A Dolev-Yao Model for Zero Knowledge
نویسندگان
چکیده
We propose an extension of the standard Dolev-Yao model of cryptographic protocols to facilitate symbolic reasoning about zeroknowledge proofs. This is accomplished by communicating typed terms, and providing a proof amounts to certifying that a term is of a particular type. We present a proof system for term derivability, which is employed to yield a decision procedure for checking whether a given protocol meets its zero knowledge specification.
منابع مشابه
Computational soundness of symbolic zero-knowledge proofs
The abstraction of cryptographic operations by term algebras, called Dolev-Yao models, is essential in almost all tool-supported methods for proving security protocols. Recently significant progress was made in proving that Dolev-Yao models offering the core cryptographic operations such as encryption and digital signatures can be sound with respect to actual cryptographic realizations and secu...
متن کاملThreshold Homomorphic Encryption in the Universally Composable Cryptographic Library
Protocol security analysis has become an active research topic in recent years. Researchers have been trying to build sufficient theories for building automated tools, which give security proofs for cryptographic protocols. There are two approaches for analysing protocols: formal and computational. The former, often called Dolev-Yao style, uses abstract terms to model cryptographic messages wit...
متن کاملAn Extension of Typed MSR for Specifying Esoteric Protocols and Their Dolev-Yao Intruder
Esoteric protocols, such as electronic cash, electronic voting and selective disclosure protocols, use special message constructors that are not widely used in other types of protocols (for example, in authentication protocols). These message constructors include blind signatures, commitments and zero-knowledge proofs. Furthermore, a standard formalization of the Dolev-Yao intruder [6] does not...
متن کاملModelling Attacker's Knowledge for Cascade Cryptographic Protocols
We address the proof-based development of cryptographic protocols satisfying security properties. Communication channels are supposed to be unsafe. Analysing cryptographic protocols requires precise modelling of the attacker’s knowledge. In this paper we use the event B modelling language to model the knowledge of the attacker for a class of cryptographic protocols called cascade protocols. The...
متن کاملModeling Adversaries in a Logic for Security Protocol Analysis
Logics for security protocol analysis require the formalization of an adversary model that specifies the capabilities of adversaries. A common model is the Dolev-Yao model, which considers only adversaries that can compose and replay messages, and decipher them with known keys. The Dolev-Yao model is a useful abstraction, but it suffers from some drawbacks: it cannot handle the adversary knowin...
متن کامل