Foundations of Security Analysis and Design III

Volume 3655 of the series Lecture Notes in Computer Science pp 1-41

Justifying a Dolev-Yao Model Under Active Attacks

  • Michael BackesAffiliated withIBM Zurich Research Lab
  • , Birgit PfitzmannAffiliated withIBM Zurich Research Lab
  • , Michael WaidnerAffiliated withIBM Zurich Research Lab

* Final gross prices may vary according to local VAT.

Get Access


We present the first idealized cryptographic library that can be used like the Dolev-Yao model for automated proofs of cryptographic protocols that use nested cryptographic operations, while coming with a cryptographic implementation that is provably secure under active attacks.

To illustrate the usefulness of the cryptographic library, we present a cryptographically sound security proof of the well-known Needham-Schroeder-Lowe public-key protocol for entity authentication. This protocol was previously only proved over unfounded abstractions from cryptography. We show that the protocol is secure against arbitrary active attacks if it is implemented using standard provably secure cryptographic primitives. Conducting the proof by means of the idealized cryptographic library does not require us to deal with the probabilistic aspects of cryptography, hence the proof is in the scope of current automated proof tools. Besides establishing the cryptographic security of the Needham-Schroeder-Lowe protocol, this exemplifies the potential of this cryptographic library and paves the way for the cryptographically sound verification of security protocols by automated proof tools.