Compromised Information Sources

Add to your list(s) Download to your calendar using vCal

• Tim Muller
• Thursday 13 September 2018, 11:00-12:00
• Computer Science, The Sloman Lounge (UG).

If you have a question about this talk, please contact Mani Bhesania.

In a security protocol, or any system, a participant may be compromised. This may allow for a security property to be broken. So then, compromised means insecure, whereas not compromised means secure. But what if a participant is compromised with some probability? The probability of security does not necessarily equal the probability of a compromised participant. Furthermore, there may be multiple participants, which also muddles the relation between the probabilities. We focus on the specific case that the participant in question is a source of information (e.g. provides a certificate, a judgement or a report). While we may not know the probability that a participant is compromised, we can take that probability as a parameter. A superior protocol provides a higher probability of security, given the same parameter(s). The problem is, the behaviour of a compromised participant affects the probability of security too. Nevertheless, we show that often, there is a minimum amount of information coming from a potentially compromised participant, regardless of attack behaviour. This guaranteed information can be used to obtain a high probability of security in many cases.

This talk is part of the Computer Security Seminars series.

This talk is included in these lists:

• Computer Science Departmental Series
• Computer Science Distinguished Seminars
• Computer Science, The Sloman Lounge (UG)
• Computer Security Seminars
• computer sience

Note that ex-directory lists are not shown.