ProtoTo - Holistic Development of Security Protocols

Funding: BMBF, 06/2011-05/2013

Background: The Project ist part of the program of the Federal Ministry of Education and Research (BMBF) for IT security research, in particular „Protection of Internet-Infrastructures; Technology to Attack Prevention and Early Detection“.

Content: In academic research there are numerous approaches to analyze the logical correctness of security protocols. Computer-aided approaches are all based on the Dolev-Yao model which assumes peferctly secure cryptographic primitives. Complexity-based approaches, on the other hand, provide security proofs under weaker complexity assumptions but are currently only “paper-and-pencil” based. The goal of the project ProtoTo is now to build a bridge between the two approaches.

To support the applicability of the integrated approach for educated but not necessarily scientific-oriented users, the project's goal is to give general recommendations for the development of protocols. These recommendations should follow the Common Criteria (CC) and support the holistic development of security protocols, especially in light of evaluations. The approach will be applied to two test cases from the area of trusted updates and secure software updates.

Project partners: DFKI GmbH (Coordinator), Kobil Systems GmbH, Sirrix AG.

Funded Members: Özgür Dagdelen