • 29 slides
Something with implementations Peter Schwabe June 23, 2016 PQCRYPTO Summer School on

Something with implementations Peter Schwabe June 23, 2016 PQCRYPTO Summer School on

Something with implementations Peter Schwabe June 23, 2016 PQCRYPTO Summer School on Post-Quantum Cryptography 2017 Part I: How to make software secure Something with implementations 2 Timing Attacks General idea of those attacks Secret

1.47k views • 65 slides
Verifying Security Protocols and their Implementations Information Security and Cryptography

Verifying Security Protocols and their Implementations Information Security and Cryptography

Verifying Security Protocols and their Implementations Information Security and Cryptography Reading Group Presenter: C t lin Hri cu References Verified Interoperable Implementations of Security Protocols. Karthikeyan Bhargavan,

922 views • 70 slides
Re-indexing the DFT (n and k) We can investigate the various implementations of the DFT by

Re-indexing the DFT (n and k) We can investigate the various implementations of the DFT by

Re-indexing the DFT (n and k) We can investigate the various implementations of the DFT by looking at ways to re-index values of n and k. Idea: Using properties of addition and multiplication we can rewrite the equation. 1

541 views • 22 slides
Privacy of Geolocation Implementations Marcos Cceres, Opera Software ASA W3C Workshop on

Privacy of Geolocation Implementations Marcos Cceres, Opera Software ASA W3C Workshop on

Privacy of Geolocation Implementations Marcos Cceres, Opera Software ASA W3C Workshop on Privacy of Advance Web APIs 12 July, 2010. London, United Kingdom. Implementations iOS 4 Firefox 3.6 Chrome 6 Opera 10.6 Critical

445 views • 20 slides
Common Eiffel Errors: Contracts vs. Implementations EECS3311 A: Software Design Fall 2018 C HEN

Common Eiffel Errors: Contracts vs. Implementations EECS3311 A: Software Design Fall 2018 C HEN

Common Eiffel Errors: Contracts vs. Implementations EECS3311 A: Software Design Fall 2018 C HEN -W EI W ANG Contracts vs. Implementations: Definitions In Eiffel, there are two categories of constructs: Implementations are step-by-step

246 views • 23 slides
Performance Comparison of DTN Bundle Protocol Implementations ottner , Johannes Morgenroth,

Performance Comparison of DTN Bundle Protocol Implementations ottner , Johannes Morgenroth,

Performance Comparison of DTN Bundle Protocol Implementations ottner , Johannes Morgenroth, Sebastian Schildt, Lars Wolf Wolf-Bastian P September 23, 2011: CHANTS Workshop, Las Vegas, NV Motivation Several Bundle Protocol (BP) implementations

874 views • 17 slides
Multi-rate Signal Processing 4. Multistage Implementations 5. Multirate Application: Subband

Multi-rate Signal Processing 4. Multistage Implementations 5. Multirate Application: Subband

4 Multistage Implementations 5 Some Multirate Applications Multi-rate Signal Processing 4. Multistage Implementations 5. Multirate Application: Subband Coding Electrical & Computer Engineering University of Maryland, College Park

891 views • 24 slides
Verification of Implementations of Distributed Systems under Churn Ryan Doenges , James R. Wilcox,

Verification of Implementations of Distributed Systems under Churn Ryan Doenges , James R. Wilcox,

Verification of Implementations of Distributed Systems under Churn Ryan Doenges , James R. Wilcox, Doug Woos, Zachary Tatlock, and Karl Palmskog We should verify implementations of distributed systems... ...and we have! Framework Prover

1.41k views • 86 slides
The PKIX Standards and PKI Implementations Simos Xenitellis University of London

The PKIX Standards and PKI Implementations Simos Xenitellis University of London

The PKIX Standards and PKI implementations The PKIX Standards and PKI Implementations Simos Xenitellis University of London S.Xenitellis@rhbnc.ac.uk 1 16th May, 2000, University of London The PKIX Standards and PKI implementations Agenda

513 views • 29 slides
Testing Qt Model-View Implementations Stephen Kelly July 2010 T esting Model-View

Testing Qt Model-View Implementations Stephen Kelly July 2010 T esting Model-View

Testing Qt Model-View Implementations Stephen Kelly July 2010 T esting Model-View Implementations Designing testable code High-level Model-View design T est-drivers and mock objects Unit test execution KDE ItemViews

268 views • 23 slides
Erlang SCCP/TCAP/MAP Implementations Harald Welte <laforge@gnumonks.org> gnumonks.org

