Showing papers in "arXiv: Cryptography and Security in 1998"

Security Policy Specification Using a Graphical Approach

Abstract: A security policy states the acceptable actions of an information system, as the actions bear on security There is a pressing need for organizations to declare their security policies, even informal statements would be better than the current practice But, formal policy statements are preferable to support (1) reasoning about policies, eg, for consistency and completeness, (2) automated enforcement of the policy, eg, using wrappers around legacy systems or after the fact with an intrusion detection system, and (3) other formal manipulation of policies, eg, the composition of policies We present LaSCO, the Language for Security Constraints on Objects, in which a policy consists of two parts: the domain (assumptions about the system) and the requirement (what is allowed assuming the domain is satisfied) Thus policies defined in LaSCO have the appearance of conditional access control statements LaSCO policies are specified as expressions in logic and as directed graphs, giving a visual view of policy LaSCO has a simple semantics in first order logic (which we provide), thus permitting policies we write, even for complex policies, to be very perspicuous LaSCO has syntax to express many of the situations we have found to be useful on policies or, more interesting, the composition of policies LaSCO has an object-oriented structure, permitting it to be useful to describe policies on the objects and methods of an application written in an object-oriented language, in addition to the traditional policies on operating system objects A LaSCO specification can be automatically translated into executable code that checks an invocation of a program with respect to a policy The implementation of LaSCO is in Java, and generates wrappers to check Java programs with respect to a policy

Security amplification by composition: The case of doubly-iterated, ideal ciphers

Abstract: We investigate, in the Shannon model, the security of constructions corresponding to double and (two-key) triple DES. That is, we consider F_{k1}(F_{k2}(.)) and F_{k1}(F_{k2}^{-1}(F_{k1}(.))) with the component functions being ideal ciphers. This models the resistance of these constructions to ``generic'' attacks like meet in the middle attacks. We obtain the first proof that composition actually increases the security of these constructions in some meaningful sense. We compute a bound on the probability of breaking the double cipher as a function of the number of computations of the base cipher made, and the number of examples of the composed cipher seen, and show that the success probability is the square of that for a single key cipher. The same bound holds for the two-key triple cipher. The first bound is tight and shows that meet in the middle is the best possible generic attack against the double cipher.