A new polynomial-time algorithm for linear programming
Combinatorica
A probabilistic poly-time framework for protocol analysis
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Cryptography: Theory and Practice
Cryptography: Theory and Practice
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Relating Symbolic and Cryptographic Secrecy
IEEE Transactions on Dependable and Secure Computing
Computational soundness for standard assumptions of formal cryptography
Computational soundness for standard assumptions of formal cryptography
A Computationally Sound Mechanized Prover for Security Protocols
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Cryptographically Sound Theorem Proving
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption)
Journal of Cryptology
Theoretical Computer Science
Lagrange multipliers and maximum information leakage in different observational models
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Cryptographically-Sound Protocol-Model Abstractions
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Estimating the maximum information leakage
International Journal of Information Security
A cryptographically sound security proof of the Needham-Schroeder-Lowe public-key protocol
IEEE Journal on Selected Areas in Communications
Hi-index | 0.00 |
We propose a probabilistic framework for the analysis of security protocols. The proposed framework allows one to model and reason about attackers that extend the usual Dolev-Yao adversary with explicit probabilistic statements representing properties of cryptographic primitives and the attacker's (partial) information about secret messages. The expressive power of these probabilistic statements is illustrated, namely by representing a standard security notion like indistinguishability under chosen plaintext attacks. We present an entropy-based approach to estimate the probability of a successful attack on a protocol given the prescribed knowledge of the attacker. We prove that, for an attacker whose knowledge increases with the security parameter, computing this quantity is NP-hard in the security parameter. However, we are still able to analyze a few meaningful and illustrative examples. Finally, we obtain a result which may be used to prove that a certain amount of probabilistic knowledge (about the properties of the cryptography being used) is not enough for allowing an attacker to correctly uncover a secret with non-negligible probability.