Abstract
We propose a general transformation that maps a cryptographic protocol that is secure in an extremely weak sense (essentially in a model where no adversary is present) into a protocol that is secure against a fully active adversary which interacts with an unbounded number of protocol sessions, and has absolute control over the network. The transformation works for arbitrary protocols with any number of participants, written with usual cryptographic primitives. Our transformation provably preserves a large class of security properties that contains secrecy and authenticity.
An important byproduct contribution of this paper is a modular protocol development paradigm where designers focus their effort on an extremely simple execution setting – security in more complex settings being ensured by our generic transformation. Conceptually, the transformation is very simple, and has a clean, well motivated design. Each message is tied to the session for which it is intended via digital signatures and on-the-fly generated session identifiers, and prevents replay attacks by encrypting the messages under the recipient’s public key.
Keywords
- Security Property
- Execution Trace
- Protocol Session
- Passive Adversary
- Honest Agent
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
The work described in this paper has been supported in part by the European Commission through the IST Programme under Contract IST-2002-507932 ECRYPT, and by the French ACI Satin and the French ACI Jeunes Chercheurs JC9005. The information in this document reflects only the author’s views, is provided as is and no guarantee or warranty is given that the information is fit for any particular purpose. The user thereof uses the information at its sole risk and liability.
Download conference paper PDF
References
Abadi, M., Fournet, C., Gonthier, G.: Secure implementation of channel abstractions. Inf. Comput. 174(1), 37–83 (2002)
Bellare, M., Canetti, R., Krawczyk, H.: A modular approach to the design and analysis of authentication and key exchange protocols (extended abstract). In: STOC 1998. Proceedings of the thirtieth annual ACM symposium on Theory of computing, pp. 419–428. ACM Press, New York (1998)
Blanchet, B., Podelski, A.: Verification of cryptographic protocols: Tagging enforces termination. In: Gordon, A.D. (ed.) ETAPS 2003 and FOSSACS 2003. LNCS, vol. 2620, Springer, Heidelberg (2003)
Comon-Lundh, H., Cortier, V.: New decidability results for fragments of first-order logic and application to cryptographic protocols. In: Nieuwenhuis, R. (ed.) RTA 2003. LNCS, vol. 2706, pp. 148–164. Springer, Heidelberg (2003)
Cortier, V., Hördegen, H., Warinschi, B.: Explicit Randomness is not Necessary when Modeling Probabilistic Encryption. In: ICS 2006. Workshop on Information and Computer Security, Timisoara, Romania (September 2006)
Cortier, V., Warinschi, B.: Computationally Sound, Automated Proofs for Security Protocols. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 157–171. Springer, Heidelberg (2005)
Cortier, V., Warinschi, B., Zălinescu, E.: Synthesizing secure protocols. Inria research report, INRIA (April 2007), available at http://www.loria.fr/~cortier/Papiers/compiler.pdf
Datta, A., Derek, A., Mitchell, J.C., Pavlovic, D.: A derivation system and compositional logic for security protocols. J. Comput. Secur. 13(3), 423–482 (2005)
Durgin, N., Lincoln, P., Mitchell, J., Scedrov, A.: Undecidability of bounded security protocols. In: Proc. of the Workshop on Formal Methods and Security Protocols (1999)
Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game. In: STOC 1987. Proceedings of the nineteenth annual ACM conference on Theory of computing, pp. 218–229. ACM Press, New York (1987)
Gong, L., Syverson, P.: Fail-stop protocols: An approach to designing secure protocols. In: DCCA-5. Proceedings of the 5th International Working Conference on Dependable Computing for Critical Applications, pp. 44–55 (1995)
Katz, J., Yung, M.: Scalable protocols for authenticated group key exchange. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 110–125. Springer, Heidelberg (2003)
Lowe, G.: Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996)
Lowe, G.: A hierarchy of authentication specifications. In: CSFW 1997, Rockport, Massachusetts, USA, IEEE Computer Society Press, Los Alamitos (1997)
Lowe, G.: Towards a completeness result for model checking of security protocols. In: CSFW 1998, IEEE Computer Society Press, Los Alamitos (1998)
Ramanujam, R., Suresh, S.P.: A decidable subclass of unbounded security protocols. In: WITS 2003. Proc. IFIP Workshop on Issues in the Theory of Security, Warsaw (Poland), pp. 11–20 (2003)
Rusinowitch, M., Turuani, M.: Protocol insecurity with finite number of sessions is NP-complete. In: CSFW 2001, pp. 174–190. IEEE Computer Society Press, Los Alamitos (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cortier, V., Warinschi, B., Zălinescu, E. (2007). Synthesizing Secure Protocols. In: Biskup, J., López, J. (eds) Computer Security – ESORICS 2007. ESORICS 2007. Lecture Notes in Computer Science, vol 4734. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74835-9_27
Download citation
DOI: https://doi.org/10.1007/978-3-540-74835-9_27
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74834-2
Online ISBN: 978-3-540-74835-9
eBook Packages: Computer ScienceComputer Science (R0)