Towards computationally sound symbolic analysis of key exchange protocols

FMSE'05: Proceedings of the 2005 ACM Workshop on Formal Methods in Security Engineering

Volumn , Issue , 2005, Pages 23-32

  Gupta, Prateek ^a   Shmatikov, Vitaly ^a  

^a UNIVERSITY OF TEXAS AT AUSTIN   (United States)

Author keywords

Computational soundness; Cryptographic protocols; Protocol logic; Symbolic analysis

Indexed keywords

ELECTRONIC DOCUMENT IDENTIFICATION SYSTEMS; NETWORK PROTOCOLS; PUBLIC KEY CRYPTOGRAPHY; SECURITY OF DATA;

CRYPTOGRAPHIC PROTOCOLS; PROTOCOL LOGIC; SYMBOLIC ANALYSIS;

CODES (SYMBOLS);

EID: 31844437459     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1103576.1103580     Document Type: Conference Paper

References (35)

1. M. Abadi and P. Rogaway. Reconciling two views of cryptography (the computational soundness of formal encryption). J. Cryptology, 15(2):103-127, 2002.
2. M. Backes and B. Pfitzmann. Relating symbolic and cryptographic secrecy. In Proc. IEEE Symposium on Security and Privacy, pages 171-182. IEEE, 2005.
3. M. Backes, B. Pfitzmann, and M. Waidner. A composable cryptographic library with nested operations. In Proc. 10th ACM Conference on Computer and Communications Security (CCS), pages 220-230. ACM, 2003.
4. M. Backes, B. Pfitzmann, and M. Waidner, A general composition theorem for secure reactive systems. In Proc. 1st Theory of Cryptography Conference (TCC), volume 3378 of LNCS, pages 336-354. Springer-Verlag, 2004.
5. D. Beaver. Secure multiparty protocols and zero-knowledge proof systems tolerating a faulty minority. J. Cryptology, 4(2):75-122, 1991.
6. M. Bellare, R. Canetti, and H. Krawczyk. A modular approach to the design and analysis of authentication and key exchange protocols. In Proc. 30th Annual ACM Symposium on Theory of Computing (STOC), pages 419-428. ACM, 1998.
7. M. Bellare and P. Rogaway. Entity authentication and key distribution, In Proc. Advances in Cryptology - CRYPTO 1993, volume 773, pages 232-249. Springer-Verlag, 1993.
8. R. Bird, I. Gopal, A. Herzberg, P. Janson, S. Kutton, R. Molva, and M. Yung. Systematic design of two-party authentication protocols. In Proc. Advances in Cryptology CRYPTO 1991, volume 576 of LNCS, pages 44-61. Springer-Verlag, 1991.
9. S. Blake-Wilson, D. Johnson, and A. Menezes. Key agreement protocols and their security analysis. In Proc. 6th IMA International Conference on Cryptography and Coding, pages 30-45, 1997.
10. R. Canetti. Studies in secure multiparty computation and applications. PhD thesis, The Weizmann Institute of Science, 1995.
11. R. Canetti. Security and composition of multiparty cryptographic protocols. J. Cryptology, 13(1): 143-202, 2000.
12. R. Canetti, Universally composable security: a new paradigm for cryptographic protocols, In Proc. 42nd Annual Symposium on Foundations of Computer Science (FOCS), pages 136-145. IEEE, 2001. Full version at http://eprint.iacr.org/2000/067.
13. R. Canetti. Universally composable signature, certification, and authentication. In Proc. 17th IEEE Computer Security Foundations Workshop (CSFW), pages 219-233. IEEE, 2004. Full version at http://eprint.iacr.org/2003/ 329.
14. R. Canetti and I. Herzog. Universally composable symbolic analysis of cryptographic protocols (the case of encryption-based mutual authentication and key exchange). http://eprint.iacr.org/2004/334, 2005.
15. R. Canetti and H. Krawczyk. Analysis of key-exchange protocols and their use for building secure channels. In Proc. Advances in Cryptology - EUROCRYPT 2001, volume 2045 of LNCS, pages 453-474. Springer-Verlag, 2001.
