Cryptographically Sound Implementations for Communicating Processes

  • Pedro Adão
  • Cédric Fournet
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4052)

Abstract

We design a core language of principals running distributed programs over a public network. Our language is a variant of the pi calculus, with secure communications, mobile names, and high-level certificates, but without any explicit cryptography. Within this language, security properties can be conveniently studied using trace properties and observational equivalences, even in the presence of an arbitrary (abstract) adversary.

With some care, these security properties can be achieved in a concrete setting, relying on standard cryptographic primitives and computational assumptions, even in the presence of an adversary modeled as an arbitrary probabilistic polynomial-time algorithm. To this end, we develop a cryptographic implementation that preserves all properties for all safe programs. We give a series of soundness and completeness results that precisely relate the language to its implementation.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abadi, M., Fournet, C.: Private authentication. Theoretical Computer Science 322(3), 427–476 (2004).Special issue on Foundations of Wide Area Network Computing.MATHCrossRefMathSciNetGoogle Scholar
  2. 2.
    Abadi, M., Fournet, C., Gonthier, G.: Authentication primitives and their compilation. In: POPL 2000, pp. 302–315. ACM, New York (2000)Google Scholar
  3. 3.
    Abadi, M., Fournet, C., Gonthier, G.: Secure implementation of channel abstractions. Information and Computation 174(1), 37–83 (2002)MATHCrossRefMathSciNetGoogle Scholar
  4. 4.
    Abadi, M., Gordon, A.D.: A calculus for cryptographic protocols: The Spi Calculus. Information and Computation 148(1), 1–70 (1999)MATHCrossRefMathSciNetGoogle Scholar
  5. 5.
    Abadi, M., Rogaway, P.: Reconciling two views of cryptography (the computational soundness of formal encryption). Journal of Cryptology 15(2), 103–127 (2002)MATHMathSciNetGoogle Scholar
  6. 6.
    Adão, P., Fournet, C.: Cryptographically sound implementations for communicating processes. Technical report MSR-TR-2006-49. Microsoft Research (2006)Google Scholar
  7. 7.
    Backes, M., Pfitzmann, B.: Symmetric encryption in a simulatable Dolev-Yao style cryptographic library. In: CSFW-17, pp. 204–218. IEEE, Los Alamitos (2004)Google Scholar
  8. 8.
    Backes, M., Pfitzmann, B., Waidner, M.: A composable cryptographic library with nested operations. In: CCS 2003, pp. 220–230. ACM, New York (2003)Google Scholar
  9. 9.
    Backes, M., Pfitzmann, B., Waidner, M.: Symmetric authentication within a simulatable cryptographic library. International Journal of Information Security 4(3), 135–154 (2005)CrossRefGoogle Scholar
  10. 10.
    Blanchet, B., Abadi, M., Fournet, C.: Automated verification of selected equivalences for security protocols. In: LICS 2005, pp. 331–340. IEEE, Los Alamitos (2005)Google Scholar
  11. 11.
    Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)Google Scholar
  12. 12.
    Goldwasser, S., Micali, S.: Probabilistic encryption. Journal of Computer and Systems Sciences 28(2), 270–299 (1984)MATHCrossRefMathSciNetGoogle Scholar
  13. 13.
    Goldwasser, S., Micali, S., Rivest, R.: A digital signature scheme secure against adaptive chosen-message attack. SIAM Journal on Computing 17(2), 281–308 (1988)MATHCrossRefMathSciNetGoogle Scholar
  14. 14.
    Laud, P.: Secrecy types for a simulatable cryptographic library. In: CCS 2005, pp. 26–35. ACM, New York (2005)Google Scholar
  15. 15.
    Lincoln, P., Mitchell, J., Mitchell, M., Scedrov, A.: A probabilistic poly-time framework for protocol analysis. In: CCS 1998, pp. 112–121. ACM, New York (1998)Google Scholar
  16. 16.
    Micciancio, D., Warinschi, B.: Soundness of formal encryption in the presence of active adversaries. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 133–151. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  17. 17.
    Mitchell, J.C., Ramanathan, A., Scedrov, A., Teague, V.: A probabilistic polynomial-time calculus for the analysis of cryptographic protocols. In: Theoretical Computer Science (2006)Google Scholar
  18. 18.
    Rackoff, C., Simon, D.R.: Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 433–444. Springer, Heidelberg (1992)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Pedro Adão
    • 1
  • Cédric Fournet
    • 2
  1. 1.Center for Logic and Computation, ISTLisboaPortugal
  2. 2.Microsoft Research 

Personalised recommendations