Specifying and implementing privacy-preserving cryptographic protocols

Authors:
Theodoros Balopoulos;Stefanos Gritzalis;Sokratis K. Katsikas
Affiliations:
University of the Aegean, Laboratory of Information and Communication Systems Security, Department of Information and Communication Systems Engineering, 83200, Karlovassi, Samos, Greece;University of the Aegean, Laboratory of Information and Communication Systems Security, Department of Information and Communication Systems Engineering, 83200, Karlovassi, Samos, Greece;University of the Aegean, Laboratory of Information and Communication Systems Security, Department of Information and Communication Systems Engineering, 83200, Karlovassi, Samos, Greece
Venue:
International Journal of Information Security
Year:
2008

Citing 0
Cited 1

Designing Information Systems Which Manage or Avoid Privacy Incidents

EuroISI '08 Proceedings of the 1st European Conference on Intelligence and Security Informatics

Quantified Score

Hi-index	0.00

Visualization

Abstract

Formal methods are an important tool for designing secure cryptographic protocols. However, the existing work on formal methods does not cover privacy-preserving protocols as much as other types of protocols. Furthermore, privacy-related properties, such as unlinkability, are not always easy or even possible to prove statically, but need to be checked dynamically during the protocol’s execution. In this paper, we demonstrate how, starting from an informal description of a privacy-preserving protocol in natural language, one may use a modified and extended version of the Typed MSR language to create a formal specification of this protocol, typed in a linkability-oriented type system, and then use this specification to reach an implementation of this protocol in Jif, in such a way that privacy vulnerabilities can be detected with a mixture of static and runtime checks.