Relating Two Standard Notions of Secrecy
نویسندگان
چکیده
Two styles of definitions are usually considered to express that a security protocol preserves the confidentiality of a data s. Reachability-based secrecy means that sshould never be disclosed while equivalence-based secrecy states that two executions of a protocol with distinct instances for s should be indistinguishable to an attacker. Althoughthe second formulation ensures a higher level of security and is closer to cryptographic notions of secrecy, decidability results and automatic tools have mainly focused on the first definition so far.This paper initiates a systematic investigation of the situations where syntactic se-crecy entails strong secrecy. We show that in the passive case, reachability-based secrecy actually implies equivalence-based secrecy for digital signatures, symmetric and asymmet-ric encryption provided that the primitives are probabilistic. For active adversaries, weprovide sufficient (and rather tight) conditions on the protocol for this implication to hold.
منابع مشابه
Computationally Sound Symbolic Secrecy in the Presence of Hash Functions
The standard symbolic, deducibility-based notions of secrecy are in general insufficient from a cryptographic point of view, especially in presence of hash functions. In this paper we devise and motivate a more appropriate secrecy criterion which exactly captures a standard cryptographic notion of secrecy for protocols involving public-key enryption and hash functions: protocols that satisfy it...
متن کاملOn the Cryptographic Key Secrecy of the Strengthened Yahalom Protocol
Symbolic secrecy of exchanged keys is arguably one of the most important notions of secrecy shown with automated proof tools. It means that an adversary restricted to symbolic operations on terms can never get the entire key into its knowledge set. Cryptographic key secrecy essentially means computational indistinguishability between the real key and a random one, given the view of a much more ...
متن کاملSimultaneous Secrecy and Reliability Amplification for a General Channel Model
We present a general notion of channel for cryptographic purposes, which can model either a (classical) physical channel or the consequences of a cryptographic protocol, or any hybrid. We consider simultaneous secrecy and reliability amplification for such channels. We show that simultaneous secrecy and reliability amplification is not possible for the most general model of channel, but, at lea...
متن کاملWiretap Channels: Nonasymptotic Fundamental Limits
This paper investigates the maximal secret communication rate over a wiretap channel subject to reliability and secrecy constraints at a given blocklength. New achievability and converse bounds are derived, which are uniformly tighter than existing bounds, and lead to the tightest bounds on the second-order coding rate for discrete memoryless and Gaussian wiretap channels. The exact secondorder...
متن کاملFOCAL POINT AND FOCAL K-PLANE
This paper deals with the basic notions of k-tautimmersions . These notions come from two special cases; that is, tight and taut immersions. Tight and taut based on high and distance functions respectively and their basic notions are normal bundle, endpoint map, focal point, critical normal. We generalize hight and distance functions to cylindrical function and define basic notions of k-taut ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2006