Completing the Picture: Soundness of Formal Encryption in the Presence of Active Adversaries

In this paper, we extend previous results relating the Dolev-Yao model and the computational model. We add the possibility to exchange keys and consider cryptographic primitives such as signature. This work can be applied to check protocols in the computational model by using automatic verification tools in the formal model. To obtain this result, we introduce a precise definition for security criteria which leads to a nice reduction theorem. The reduction theorem is of interest on its own as it seems to be a powerful tool for proving equivalences between security criteria. Also, the proof of this theorem uses original ideas that seem to be applicable in other situations.

[1]  Bruno Blanchet,et al.  Abstracting Cryptographic Protocols by Prolog Rules , 2001, SAS.

[2]  Yvo Desmedt,et al.  Advances in Cryptology — CRYPTO ’94 , 2001, Lecture Notes in Computer Science.

[3]  Michaël Rusinowitch,et al.  Protocol insecurity with finite number of sessions is NP-complete , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[4]  Ian Glendinning,et al.  Parallel and Distributed Processing , 2001, Digital Image Analysis.

[5]  Béla Ágai,et al.  CONDENSED 1,3,5-TRIAZEPINES - V THE SYNTHESIS OF PYRAZOLO [1,5-a] [1,3,5]-BENZOTRIAZEPINES , 1983 .

[6]  Birgit Pfitzmann,et al.  A Universally Composable Cryptographic Library , 2003, IACR Cryptol. ePrint Arch..

[7]  Bart Preneel,et al.  Advances in cryptology - EUROCRYPT 2000 : International Conference on the Theory and Application of Cryptographic Techniques, Bruges, Belgium, May 14-18, 2000 : proceedings , 2000 .

[8]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[9]  Silvio Micali,et al.  Public-Key Encryption in a Multi-user Setting: Security Proofs and Improvements , 2000, EUROCRYPT.

[10]  Bogdan Warinschi A computational analysis of the Needham-Schroeder-(Lowe) protocol , 2005 .

[11]  Mihir Bellare,et al.  The Security of Cipher Block Chaining , 1994, CRYPTO.

[12]  Gavin Lowe,et al.  An Attack on the Needham-Schroeder Public-Key Authentication Protocol , 1995, Inf. Process. Lett..

[13]  Peeter Laud,et al.  Symmetric encryption in automatic analyses for confidentiality against active adversaries , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[14]  Bogdan Warinschi,et al.  Soundness of Formal Encryption in the Presence of Active Adversaries , 2004, TCC.

[15]  Martín Abadi,et al.  Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption)* , 2001, Journal of Cryptology.

[16]  Vitaly Shmatikov,et al.  Intruder deductions, constraint solving and insecurity decision in presence of exclusive or , 2003, 18th Annual IEEE Symposium of Logic in Computer Science, 2003. Proceedings..

[17]  Yassine Lakhnech,et al.  (De)Compositions of Cryptographic Schemes and their Applications to Protocols , 2005, IACR Cryptol. ePrint Arch..

[18]  Yassine Lakhnech,et al.  HERMES: An Automatic Tool for Verification of Secrecy in Security Protocols , 2003, CAV.

[19]  Jean Goubault-Larrecq,et al.  A Method for Automatic Cryptographic Protocol Verification , 2000, IPDPS Workshops.

[20]  Bogdan Warinschi Proceedings of 16th Computer Science Foundation Workshop , 2003 .

[21]  Benjamin C. Pierce,et al.  Theoretical Aspects of Computer Software , 2001, Lecture Notes in Computer Science.

[22]  Martín Abadi,et al.  Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption) , 2007, Journal of Cryptology.

[23]  Jonathan Herzog,et al.  Computational soundness for standard assumptions of formal cryptography , 2004 .

[24]  Birgit Pfitzmann,et al.  A composable cryptographic library with nested operations , 2003, CCS '03.

[25]  Dawn Xiaodong Song Athena: a new efficient automatic checker for security protocol analysis , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[26]  Martín Abadi,et al.  Formal Eavesdropping and Its Computational Interpretation , 2001, TACS.

[27]  Véronique Cortier,et al.  Computationally Sound, Automated Proofs for Security Protocols , 2005, ESOP.

[28]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[29]  Gavin Lowe Analysing Protocol Subject to Guessing Attacks , 2004, J. Comput. Secur..

[30]  John A. Clark,et al.  A survey of authentication protocol literature: Version 1.0 , 1997 .

[31]  Martín Abadi,et al.  Deciding knowledge in security protocols under equational theories , 2004, Theor. Comput. Sci..

[32]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..