16. R. Canetti and H. Krawczyk. Universally composable notions of key exchange and secure channels. In Proc. Advances in Cryptology - EUROCRYPT 2002, volume 2332 of LNCS, pages 337-351. Springer-Verlag, 2002. Full version at http://eprint.iacr.org/2002/059.
17. R. Canetti and T. Rabin. Universal composition with joint state. In Proc. Advances in Cryptology - CRYPTO 2003, volume 2729 of LNCS, pages 265-281. Springer-Verlag, 2003.
18. V. Cortier and B. Warinschi. Computationally sound, automated proofs for security protocols, In Proc. 14th European Symposium on Programming (ESOP), volume 3444 of LNCS, pages 157-171. Springer-Verlag, 2005.
19. A. Datta, A. Derek, J.C. Mitchell, and D. Pavlovic. A derivation system for security protocols and its logical formalization, In Proc. 16th IEEE Computer Security Foundations Workshop (CSFW), pages 109-125. IEEE, 2003.
20. A. Datta, A. Derek, J.C. Mitchell, V. Shmatikov, and M. Turuani. Probabilistic polynomial-time semantics for a protocol security logic. In Proc. 32nd International Colloquium on Automata, Languages and Programming (ICALP) - to appear, 2005.
21. T. Dierks and C. Allen. The TLS protocol Version 1.0. Internet RFC: http://www.ietf.org/rfc/rfc2246.txt, January 1999.
22. W. Diffie, P. van Oorschot, and M. Wiener. Authentication and authenticated key exchange. Designs, Code, and Cryptography, 2(2):107-125, 1992.
23. N. Durgin, J.C. Mitchell, and D. Pavlovic. A compositional logic for proving security properties of protocols. J. Computer Security, 11(4):677-722, 2003.
24. O. Goldreich, Foundations of Cryptography: Volume II (Basic Applications). Cambridge University Press, 2004.
25. S. Goldwasser, S. Micali, and R. Rivest, A digital signature scheme secure against adaptive chosen-message attack. SIAM J. Computing, 17(2):281-308, 1988.
26. P. Gupta and V. Shmatikov. Towards computationally sound symbolic analysis of key exchange protocols. http://eprint.iacr.org/2005/171.2005.
27. R. Impagliazzo and D. Zuckerman. How to recycle random bits. In Proc. 30th Annual Symposium on Foundations of Computer Science (FOCS), pages 248-253. IEEE, 1989.
28. C. Kaufman (ed.). Internet key exchange (IKEv2) protocol. Internet draff. http://www.ietf.org/internet-drafts/Neumandraft-ietf-ipsec-ikev2-17.txt, September 2004.
29. J. Kohl and C. Neuman. The Kerberos network authentication service (V5). Internet RFC: http://www.ietf.org/rfc/rfc1510.txt, September 1993.
30. P. Laud. Symmetric encryption in automatic analyses for confidentiality against active adversaries. In Proc. IEEE Symposium on Security and Privacy, pages 71-85. IEEE, 2004.
31. D. Micciancio and B. Warinschi. Completeness theorems for the Abadi-Rogaway language of encrypted expressions. J. Computer Security, 12(1):99-130, 2004.
32. D. Micciancio and B. Warinschi. Soundness of formal encryption in the presence of active adversaries. In Proc. 1st Theory of Cryptography Conference (TCC), volume 3378 of LNCS, pages 133-151. Springer-Verlag, 2004.
33. B. Pfitzmann and M. Waidner, A model for asynchronous reactive systems and its application to secure message transmission. In Proc. IEEE Symposium on Security and Privacy, pages 184-200. IEEE, 2001.
34. V. Shoup. On formal models for secure key exchange (version4). http://shoup.net/papers/skey.pdf, November 1999.
35. F. Thayer, J. Herzog, and J. Guttman, Strand spaces: proving security protocols correct. J. Computer Security, 7(1), 1999.