Tracing the Man in the Middle in Monoidal Categories

Man-in-the-Middle (MM) is not only a ubiquitous attack pattern in security, but also an important paradigm of network computation and economics. Recognizing ongoing MM-attacks is an important security task; modeling MM-interactions is an interesting task for semantics of computation. Traced monoidal categories are a natural framework for MM-modelling, as the trace structure provides a tool to hide what happens in the middle. An effective analysis of what has been traced out seems to require an additional property of traces, called normality. We describe a modest model of network computation, based on partially ordered multisets (pomsets), where basic network interactions arise from the monoidal trace structure, and a normal trace structure arises from an iterative, i.e. coalgebraic structure over terms and messages used in computation and communication. The correspondence is established using a convenient monadic description of normally traced monoidal categories.

[1]  Jean-Yves Girard,et al.  Towards a geometry of interaction , 1989 .

[2]  John C. Mitchell,et al.  A compositional logic for protocol correctness , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[3]  Leslie Lamport,et al.  Proving the Correctness of Multiprocess Programs , 1977, IEEE Transactions on Software Engineering.

[4]  John C. Mitchell,et al.  A derivation system and compositional logic for security protocols , 2005, J. Comput. Secur..

[5]  Bruce Schneier,et al.  Protocol Interactions and the Chosen Protocol Attack , 1997, Security Protocols Workshop.

[6]  S. Abramsky Semantics of Interaction: an introduction to Game Semantics , 1997 .

[7]  Dominic R. Verity,et al.  Traced monoidal categories , 1996, Mathematical Proceedings of the Cambridge Philosophical Society.

[8]  John C. Mitchell,et al.  A derivation system for security protocols and its logical formalization , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[9]  Dusko Pavlovic,et al.  An encapsulated authentication logic for reasoning about key distribution protocols , 2005, 18th IEEE Computer Security Foundations Workshop (CSFW'05).

[10]  Robin Milner Action Calculi, or Syntactic Action Structures , 1993, MFCS.

[11]  Lawrence S. Moss Parametric corecursion , 2001, Theor. Comput. Sci..

[12]  Samson Abramsky Algorithmic Game Semantics: A Tutorial Introduction , 2001 .

[13]  Joshua D. Guttman,et al.  Strand Spaces: Proving Security Protocols Correct , 1999, J. Comput. Secur..

[14]  Jay L. Gischer,et al.  The Equational Theory of Pomsets , 1988, Theor. Comput. Sci..

[15]  Samson Abramsky,et al.  Specifying Interaction Categories , 1997, Category Theory and Computer Science.

[16]  Samson Abramsky Algorithmic Game Semantics , 2002 .

[17]  Samson Abramsky,et al.  Interaction Categories , 1993, Theory and Formal Methods.

[18]  John C. Mitchell,et al.  Secure protocol composition , 2003, FMSE '03.

[19]  Radha Jagadeesan,et al.  New foundations for the geometry of interaction , 1992, [1992] Proceedings of the Seventh Annual IEEE Symposium on Logic in Computer Science.

[20]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[21]  Dusko Pavlovic,et al.  Geometry of abstraction in quantum computation , 2010, Classical and Quantum Information Assurance Foundations and Practice.

[22]  S. Lane Categories for the Working Mathematician , 1971 .

[23]  R. Milner Calculi for interaction , 1996, Acta Informatica.

[24]  John C. Mitchell,et al.  Abstraction and refinement in protocol derivation , 2004, Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004..

[25]  Z. Ésik,et al.  Iteration Theories: The Equational Logic of Iterative Processes , 1993 .

[26]  Dusko Pavlovic,et al.  Network as a Computer: Ranking Paths to Find Flows , 2008, CSR.

[27]  John C. Mitchell,et al.  A Compositional Logic for Proving Security Properties of Protocols , 2003, J. Comput. Secur..

[28]  Vaughan R. Pratt,et al.  Modeling concurrency with partial orders , 1986, International Journal of Parallel Programming.

[29]  Masahito Hasegawa,et al.  The Uniformity Principle on Traced Monoidal Categories , 2003, CTCS.

[30]  Dusko Pavlovic Proving Authentication Properties in the Protocol Derivation Assistant , 2006 .

[31]  Dusko Pavlovic,et al.  Deriving Secrecy in Key Establishment Protocols , 2006, ESORICS.

[32]  Du Sko Pavlovi,et al.  Categorical Logic of Names and Abstraction in Action Calculi , 1993 .

[33]  Samson Abramsky,et al.  A categorical semantics of quantum protocols , 2004, Proceedings of the 19th Annual IEEE Symposium on Logic in Computer Science, 2004..

[34]  Bowen Alpern,et al.  Defining Liveness , 1984, Inf. Process. Lett..

[35]  F. W. Lawvere,et al.  FUNCTORIAL SEMANTICS OF ALGEBRAIC THEORIES. , 1963, Proceedings of the National Academy of Sciences of the United States of America.

[36]  Paul C. van Oorschot,et al.  Authentication and authenticated key exchanges , 1992, Des. Codes Cryptogr..

[37]  Stephen L. Bloom,et al.  The Existence and Construction of Free Iterative Theories , 1976, J. Comput. Syst. Sci..

[38]  Dusko Pavlovic Categorical logic of Names and Abstraction in Action Calculi , 1997, Math. Struct. Comput. Sci..

[39]  Jirí Adámek,et al.  Free iterative theories: a coalgebraic view , 2003, Mathematical Structures in Computer Science.

[40]  C.-H. Luke Ong,et al.  On Full Abstraction for PCF: I, II, and III , 2000, Inf. Comput..

[41]  Srini Ramaswamy,et al.  Actor-Network Procedures , 2012 .

[42]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[43]  Dusko Pavlovic,et al.  Secure protocol composition (extended abstract) , 2003 .

[44]  Dusko Pavlovic,et al.  Deriving secrecy properties in key establishment protocols , 2006 .

[45]  Dusko Pavlovic,et al.  Deriving, Attacking and Defending the GDOI Protocol , 2004, ESORICS.

[46]  Peter Aczel,et al.  Infinite trees and completely iterative theories: a coalgebraic view , 2003, Theor. Comput. Sci..

[47]  Adi Shamir,et al.  How to expose an eavesdropper , 1984, CACM.

[48]  Radha Poovendran,et al.  Distance Bounding Protocols: Authentication Logic Analysis and Collusion Attacks , 2007, Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks.

[49]  S. Maclane,et al.  Categories for the Working Mathematician , 1971 .