Adaptive Soundness of Static Equivalence
نویسندگان
چکیده
We define a framework to reason about implementations of equational theories in the presence of an adaptive adversary. We particularly focus on soundess of static equivalence. We illustrate our framework on different equational theories: symmetric encryption, modular exponentiation and also joint theories of encryption and modular exponentiation. Finally, we define a model for symbolic analysis of dynamic group key exchange protocols, and show its computational soundness.
منابع مشابه
Steve Kremer and Laurent Mazaré Adaptive Soundness of Static Equivalence
We define a framework to reason about sound implemen-tations of equational theories in the presence of an adap-tive adversary. In particular, we focus on soundess of staticequivalence. We illustrate our framework on several equa-tional theories: symmetric encryption, XOR, modular expo-nentiation and also joint theories of encryption and modu-lar exponentiation as well as...
متن کاملComputational Soundness of Formal Indistinguishability and Static Equivalence
In the investigation of the relationship between the formal and the computational view of cryptography, a recent approach, first proposed in [10], uses static equivalence from cryptographic pi calculi as a notion of formal indistinguishability. Previous work [10, 1] has shown that this yields the soundness of natural interpretations of some interesting equational theories, such as certain crypt...
متن کاملComputational soundness of static equivalence
Privacy related properties in electronic voting are naturally expressed as indistinguishability properties. This motivates the study of observational equivalence, as well as static equivalence in the context of the AVOTÉ project. In this report we survey the existing results on the computational soundness of symbolic indistinguishability relations in the presence of a passive adversary, for whi...
متن کاملComputationally Sound Implementations of Equational Theories Against Passive Adversaries
In this paper we study the link between formal and cryptographic models for security protocols in the presence of passive adversaries. In contrast to other works, we do not consider a fixed set of primitives but aim at results for arbitrary equational theories. We define a framework for comparing a cryptographic implementation and its idealization with respect to various security notions. In pa...
متن کاملGuessing Attacks and the Computational Soundness of Static Equivalence
The indistinguishability of two pieces of data (or two lists of pieces of data) can be represented formally in terms of a relation called static equivalence. Static equivalence depends on an underlying equational theory. The choice of an inappropriate equational theory can lead to overly pessimistic or overly optimistic notions of indistinguishability, and in turn to security criteria that requ...
متن کامل