Automating Computational Proofs for Public-Key-Based Key Exchange

We present an approach to automating computationally sound proofs of key exchange protocols based on public-key encryption. We show that satisfying the property called occultness in the Dolev-Yao model guarantees the security of a related key exchange protocol in a simple computational model. Security in this simpler model has been shown to imply security in a Bellare-Rogaway-like model. Furthermore, the occultness in the Dolev-Yao model can be searched automatically by a mechanisable procedure. Thus automated proofs for key exchange protocols in the computational model can be achieved. We illustrate the method using the well-known Lowe-Needham-Schroeder protocol.

[1]  Hugo Krawczyk,et al.  Universally Composable Notions of Key Exchange and Secure Channels , 2002, EUROCRYPT.

[2]  Bruno Blanchet,et al.  Automatic proof of strong secrecy for security protocols , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[3]  Silvio Micali,et al.  Public-Key Encryption in a Multi-user Setting: Security Proofs and Improvements , 2000, EUROCRYPT.

[4]  Véronique Cortier,et al.  Computationally Sound, Automated Proofs for Security Protocols , 2005, ESOP.

[5]  Douglas R. Stinson,et al.  Advances in Cryptology — CRYPTO’ 93 , 2001, Lecture Notes in Computer Science.

[6]  A. Maximov,et al.  Fast computation of large distributions and its cryptographic applications , 2005 .

[7]  Jonathan K. Millen,et al.  Proving secrecy is easy enough , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[8]  Aggelos Kiayias,et al.  Traitor Tracing with Constant Transmission Rate , 2002, EUROCRYPT.

[9]  Pascal Lafourcade,et al.  Towards automated proofs for asymmetric encryption schemes in the random oracle model , 2008, CCS.

[10]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[11]  Gavin Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[12]  Ran Canetti,et al.  Universally Composable Symbolic Analysis of Mutual Authentication and Key-Exchange Protocols , 2006, TCC.

[13]  Yannick Chevalier,et al.  A tool for lazy verification of security protocols , 2001, Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001).

[14]  P. Cogn,et al.  A Computationally Sound Mechanized Prover for Security Protocols , 2009 .

[15]  Information Security and Privacy , 1996, Lecture Notes in Computer Science.

[16]  Jonathan K. Millen,et al.  Protocol-independent secrecy , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[17]  David Pointcheval,et al.  The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes , 2001, Public Key Cryptography.

[18]  Reihaneh Safavi-Naini,et al.  Automated Security Proof for Symmetric Encryption Modes , 2009, ASIAN.

[19]  Bart Preneel,et al.  Advances in cryptology - EUROCRYPT 2000 : International Conference on the Theory and Application of Cryptographic Techniques, Bruges, Belgium, May 14-18, 2000 : proceedings , 2000 .

[20]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[21]  Colin Boyd,et al.  On Session Identifiers in Provably Secure Protocols: The Bellare-Rogaway Three-Party Key Distribution Protocol Revisited , 2004, SCN.

[22]  Arto Salomaa,et al.  Public-Key Cryptography , 1991, EATCS Monographs on Theoretical Computer Science.

[23]  Kenneth G. Paterson,et al.  Modular Security Proofs for Key Agreement Protocols , 2005, ASIACRYPT.

[24]  John C. Mitchell,et al.  Computationally sound compositional logic for key exchange protocols , 2006, 19th IEEE Computer Security Foundations Workshop (CSFW'06).

[25]  Colin Boyd,et al.  Errors in Computational Complexity Proofs for Protocols , 2005, ASIACRYPT.

[26]  Ran Canetti,et al.  Universally composable symbolic analysis of cryptographic protocols , 2004 .

[27]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[28]  Ran Canetti,et al.  Universally Composable Symbolic Analysis of Diffie-Hellman based Key Exchange , 2010, IACR Cryptol. ePrint Arch..

[29]  Bogdan Warinschi,et al.  Soundness of Formal Encryption in the Presence of Active Adversaries , 2004, TCC.