Computationally sound secrecy proofs by mechanized flow analysis

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2006, Pages 370-379

  Backes, Michael ^a   Laud, Peeter ^b  

^a SAARLAND UNIVERSITY   (Germany)

^b UNIVERSITY OF TARTU   (Estonia)

Author keywords

Data flow analysis; Simulatability

Indexed keywords

ABSTRACTING; DATA FLOW ANALYSIS; INFORMATION MANAGEMENT; LOGIC PROGRAMMING; NETWORK PROTOCOLS; PUBLIC KEY CRYPTOGRAPHY;

CRYPTOGRAPHIC SECRECY DEFINITIONS; SECURITY PROTOCOLS; SIMULATABILITY;

SECURITY OF DATA;

EID: 34547340512     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1180405.1180450     Document Type: Conference Paper

References (51)

1. M. Abadi. Secrecy by Typing in Security Protocols. Journal of the ACM, 46(5):749-786, Sept. 1999.
2. M. Abadi and B. Blanchet. Secrecy types for asymmetric communication. Theoretical Computer Science, 298(3):387-4.15, 2003.
3. M. Abadi and B. Blanchet. Analyzing Security Protocols with Secrecy Types and Logic Programs. Journal of the ACM, 52(1): 102-146, Jan. 2005.
4. M. Abadi and A. D. Gordon. A calculus for cryptographic protocols: The spi calculus. In Proc. 4th ACM CCS, pages 36-47, 1997.
5. M. Abadi and P. Rogaway. Reconciling two views of cryptography: The computational soundness of formal encryption. In Proc. 1st IFIP TCS, volume 1872 of LNCS, pages 3-22. Springer, 2000.
6. M. Backes. A cryptographically sound Dolev-Yao style security proof of the Otway-Rees protocol. In Proc. 9th ESORICS, volume 3193 of LNCS, pages 89-108. Springer, 2004.
7. M. Backes and P. Laud. Computationally Sound Secrecy Proofs by Mechanized Flow Analysis. Cryptology ePrint Archive: Report 2006/266, 10 Aug. 2006.
8. M. Backes and B. Pfitzmann. A cryptographically sound security proof of the Needham-Schroeder-Lowe public-key protocol. IEEE Journal on Selected Areas in Comm., 22(10):2075-2086, 2004.
9. M. Backes and B. Pfitzmann. Symmetric encryption in a simulatable Dolev-Yao style cryptographic library. In Proc. 17th IEEE CSFW, pages 204-218, 2004.
10. M. Backes and B. Pfitzmann. Relating symbolic and cryptographic secrecy. IEEE Transactions on Dependable and Secure Computing, 2(2):109-123, 2005.
11. M. Backes, B. Pfitzmann, and M. Waidner. A composable cryptographic library with nested operations. In Proc. 10th ACM CCS, pages 220-230, 2003.
12. M. Backes, B. Pfitzmann, and M. Waidner. Symmetric authentication within a simulatable cryptographic library. In Proc. 8th ESORICS, volume 2808 of LNCS, pages 271-290. Springer, 2003.
13. D. Basin, S. Mödersheim, and L. Viganò. OFMC: A symbolic model checker for security protocols. Intern. Journal of Information Security, 2004.
14. M. Baudet, V. Cortier, and S. Kremer. Computationally sound implementations of equational theories against passive adversaries. In Pmc. 32nd ICALP, volume 3580 of LNCS, pages 652-663. Springer, 2005.
15. B. Blanchet. A computationally sound mechanized prover for security protocols. In Proc. 27th IEEE Symp. on Security & Privacy, pages 140-154, 2006.
16. C. Bodei, M. Buchholtz, P. Degano, F. Nielson, and H. R. Nielson. Static Validation of Security Protocols. Journal of Computer Security, 13(3):347-390, 2005.
17. M. Burrows, M. Abadi, and R. Needham. A Logic of Authentication. ACM Transactions on Computer Systems, 8(1):18-36, Feb. 1990.
18. R. Canetti. Universally composable security: A new paradigm for cryptographic protocols. In Proc. 42nd IEEE FOCS, pages 136-145, 2001.
19. R. Canetti and J. Herzog. Universally composable symbolic analysis of mutual authentication and key exchange protocols. In Proc. 3rd TCC, pages 380-403. Springer, 2006.
20. V. Cortier and B. Warinschi. Computationally sound, automated proofs for security protocols. In Proc. 14th ESOP, pages 157-171, 2005.
21. A. Datta, A. Derek, J. Mitchell, V. Shmatikov, and M. Turuani. Probabilistic polynomial-time semantics for a protocol security logic. In Pmc. 32nd ICALP, volume 3580 of LNCS, pages 16-29. Springer, 2005.
22. D. Dolev and A. C. Yao. On the security of public key protocols. IEEE Transactions on Information Theory, 29(2):198-208, 1983.
