A composable cryptographic library with nested operations

We present the first idealized cryptographic library that can be used like the Dolev-Yao model for automated proofs of cryptographic protocols that use nested cryptographic operations, while coming with a cryptographic implementation that is provably secure under active attacks.

[1]  Birgit Pfitzmann,et al.  A cryptographically sound security proof of the Needham-Schroeder-Lowe public-key protocol , 2003, IEEE Journal on Selected Areas in Communications.

[2]  Yvo Desmedt,et al.  How to Break a Practical MIX and Design a New One , 2000, EUROCRYPT.

[3]  Gavin Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[4]  Ross J. Anderson,et al.  Robustness Principles for Public Key Protocols , 1995, CRYPTO.

[5]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[6]  Ivan Damgård,et al.  Secure Signature Schemes Based on Interactive Protocols See Back Inner Page for a List of Recent Publications in the Brics Report Series. Copies May Be Obtained by Contacting: Secure Signature Schemes Based on Interactive Protocols , 1995 .

[7]  Giovanni Maria Sacco,et al.  Timestamps in key distribution protocols , 1981, CACM.

[8]  Birgit Pfitzmann,et al.  Cryptographic Security of Reactive Systems Extended Abstract , 2000 .

[9]  Birgit Pfitzmann,et al.  Computational probabilistic noninterference , 2002, International Journal of Information Security.

[10]  Birgit Pfitzmann,et al.  A model for asynchronous reactive systems and its application to secure message transmission , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[11]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[12]  Birgit Pfitzmann,et al.  Deriving Cryptographically Sound Implementations Using Composition and Formally Verified Bisimulation , 2002, FME.

[13]  Peeter Laud Semantics and Program Analysis of Computationally Secure Information Flow , 2001, ESOP.

[14]  John C. Mitchell,et al.  Automated analysis of cryptographic protocols using Mur/spl phi/ , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[15]  Martín Abadi,et al.  Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption)* , 2001, Journal of Cryptology.

[16]  Birgit Pfitzmann,et al.  How To Break and Repair A "Provably Secure" Untraceable Payment System , 1991, CRYPTO.

[17]  Steve A. Schneider,et al.  Using a PVS Embedding of CSP to Verify Authentication Protocols , 1997, TPHOLs.

[18]  Martín Abadi,et al.  Formal Eavesdropping and Its Computational Interpretation , 2001, TACS.

[19]  Ueli Maurer,et al.  Player Simulation and General Adversary Structures in Perfect Multiparty Computation , 2000, Journal of Cryptology.

[20]  Birgit Pfitzmann,et al.  A Universally Composable Cryptographic Library , 2003, IACR Cryptol. ePrint Arch..

[21]  Michael Backes,et al.  Cryptographically Sound and Machine-Assisted Verification of Security Protocols , 2003, STACS.

[22]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[23]  Joshua D. Guttman,et al.  The faithfulness of abstract protocol analysis: message authentication , 2001, CCS '01.

[24]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[25]  Silvio Micali,et al.  Secure Computation (Abstract) , 1991, CRYPTO.

[26]  Andrew Chi-Chih Yao,et al.  Theory and Applications of Trapdoor Functions (Extended Abstract) , 1982, FOCS.

[27]  Natarajan Shankar,et al.  PVS: A Prototype Verification System , 1992, CADE.

[28]  John C. Mitchell,et al.  A probabilistic poly-time framework for protocol analysis , 1998, CCS '98.

[29]  Oded Goldreich,et al.  Two Remarks Concerning the Goldwasser-Micali-Rivest Signature Scheme , 1986, CRYPTO.

[30]  Shai Halevi,et al.  Secure Hash-and-Sign Signatures Without the Random Oracle , 1999, EUROCRYPT.

[31]  Bogdan Warinschi A computational analysis of the Needham-Schroeder-(Lowe) protocol , 2005 .

[32]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[33]  Chanathip Namprempre,et al.  Authenticated encryption in SSH: provably fixing the SSH binary packet protocol , 2002, CCS '02.

[34]  Ran Canetti A unified framework for analyzing security of protocols , 2001, Electron. Colloquium Comput. Complex..

[35]  Birgit Pfitzmann,et al.  Composition and integrity preservation of secure reactive systems , 2000, CCS.

[36]  Bruce Schneier,et al.  Analysis of the SSL 3.0 protocol , 1996 .

[37]  Ronald Cramer,et al.  Signature schemes based on the strong RSA assumption , 2000, TSEC.

[38]  Fabio Massacci,et al.  The verification of an industrial payment protocol: the SET purchase phase , 2002, CCS '02.

[39]  Mihir Bellare,et al.  Relations among Notions of Security for Public-Key Encryption Schemes , 1998, IACR Cryptol. ePrint Arch..

[40]  Phillip Rogaway,et al.  Authenticated-encryption with associated-data , 2002, CCS '02.

[41]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[42]  Lawrence C. Paulson,et al.  The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..

[43]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[44]  Zhe Dang,et al.  Using the ASTRAL Model Checker for Cryptographic Protocol Analysis , 1997 .

[45]  Ivan Damgård,et al.  New Generation of Secure and Practical RSA-Based Signatures , 1996, CRYPTO.

[46]  Daniel R. Simon,et al.  Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack , 1991, CRYPTO.

[47]  Birgit Pfitzmann,et al.  Polynomial fairness and liveness , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[48]  Birgit Pfitzmann,et al.  Intransitive non-interference for cryptographic purposes , 2003, 2003 Symposium on Security and Privacy, 2003..

[49]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[50]  Daniel Bleichenbacher,et al.  Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1 , 1998, CRYPTO.

[51]  Leonid A. Levin,et al.  Fair Computation of General Functions in Presence of Immoral Majority , 1990, CRYPTO.

[52]  Jonathan K. Millen,et al.  Three systems for cryptographic protocol analysis , 1994, Journal of Cryptology.

[53]  Donald Beaver,et al.  Secure multiparty protocols and zero-knowledge proof systems tolerating a faulty minority , 2004, Journal of Cryptology.