On Symbolic Analysis of Cryptographic Protocols
نویسندگان
چکیده
The universally composable symbolic analysis (UCSA) framework layers Dolev-Yao style symbolic analysis on top of the universally composable (UC) secure framework to construct computationally sound proofs of cryptographic protocol security. The original proposal of the UCSA framework by Canetti and Herzog (2004) focused on protocols that only use public key encryption to achieve 2-party mutual authentication or key exchange. This thesis expands the framework to include protocols that use digital signatures as well. In the process of expanding the framework, we identify a flaw in the framework’s use of UC ideal functionality Fpke. We also identify issues that arise when combining Fpke with the current formulation of ideal signature functionality Fsig. Motivated by these discoveries, we redefine the Fpke and Fsig functionalities appropriately. Thesis Supervisor: Ronald L. Rivest Title: Viterbi Professor of Computer Science Thesis Supervisor: Ran Canetti Title: Visiting Scientist
منابع مشابه
Universally Composable Symbolic Analysis of Cryptographic Protocols (The case of encryption-based mutual authentication and key exchange)
Symbolic analysis of cryptographic protocols is dramatically simpler than full-fledged cryptographic analysis. In particular, it is readily amenable to automation. However, symbolic analysis does not a priori carry any cryptographic soundness guarantees. Following recent work on cryptographically sound symbolic analysis, we demonstrate how Dolev-Yao style symbolic analysis can be used to assert...
متن کاملUniversally Composable Symbolic Analysis of Mutual Authentication and Key-Exchange Protocols
Symbolic analysis of cryptographic protocols is dramatically simpler than full-fledged cryptographic analysis. In particular, it is simple enough to be automated. However, symbolic analysis does not, by itself, provide any cryptographic soundness guarantees. Following recent work on cryptographically sound symbolic analysis, we demonstrate how Dolev-Yao style symbolic analysis can be used to as...
متن کاملComputationally Sound Symbolic Analysis of Probabilistic Protocols with Ideal Setups
Recently, many approaches have been proposed for building simple symbolic proofs of cryptographic protocols with computational soundness. However, most of them support only bare-bone execution model without any ideal setup, such as the existence of authenticated channel, and only deterministic protocols. Thus many protocols are not expressible in those models. Following the work of Canetti and ...
متن کاملOn the Symbolic Analysis of Low-Level Cryptographic Primitives: Modular Exponentiation and the Diffie-Hellman Protocol
Automatic methods developed so far for analysis of security protocols only model a limited set of cryptographic primitives (often, only encryption and concatenation) and abstract from low-level features of cryptographic algorithms. This paper is an attempt towards closing this gap. We propose a symbolic technique and a decision method for analysis of protocols based on modular exponentiation, s...
متن کاملSymbolic Analysis of Crypto-Protocols Based on Modular Exponentiation
Automatic methods developed so far for analysis of security protocols only model a limited set of cryptographic primitives (often, only encryption and concatenation) and abstract from low-level features of cryptographic algorithms. This paper is an attempt towards closing this gap. We propose a symbolic technique and a decision method for analysis of protocols based on modular exponentiation, s...
متن کاملAdaptive Security of Symbolic Encryption
We prove a computational soundness theorem for the symbolic analysis of cryptographic protocols which extends an analogous theorem of Abadi and Rogaway (J. of Cryptology 15(2):103–127, 2002) to a scenario where the adversary gets to see the encryption of a sequence of adaptively chosen symbolic expressions. The extension of the theorem of Abadi and Rogaway to such an adaptive scenario is nontri...
متن کامل