Computationally sound mechanized proofs for basic and public-key Kerberos

Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08

Volumn , Issue , 2008, Pages 87-99

  Blanchet, B ^a   Jaggard, A D ^b   Scedrov, A ^c   Tsay, J K ^c  

^a ECOLE NORMALE SUPÉRIEURE   (France)

^b Center for Discrete Mathematics and Theoretical Computer Science   (United States)

^c UNIVERSITY OF PENNSYLVANIA   (United States)

Author keywords

Automatic verification; Computational model; Kerberos; Key usability; PKINIT

Indexed keywords

AUTOMATIC VERIFICATION; COMPUTATIONAL LEVEL; COMPUTATIONAL MODEL; KERBEROS; MECHANICAL PROOF; PUBLIC KEYS; SECRECY PROPERTIES;

MECHANICAL PROPERTIES;

EID: 70350687722     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1368310.1368326     Document Type: Conference Paper

References (38)

1. M. Abadi and P. Rogaway. Reconciling two views of cryptography (the computational soundness of formal encryption). In First IFIP, volume 1872 of LNCS. Springer, Aug. 2000.
2. M. Abdalla, P.-A. Fouque, and D. Pointcheval. Password-Based Authenticated Key Exchange in the Three-Party Setting. IEE Proc. Information Security, 153 (1), 2006.
3. A. Armando et al. The Avispa tool for the automated validation of internet security protocols and applications. In CAV 2005, volume 3576 of LNCS. Springer.
4. M. Backes, I. Cervesato, A. D. Jaggard, A. Scedrov, and J.-K. Tsay. Cryptographically Sound Security Proofs for Basic and Public-key Kerberos. In ESORICS 2006, volume 4189 of LNCS. Springer, September 2006.
5. M. Backes, B. Pfitzmann, and M. Waidner. A Composable Cryptographic Library with Nested Operations. In CCS'03. ACM, 2003.
6. G. Bella and L. C. Paulson. Using Isabelle to Prove Properties of the Kerberos Authentication System. In DIMACS'97, Workshop on Design and Formal Verification of Security Protocols (CD-ROM), 1997.
7. G. Bella and L. C. Paulson. Kerberos Version IV: Inductive Analysis of the Secrecy Goals. In ESORICS'98, volume 1485 of LNCS. Springer, 1998.
8. M. Bellare, R. Canetti, and H. Krawczyk. Keying hash functions for message authentication. In CRYPTO'96, volume 1109 of LNCS. Springer, 1996.
9. M. Bellare and C. Namprempre. Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. In ASIACRYPT 2000, volume 1976 of LNCS. Springer, December 2000.
10. S. M. Bellovin and M. Merritt. Limitations of the Kerberos Authentication System. In USENIX Conference Proceedings, Winter 1991.
11. B. Blanchet. A computationally sound mechanized prover for security protocols. IEEE Transactions on Dependable and Secure Computing. To appear. Technical report version available at http://eprint.iacr.org/2005/401.
12. B. Blanchet. An efficient cryptographic protocol verifier based on Prolog rules. In CSFW-14, June 2001.
13. B. Blanchet. A Computationally Sound Mechanized Prover for Security Protocols. In IEEE Symposium on Security and Privacy, May 2006.
14. B. Blanchet. Computationally sound mechanized proofs of correspondence assertions. In CSF 2007, July 2007.
15. B. Blanchet and D. Pointcheval. Automated Security Proofs with Sequences of Games. In CRYPTO 2006, volume 4117 of LNCS. Springer, Aug. 2006.
16. A. Boldyreva and V. Kumar. Provable-security analysis of authenticated encryption in Kerberos. In IEEE Symp. Security and Privacy, 2007.
17. F. Butler, I. Cervesato, A. D. Jaggard, A. Scedrov, and C. Walstad. Formal Analysis of Kerberos 5. Theoretical Computer Science, 367 (1-2), 2006.
18. R. Canetti and J. Herzog. Universally composable symbolic analysis of mutual authentication and key exchange protocols. In TCC'06, volume 3876 of LNCS. Springer, March 2006.
19. I. Cervesato, A. D. Jaggard, A. Scedrov, J.-K. Tsay, and C. Walstad. Breaking and fixing public-key Kerberos. Information and Computation, FCS-ARSPA'06 Special Issue. To appear.
20. V. Cortier and B. Warinschi. Computationally sound, automated proofs for security protocols. In ESOP'05, volume 3444 of LNCS. Springer, Apr. 2005.
21. A. Datta, J. Mitchell, and B. Warinschi. Computationally Sound Compositional Logic for Key Exchange Protocols. In CSFW'06, July 2006.
22. C. He, M. Sundararajan, A. Datta, A. Derek, and J. C. Mitchell. A modular correctness proof of TLS and IEEE 802.11i. In CCS'05. ACM, November 2005.
23. IETF. Public Key Cryptography for Initial Authentication in Kerberos, 1996-2006. RFC 4556. Preliminary versions available as a sequence of Internet Drafts at http://tools.ietf.org/wg/krb-wg/draft-ietf-cat-kerberos-pk-init/.
24. A. D. Jaggard, A. Scedrov, and J.-K. Tsay. Computationally Sound Mechanized Proof of PKINIT for Kerberos. Abstract presented at FCC'07.
25. P. Laud. Secrecy Types for a Simulatable Cryptographic Library. In CCS 2005, May 2005.
26. P. D. Lincoln, J. C. Mitchell, M. Mitchell, and A. Scedrov. A probabilistic poly-time framework for protocol analysis. In CCS-5, November 1998.
27. P. D. Lincoln, J. C. Mitchell, M. Mitchell, and A. Scedrov. Probabilistic polynomial-time equivalence and security protocols. In FM'99, volume 1708 of LNCS. Springer, Sept. 1999.
28. G. Lowe. Breaking and Fixing the Needham-Schroeder Public-Key Protocol using FDR. In TACAS'96, volume 1055 of LNCS. Springer, 1996.
29. C. Meadows. Analysis of the Internet Key Exchange Protocol using the NRL Protocol Analyzer. In IEEE Symp. Security and Privacy, 1999.
30. C. A. Meadows. The NRL protocol analyzer: An overview. Journal of Logic Programming, 26 (2), 1996.
31. Microsoft. Security Bulletin MS05-042. http://www.microsoft.com/technet/ security/bulletin/MS05-042.mspx, August 2005.
32. J. Mitchell, A. Ramanathan, A. Scedrov, and V. Teague. A Probabilistic Polynomial-Time Process Calculus for the Analysis of Cryptographic Protocols. Theoretical Computer Science, 353 (1-3), 2006.
33. th USENIX Security Symp., pages 201-216, 1998.
34. C. Neuman, T. Yu, S. Hartman, and K. Raeburn. The Kerberos Network Authentication Service (V5), July 2005. http://www.ietf.org/rfc/rfc4120.
35. K. Raeburn. Encryption and Checksum Specifications for Kerberos 5. http://www.ietf.org/rfc/rfc3961.txt, Feb. 2005.
36. A. Roy, A. Datta, A. Derek, and J. C. Mitchell. Inductive proofs of computational secrecy. In ESORICS 2007, volume 4734 of LNCS. Springer, Sept. 2007.
37. A. Roy, A. Datta, and J. C. Mitchell. Formal proofs of cryptographic security of Diffie-Hellman-based protocols. In TGC'07, Nov. 2007. To appear.
38. C. Sprenger, M. Backes, D. Basin, B. Pfitzmann, and M. Waidner. Cryptographically Sound Theorem Proving. In CSFW 2006, July 2006.