[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SOI QUESTIONS: 2.6 Formal proofs of security

To: ipsec@lists.tislabs.com
Subject: Re: SOI QUESTIONS: 2.6 Formal proofs of security
From: Lakshminath Dondeti <ldondeti@nortelnetworks.com>
Date: Thu, 20 Jun 2002 14:07:27 -0400
References: <E17L5M8-0003XL-00@think.thunk.org>
Sender: owner-ipsec@lists.tislabs.com
User-Agent: Mozilla/5.0 (Windows; U; Win95; en-US; rv:0.9.4.1) Gecko/20020314 Netscape6/6.2.2

Theodore Ts'o wrote:

> Please discuss and answer this question.....  
> 
> 2.6 Formal proofs of security
> 
> 2.6.)  Does SOI need to provide a formal proof of security?  (Is this
> a "must have" or a "nice to have"?  What are we willing to trade-off
> for having a formal proof of security?)

It is important that the protocol goes through some level of formal 
analysis.  For example, Cathy Meadows did an analysis of GDOI (using NRL 
protocol analyzer?) and helped identify some security holes.  A similar 
analysis would be very useful in case of SOI as well.

best,
Lakshminath

> 
> Implications from the Scenarios:
> 
> [none]
> 
>

References:
- SOI QUESTIONS: 2.6 Formal proofs of security
  - From: "Theodore Ts'o" <tytso@mit.edu>

Prev by Date: Re: SOI QUESTIONS: 2.4 Number of crypto operations
Next by Date: Re: SOI QUESTIONS: 2.6 Formal proofs of security
Prev by thread: Re: SOI QUESTIONS: 2.6 Formal proofs of security
Next by thread: Re: SOI QUESTIONS: 2.6 Formal proofs of security
Index(es):
- Date
- Thread