Although computer security typically revolves around threats, attacks and defenses, the sub-field of security protocol analysis (SPA) has so far focused almost exclusively on attacks. In this paper, we show that such focus on attacks depends on few critical assumptions that have been characteristic of the field and have governed its mindset, approach and developed tools. We motivate that indeed there is room in SPA for a fruitful notion of defense and that the conceptual bridge lies in multiple non-collaborating attackers. Defending security protocols through interference between attackers is possible; however, in order to understand network behavior completely, it is necessary to start treating protocols as environments, not simply as sequences of message exchanges.
File in questo prodotto:
Non ci sono file associati a questo prodotto.