Completing the Picture: Soundness of Formal Encryption in the Presence of Active Adversaries
In this paper, we extend previous results relating the Dolev-Yao model and the computational model. We add the possibility to exchange keys and consider cryptographic primitives such as signature. This work can be applied to check protocols in the computational model by using automatic verification tools in the formal model.
To obtain this result, we introduce a precise definition for security criteria which leads to a nice reduction theorem. The reduction theorem is of interest on its own as it seems to be a powerful tool for proving equivalences between security criteria. Also, the proof of this theorem uses original ideas that seem to be applicable in other situations.
- 2.Abadi, M., Rogaway, P.: Reconciling two views of cryptography (the computational soundness of formal encryption). In: IFIP International Conference on Theoretical Computer Science (IFIP TCS 2000). Springer, Berlin (2000)Google Scholar
- 3.Bellare, M., Kilian, J., Rogaway, P.: The security of cipher block chaining. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 341–358. Springer, Heidelberg (1994)Google Scholar
- 7.Cortier, V., Warinschi, B.: Computationally sound, automated proofs for security protocols. Research Report RR-5341, INRIA (October 2004)Google Scholar
- 12.Laud, P.: Symmetric encryption in automatic analyses for confidentiality against adaptive adversaries. In: Proc. of 2004 IEEE Symposium on Security and Privacy, pp. 71–85 (2004)Google Scholar
- 14.Pfitzmann, B., Backes, M., Waidner, M.: U universally composable cryptographic library. In: ACM Press (ed.) Computer and Communication Security (October 2003)Google Scholar
- 16.Lakhnech, Y., Janvier, R., Mazaré, L.: (de)compositions of cryptographic schemes and their applications to protocols. Technical report, Verimag, Centre Équation, 38610 Gières (2004) (to appear)Google Scholar
- 17.Lakhnech, Y., Janvier, M.R., et al.: Completing the picture: Soundness of formal encryption in the presence of active adversaries. Technical Report TR-2004-19, Verimag, Centre Équation, 38610 Gières (November 2004)Google Scholar
- 18.Rusinowitch, M., Turuani, M.: Protocol insecurity with finite number of sessions is NP-complete. In: IEEE Computer Security Foundations Workshop (2001)Google Scholar
- 19.Warinschi, B.: A computational analysis of the needham-schroeder(-lowe) protocol. In: Proceedings of 16th Computer Science Foundation Workshop, pp. 248–262. ACM Press, New York (2003)Google Scholar