Computational Soundness about Formal Encryption in the Presence of Secret Shares and Key Cycles

The computational soundness of formal encryption is studied extensively following the work of Abadi and Rogaway[1]. Recent work considers the scenario in which secret sharing is needed, and separately, the scenario when key cycles are present. The novel technique is the use of a co-induction definition of the adversarial knowledge. In this paper, we prove a computational soundness theorem of formal encryption in the presence of both key cycles and secret shares at the same time, which is a non-trivial extension of former approaches.

[1]  Jonathan Herzog,et al.  Computational soundness for standard assumptions of formal cryptography , 2004 .

[2]  Peeter Laud,et al.  Symmetric encryption in automatic analyses for confidentiality against active adversaries , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[3]  Bogdan Warinschi,et al.  Soundness of Formal Encryption in the Presence of Active Adversaries , 2004, TCC.

[4]  Thomas Holenstein,et al.  On the (Im)Possibility of Key Dependent Encryption , 2009, TCC.

[5]  Jonathan Herzog,et al.  Soundness and completeness of formal encryption: The cases of key cycles and partial information leakage , 2009, J. Comput. Secur..

[6]  Lawrence C. Paulson,et al.  The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..

[7]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[8]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[9]  Jonathan Herzog,et al.  Soundness of Formal Encryption in the Presence of Key-Cycles , 2005, ESORICS.

[10]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[11]  Daniele Micciancio,et al.  Computational soundness, co-induction, and encryption cycles , 2010, IACR Cryptol. ePrint Arch..

[12]  Martín Abadi,et al.  Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption) , 2007, Journal of Cryptology.

[13]  Dan Suciu,et al.  Controlling Access to Published Data Using Cryptography , 2003, VLDB.

[14]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[15]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[16]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[17]  Rafail Ostrovsky,et al.  Circular-Secure Encryption from Decision Diffie-Hellman , 2008, CRYPTO.

[18]  Dennis Hofheinz,et al.  Towards Key-Dependent Message Security in the Standard Model , 2008, EUROCRYPT.

[19]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[20]  Martín Abadi,et al.  Security analysis of cryptographically controlled access to XML documents , 2005, PODS '05.

[21]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[22]  Martín Abadi,et al.  A Calculus for Cryptographic Protocols: The spi Calculus , 1999, Inf. Comput..

[23]  David Pointcheval,et al.  Automated Security Proofs with Sequences of Games , 2006, CRYPTO.

[24]  Martín Abadi,et al.  Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption)* , 2000, Journal of Cryptology.

[25]  Birgit Pfitzmann,et al.  A Universally Composable Cryptographic Library , 2003, IACR Cryptol. ePrint Arch..

[26]  Daniele Micciancio,et al.  Pseudo-randomness and partial information in symbolic security analysis , 2009, IACR Cryptol. ePrint Arch..

[27]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[28]  John Black,et al.  Encryption-Scheme Security in the Presence of Key-Dependent Messages , 2002, Selected Areas in Cryptography.