Erlang SCCP/TCAP/MAP Implementations Harald Welte <laforge@gnumonks.org> gnumonks.org

The GSM core network Erlang in Osmocom Core Network protocol implementations Erlang SCCP/TCAP/MAP Implementations Harald Welte <laforge@gnumonks.org> gnumonks.org hmw-consulting.de sysmocom GmbH October 13, 2012 - OSDC.fr - Paris /

1.06k views • 35 slides
Compressed Membership for NFA (DFA) with Compressed Labels is in NP (P) Artur Je University of

Compressed Membership for NFA (DFA) with Compressed Labels is in NP (P) Artur Je University of

Compressed Membership for NFA (DFA) with Compressed Labels is in NP (P) Artur Je University of Wrocaw Compressed membership for NFA 1 / 17 Artur Je What this talk is about Fully compressed membership problem for automata Compressed

733 views • 69 slides
Middle School to High School Brevard Public Schools Secondary Leading and Learning Paula Bewerse

Middle School to High School Brevard Public Schools Secondary Leading and Learning Paula Bewerse

Transitions from Middle School to High School Brevard Public Schools Secondary Leading and Learning Paula Bewerse Resource Teacher, College and Career Readiness Topics Promotion from 8 th grade to 9 th grade Navigating the Transition

699 views • 65 slides
growth from Great Britain to the island of Ireland 2019 2025 Joan OShaughnessy Chair,

growth from Great Britain to the island of Ireland 2019 2025 Joan OShaughnessy Chair,

Great Britain Market Review A strategy for achieving tourism growth from Great Britain to the island of Ireland 2019 2025 Joan OShaughnessy Chair, Tourism Ireland Katy Best Vice-Chair GB Review Steering Group Commercial Director,

643 views • 27 slides
CENTRE-BERCY 5 Min 10 Min 45 Min 55 Min DESTINATION PARIS BERCY ACCORHOTELS ARENA THE SEINE

CENTRE-BERCY 5 Min 10 Min 45 Min 55 Min DESTINATION PARIS BERCY ACCORHOTELS ARENA THE SEINE

PULLMAN PARIS CENTRE-BERCY 5 Min 10 Min 45 Min 55 Min DESTINATION PARIS BERCY ACCORHOTELS ARENA THE SEINE BERCY VILLAGE THE EIFFEL TOWER CIT DE LA MODE & DU DESIGN NOTRE DAME 392 ROOMS & SUITES 1 PAMPER 1 BAR - LIVE corner BAR

702 views • 21 slides
goProbe: A Scalable Distributed Network Monitoring Solution Christian Decker Lennart Elsen

goProbe: A Scalable Distributed Network Monitoring Solution Christian Decker Lennart Elsen

goProbe: A Scalable Distributed Network Monitoring Solution Christian Decker Lennart Elsen Fabian Kohn Roger Wattenhofer Goal Enable quick and efficient retrieval of key pieces of information about traffic patterns in global networks Goal

559 views • 45 slides
MIH-Consortium Kellie Burnam, Community Health Manager, Schertz EMS Brandon Kludt, EMS Chief,

MIH-Consortium Kellie Burnam, Community Health Manager, Schertz EMS Brandon Kludt, EMS Chief,

MIH-Consortium Kellie Burnam, Community Health Manager, Schertz EMS Brandon Kludt, EMS Chief, Canyon Lake Fire/EMS Chris Velasquez, MIH Coordinator, San Antonio Fire Department Richard Britz, MIH Paramedic, HIS Centre (Bulverde/Spring Branch

318 views • 30 slides
New Coach Training Day Two Significant program underwriting provided by Tucson Festival of

New Coach Training Day Two Significant program underwriting provided by Tucson Festival of

Reading Seed New Coach Training Day Two Significant program underwriting provided by Tucson Festival of Books. Welco come me and nd Age gend nda Reading Seed Program Review Building Relationships Wordless Books Practice

465 views • 42 slides
When It All Hits The Fan: Self-Care Strategies for Resilience is the result of a partnership

When It All Hits The Fan: Self-Care Strategies for Resilience is the result of a partnership

When It All Hits The Fan: Self-Care Strategies for Resilience is the result of a partnership between Behavior/Mental Health TAC Website https://www.marshall.edu/bmhtac/ Compassion Satisfaction Compassion Fatigue Overview Burnout and

463 views • 43 slides

More recommend