Verification Results Clause Samples
Verification Results. The results of the automated verification for the above formalized scheme are shown in Figure 4. Goals G1-G11 relate to the establishment of the session keys and check for the secrecy of the key components and their possessions by the legitimate corresponding users, while goals G12-G14 relate to the authenti- cation of the users. As presented in Figure 5, all security goals are successfully verified. This provides confidence in the correctness and effectiveness of the proposed protocol. In this section we discuss the computational complexity of our scheme and compare it with [20]. As mentioned before, [20] is the only other symmetric key based proxy re-encryption scheme in literature which does not assume that the sender and receiver possess in advance a prior secret key. From the sender side, both ALPKA 1 and ALPKA 2 require 8 hash opera- tions and 1 encryption. From the receiver side, 1 encryption and 5 hashes are required in ALPKA 1, while 1 encryption and 4 hashes in ALPKA 2. Taking into account that Key Derivation Functions (KDF) and Message Authentica- tion Codes (MAC) have similar complexity as a hash operation, therefore [20], requires 2 encryptions and 5 hashes at sender side and 2 encryptions and 4 hashes at receiver side. In order to get a better understanding of the impact of these numbers, we consider measurements performed on a smartphone with Android OS (Android 4.4 KitKat) consisting of a 2260 MHz ARM device. The timings for both AES128 as encryption algorithm and SHA2 as hash operation, correspond with 0.1 ms [32]. Consequently, both schemes have comparable and negligible computational complexity.
Verification Results. Table 2 summarizes the properties and verification results. For ease of pre- sentation, when properties include statements, we replace statements with the augmented-transition numbers that we have added to Figures 9, 11, and 12 in Appendices F.1 and G.2. The number of states represents the reachable state space as evaluated by nuXmv. Blind Auction We analyzed both the initial and augmented models of the Blind Auction contract. On the initial model, we checked four safety properties (see Properties (i)–(iv) in Table 2). On the augmented model, which allows for more fine-grained analysis, we checked two additional safety properties. All properties were verified to hold. The models were found to be deadlock-free and their state space was evaluated to 54 and 161 states, respectively. The augmented model and generated code can be found in Appendix F. The DAO Attack We modeled a simplified version of the DAO contract. ▇▇▇▇▇ et al. [2] discuss two different vulnerabilities exploited on DAO and present different attack scenarios. Our verified safety property (Table 2) excludes the possibility of both attacks. The augmented model can be found in Appendix G.1.
Verification Results. For each test, a similarity score is calculated as given in Equation 1 and Equation 2. The minimum score, the maximum score and the average score of the system are calculated for each subject. These scores are used as acceptance thresholds of the system one by one. For each different threshold, the corresponding False Accept Rate (FAR) and False Reject Rate (FRR) values of the system are calculated. FAR is the percentage of the impostor subjects who are accepted as genuine users; whereas FRR is the percentage of the genuine subjects who are rejected. As a result of these operations, the best Equal Error Rate (EER; the point where FAR = FRR) percentages are obtained when the maximum scores of the system is picked as the acceptance threshold. It is inevitable that an impostor subject cannot reach the maximum similarity score of a genuine subject. Figure 3 shows the FAR and FRR percentages when the maximum of the similarity scores, which are calculated using Equation 1, is picked as the acceptance threshold. As can be seen in this figure, our protocol achieves 0.57% EER when the optimum acceptance threshold is 5.99. This threshold value is the point where FAR and FRR curves intersect with each other. In order to minimize both FAR and FRR at the same time, their intersection point is considered. If the acceptance threshold is selected as the average score of the system, the EER lies at 5% with 2.15 acceptance threshold, as can be seen in Figure 4. On the other hand, if the acceptance threshold is selected as the minimum score of the system as in Figure 5, the EER is 10% and the acceptance threshold is 0.76. In Table II, all of these EER values that are calculated according to two different predefined similarity score equations are given. The explained results are summarized in this table as well. Equation Strategy EER (%) Equation 1 min 10 max 0.57 avg 5 Equation 2 min 10 max 0.57 avg 6.66