Completing the Picture: Soundness of Formal Encryption in the Presence of Active Adversaries

  • Romain Janvier
  • Yassine Lakhnech
  • Laurent Mazaré
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3444)


In this paper, we extend previous results relating the Dolev-Yao model and the computational model. We add the possibility to exchange keys and consider cryptographic primitives such as signature. This work can be applied to check protocols in the computational model by using automatic verification tools in the formal model.

To obtain this result, we introduce a precise definition for security criteria which leads to a nice reduction theorem. The reduction theorem is of interest on its own as it seems to be a powerful tool for proving equivalences between security criteria. Also, the proof of this theorem uses original ideas that seem to be applicable in other situations.


  1. 1.
    Abadi, M., Jürgens, J.: Formal eavesdropping and its computational interpretation. In: Kobayashi, N., Pierce, B.C. (eds.) TACS 2001. LNCS, vol. 2215, p. 82. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  2. 2.
    Abadi, M., Rogaway, P.: Reconciling two views of cryptography (the computational soundness of formal encryption). In: IFIP International Conference on Theoretical Computer Science (IFIP TCS 2000). Springer, Berlin (2000)Google Scholar
  3. 3.
    Bellare, M., Kilian, J., Rogaway, P.: The security of cipher block chaining. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 341–358. Springer, Heidelberg (1994)Google Scholar
  4. 4.
    Blanchet, B.: Abstracting cryptographic protocols by prolog rules. In: Cousot, P. (ed.) SAS 2001. LNCS, vol. 2126, p. 433. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  5. 5.
    Boldyreva, A., Bellare, M., Micali, S.: Public-key encryption in a multi-user setting: Security proofs and improvements. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 259–274. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  6. 6.
    Bozga, L., Lakhnech, Y., Périn, M.: Hermes: An automatic tool for verification of secrecy in security protocols. In: Hunt Jr., W.A., Somenzi, F. (eds.) CAV 2003. LNCS, vol. 2725, pp. 219–222. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. 7.
    Cortier, V., Warinschi, B.: Computationally sound, automated proofs for security protocols. Research Report RR-5341, INRIA (October 2004)Google Scholar
  8. 8.
    Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Transactions on Information Theory 29(2), 198–208 (1983)MATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    Goldwasser, S., Micali, S.: Probabilistic encryption. Journal of Computer and System Sciences 28(2), 270–299 (1984)MATHCrossRefMathSciNetGoogle Scholar
  10. 10.
    Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing 17(2), 281–308 (1988)MATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Goubault-Larrecq, J.: A method for automatic cryptographic protocol verification. In: Rolim, J.D.P. (ed.) IPDPS-WS 2000. LNCS, vol. 1800, p. 977. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  12. 12.
    Laud, P.: Symmetric encryption in automatic analyses for confidentiality against adaptive adversaries. In: Proc. of 2004 IEEE Symposium on Security and Privacy, pp. 71–85 (2004)Google Scholar
  13. 13.
    Lowe, G.: An attack on the Needham-Schroeder public-key authentification protocol. Information Processing Letters 56(3), 131–133 (1995)MATHCrossRefGoogle Scholar
  14. 14.
    Pfitzmann, B., Backes, M., Waidner, M.: U universally composable cryptographic library. In: ACM Press (ed.) Computer and Communication Security (October 2003)Google Scholar
  15. 15.
    Micciancio, D., Warinschi, B.: Soundness of formal encryption in the presence of active adversaries. In: Proceedings of the Theory of Cryptography Conference, pp. 133–151. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  16. 16.
    Lakhnech, Y., Janvier, R., Mazaré, L.: (de)compositions of cryptographic schemes and their applications to protocols. Technical report, Verimag, Centre Équation, 38610 Gières (2004) (to appear)Google Scholar
  17. 17.
    Lakhnech, Y., Janvier, M.R., et al.: Completing the picture: Soundness of formal encryption in the presence of active adversaries. Technical Report TR-2004-19, Verimag, Centre Équation, 38610 Gières (November 2004)Google Scholar
  18. 18.
    Rusinowitch, M., Turuani, M.: Protocol insecurity with finite number of sessions is NP-complete. In: IEEE Computer Security Foundations Workshop (2001)Google Scholar
  19. 19.
    Warinschi, B.: A computational analysis of the needham-schroeder(-lowe) protocol. In: Proceedings of 16th Computer Science Foundation Workshop, pp. 248–262. ACM Press, New York (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Romain Janvier
    • 1
  • Yassine Lakhnech
    • 1
  • Laurent Mazaré
    • 1
  1. 1.VERIMAGGièresFrance

Personalised recommendations