How to construct random functions
Journal of the ACM (JACM)
STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
Hierarchical correctness proofs for distributed algorithms
PODC '87 Proceedings of the sixth annual ACM Symposium on Principles of distributed computing
ACM Transactions on Computer Systems (TOCS)
ACM Transactions on Programming Languages and Systems (TOPLAS)
A probabilistic poly-time framework for protocol analysis
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Composition and integrity preservation of secure reactive systems
Proceedings of the 7th ACM conference on Computer and communications security
Journal of the ACM (JACM)
Computer Networking: A Top-Down Approach Featuring the Internet
Computer Networking: A Top-Down Approach Featuring the Internet
Relations Among Notions of Security for Public-Key Encryption Schemes
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
A Concrete Security Treatment of Symmetric Encryption
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Probabilistic encryption & how to play mental poker keeping secret all partial information
STOC '82 Proceedings of the fourteenth annual ACM symposium on Theory of computing
STOC '83 Proceedings of the fifteenth annual ACM symposium on Theory of computing
STOC '83 Proceedings of the fifteenth annual ACM symposium on Theory of computing
Universally Composable Security: A New Paradigm for Cryptographic Protocols
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
A Model for Asynchronous Reactive Systems and its Application to Secure Message Transmission
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
Polynomial Runtime in Simulatability Definitions
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
A derivation system and compositional logic for security protocols
Journal of Computer Security
Simulation-Based Security with Inexhaustible Interactive Turing Machines
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Compositional analysis of contract-signing protocols
Theoretical Computer Science - Automated reasoning for security protocol analysis
Computationally Sound Mechanized Proofs of Correspondence Assertions
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Protocols for secure computations
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
Conditional reactive simulatability
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
On secure orders in the presence of faults
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
The security of triple encryption and a framework for code-based game-playing proofs
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Games and the impossibility of realizable ideal functionality
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Hi-index | 0.01 |
We establish rigorous foundations to the use of modular and layered design for building complex distributed systems, resilient to failures and attacks. Layering is a key to the design of the internet and other distributed systems. Hence, solid, theoretical foundations are essential, especially when considering adversarial settings. A protocol realises a layer (over some lower layer) if it 'wins' with high probability, a specified game, when running over any implementation of the lower layer. This is in contrast to existing frameworks allowing modular design of cryptographic protocols, where protocols must emulate an ideal functionality. Ideal functionalities are a very elegant method for specifications, but we argue that often, game-based specifications are more appropriate, to avoid over-specification ('forcing' a particular design) and under specification (e.g. protocols that work poorly for realistic adversaries). Our results allow specification and analysis of each layer independently, then combining the results to ensure properties of the complete system.