Abstract
Since the 1980s, two approaches have been developed for analyzing security protocols. One of the approaches relies on a computational model that considers issues of complexity and probability. This approach captures a strong notion of security, guaranteed against all probabilistic polynomial-time attacks. The other approach relies on a symbolic model of protocol executions in which cryptographic primitives are treated as black boxes. Since the seminal work of Dolev and Yao, it has been realized that this latter approach enables significantly simpler and often automated proofs. However, the guarantees that it offers have been quite unclear.
In this paper, we show that it is possible to obtain the best of both worlds: fully automated proofs and strong, clear security guarantees. Specifically, for the case of protocols that use signatures and asymmetric encryption, we establish that symbolic integrity and secrecy proofs are sound with respect to the computational model. The main new challenges concern secrecy properties for which we obtain the first soundness result for the case of active adversaries. Our proofs are carried out using Casrul, a fully automated tool.
Keywords
- Security Protocol
- Execution Model
- Symbolic Model
- Execution Trace
- Overwhelming Probability
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Download conference paper PDF
References
Abadi, M.: Taming the adversary. In: Proc. of Crypto 2000 (2000)
Abadi, M., Gordon, A.: A calculus for cryptographic protocols: The spi calculus. In: Proc. of the 4th Conf. on Computer and Communications Security, pp. 36–47. ACM Press, New York (1997)
Abadi, M., Rogaway, P.: Reconciling two views of cryptography (the computational soundness of formal encryption). Journal of Cryptology 15(2), 103–127 (2002)
Backes, M.: Personal communication
Backes, M., Pfitzmann, B., Waidner, M.: A composable cryptographic library with nested operations (extended abstract). In: Proc. of 10th ACM Conference on Computer and Communications Security (CCS 2005), pp. 220–230 (2003)
Bellare, M., Boldyreva, A., Micali, S.: Public-key encryption in a multi-user setting: Security proofs and improvements. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 259–274. Springer, Heidelberg (2000)
Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: Proc. of the 14th CSFW (June 2001)
Bozga, L., Lakhnech, Y., Perin, M.: An automatic tool for the verification of secrecy in security protocols. In: Hunt Jr., W.A., Somenzi, F. (eds.) CAV 2003. LNCS, vol. 2725, pp. 219–222. Springer, Heidelberg (2003)
Chevalier, Y., Vigneron, L.: A tool for lazy verification of security protocols. In: Proc. of the 16th Conf. on Automated Software Engineering (ASE 2001). IEEE CS Press, Los Alamitos (2001)
Cortier, V.: A guide for Securify. RNTL EVA project, Report n. 13 (December 2003)
Cortier, V., Warinschi, B.: Computationally sound, automated proofs for security protocols. Research Report RR-5341, INRIA (October 2004)
Phan, D.H., Pointcheval, D.: Une comparaison entre deux méthodes de preuve de sécurité. In: Proc. of RIVF, pp. 105–110 (2003) (in French)
Goldwasser, S., Micali, S., Rivest, R.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal of Computing 17(2), 281–308 (1988)
Laud, P.: Symmetric encryption in automatic analyses for confidentiality against active adversaries. In: Proc. of 2004 IEEE Symposium on Security and Privacy, pp. 71–85 (2004)
Lowe, G.: Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996)
Lowe, G.: Casper: A compiler for the analysis of security protocols. In: Proc. of 10th CSFW 1997. IEEE Computer Society Press, Los Alamitos (1997)
Micciancio, D., Warinschi, B.: Soundness of formal encryption in the presence of active adversaries. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 133–151. Springer, Heidelberg (2004)
Mitchell, J., Ramanathan, A., Scedrov, A., Teague, V.: A probabilistic polynomial-time calculus for analysis of cryptographic protocols. Electronic Notes in Theoretical Computer Science 45 (2001)
Paulson, L.: Mechanized proofs for a recursive authentication protocol. In: Proc. of the 10th CSFW 1997, pp. 84–95. IEEE Computer Society Press, Los Alamitos (1997)
Rackoff, C., Simon, D.: Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 433–444. Springer, Heidelberg (1992)
Rusinowitch, M., Turuani, M.: Protocol insecurity with finite number of sessions is NP-complete. In: Proc. of the 14th CSFW 2001, pp. 174–190. IEEE Computer Society Press, Los Alamitos (2001)
Yamaguchi, S., Okayama, K., Miyahara, H.: The design and implementation of an authentication system for the wide area distributed environment. In: IEICE Transactions on Information and Systems (November 1991)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cortier, V., Warinschi, B. (2005). Computationally Sound, Automated Proofs for Security Protocols. In: Sagiv, M. (eds) Programming Languages and Systems. ESOP 2005. Lecture Notes in Computer Science, vol 3444. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-31987-0_12
Download citation
DOI: https://doi.org/10.1007/978-3-540-31987-0_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25435-5
Online ISBN: 978-3-540-31987-0
eBook Packages: Computer ScienceComputer Science (R0)