23. S. Even and O. Goldreich. On the security of multi-party ping-pong protocols. In Proc. 24th IEEE FOCS, pages 34-39, 1983.
24. C. Fecht and H. Seidl. An Even Faster Solver for General Systems of Equations. In Proc. 3rd SAS, volume 1145 of LNCS, pages 189-204. Springer, 1996.
25. A. D. Gordon and A. Jeffrey. Authenticity by Typing for Security Protocols. Journal of Computer Security, 11(4):451-520, 2003.
26. A. D. Gordon and A. Jeffrey. Typing correspondence assertions for communication protocols. Theoretical. Computer Science, 300(1-3):379-409, 7 May 2003.
27. A. D. Gordon and A. Jeffrey. Types and effects for asymmetric cryptographic protocols. Journal of Computer Security, 12(3-4):435-483, 2004.
28. J. D. Guttman, F. J. Thayer Fabrega, and L. Zuck. The faithfulness of abstract protocol analysis: Message authentication. In Proc. 8th ACMCCS, pages 186-195, 2001.
29. J. Herzog, M. Liskov, and S. Micali. Plaintext awareness via key registration. In Proc. CRYPTO 2003, volume 2729 of LNCS, pages 548-564. Springer, 2003.
30. R. Impagliazzo and B. M. Kapron. Logics for reasoning about cryptographic constructions. In Proc. 44th IEEE FOCS, pages 372-381, 2003.
31. R. Kemmerer, C. Meadows, and J. Milien. Three systems for cryptographic protocol analysis. Journal of Cryptology, 7(2):79-130, 1994.
32. P. Laud. Semantics and program analysis of computationally secure information flow. In Pmc. 10th ESOP, pages 77-91, 2001.
33. P. Laud. Handling Encryption in Analyses for Secure Information Flow. In Proc. ESOP 2003, volume 2618 of LNCS, pages 159-173. Springer, 2003.
34. P. Laud. Symmetric encryption in automatic analyses for confidentiality against active adversaries. In Proc 25th IEEE Symp. on Security & Privacy, pages 71-85, 2004.
35. P. Laud. Secrecy types for a simulatable cryptographic library. In Pm. 12th ACM CCS, pages 26-35, 2005.
36. P. Laud and V. Vene. A Type System for Computationally Secure Information Flow. In Pmc. 15th FCT, volume 3623 of LNCS, pages 365-377. Springer, 2005.
37. P. Lincoln, J. Mitchell, M. Mitchell, and A. Scedrov. A probabilistic poly-time framework for protocol analysis. In Proc. 5th ACM CCS, pages 112-121, 1998.
38. G. Lowe. Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In Prve. 2nd TACAS, volume 1055 of LNCS, pages 147-166. Springer, 1996.
39. M. Merritt. Cryptographic Protocols. PhD thesis, Georgia Institute of Technology, 1983.
40. D. Micciancio and B. Warinschi. Soundness of formal encryption in the presence of active adversaries. In Proc. 1st TCC, volume 2951 of LNCS, pages 133-151. Springer, 2004.
41. J. Mitchell, M. Mitchell, and A. Scedrov. A linguistic characterization of bounded oracle computation and probabilistic polynomial time. In Proc. 39th FOCS, pages 725-733, 1998.
42. R. M. Needham and M. D. Schroeder. Using Encryption for Authentication in Large Networks of Computers. Communications of the ACM, 21(12):993-999, Dec. 1978.
43. D. Otway and O. Rees. Efficient and timely mutual authentication. Operating Systems Review, 21(1):8-10, 1987.
44. L. Paulson. The inductive approach to verifying cryptographic protocols. Journal of Cryptology, 6(1):85-128, 1998.
45. B. Pfitzmann and M. Waidner. Composition and integrity preservation of secure reactive systems. In Proc. 7th ACM CCS, pages 245-254, 2000.
46. B. Pfitzmann and M. Waidner. A model for asynchronous reactive systems and its application to secure message transmission. In Proc. 22nd IEEE Symp. on Security & Privacy, pages 184-200, 2001. Extended version (with M, Backes) in IACR ePrint Report 2004/082.
47. S. Schneider. Security properties and CSP. In Pmc. 17th IEEE Symp. on Security & Privacy, pages 174-187, 1996.
48. C. Sprenger, M. Backes, D. Basin, B. Pfitzmann, and M. Waidner. Cryptographically sound theorem proving. In Pmc 19th IEEE CSFW, 2006.
49. P. F. Syverson. A Taxonomy of Replay Attacks. In Proceedings of the 7th IEEE CSFW, pages 187-191, 1994.
50. V. Vojdani. Mitmelõimeliste C-programmide kraasimine analüsaatoriga Goblin (Liming multi-threaded C programs with the Goblin). Master's thesis, Tartu University, 2006.
51. R. Wilhelm, S. Sagiv, and T. W. Reps. Shape Analysis. In Proc 9th CC, volume 1781 of LNCS, pages 1-17. Springer, 2000.