A Theory of Composable Lingos for Protocol Dialects

TL;DR

This paper introduces formal patterns for protocol dialects and lingos, enhancing security by making attack methods ineffective through formal transformations and compositions, thus providing a systematic approach to protocol hardening.

Contribution

It develops formal patterns for lingos and dialects, enabling systematic strengthening and composition of protocol security components.

Findings

Formal patterns can strengthen lingos through transformation and composition.

Dialect formal patterns can generate secure dialects from protocols and lingos.

The approach provides a systematic framework for protocol security enhancement.

Abstract

Formal patterns are formally specified solutions to frequently occurring distributed system problems that are generic, executable, and come with strong qualitative and/or quantitative formal guarantees. A formal pattern is a generic system transformation which transforms a usually infinite class of systems in need of the pattern's solution into enhanced versions of such systems that solve the problem in question. In this paper we demonstrate the application of formal patterns to protocol dialects. Dialects are methods for hardening protocols so as to endow them with light-weight security, especially against easy attacks that can lead to more serious ones. A lingo is a dialect's key security component, because attackers are unable to ''speak'' the lingo. A lingo's ''talk'' changes all the time, becoming a moving target for attackers. In this paper we present several formal patterns for both lingos and dialects. Lingo formal patterns can make lingos stronger by both transforming them and by composing several lingos into a stronger lingo. Dialects themselves can be obtained by the application of a single dialect formal pattern, generic on both the chosen lingo and the chosen protocol.