Efficient and timely mutual authentication
ACM SIGOPS Operating Systems Review
STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
The knowledge complexity of interactive proof systems
SIAM Journal on Computing
A probabilistic poly-time framework for protocol analysis
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
A calculus for cryptographic protocols
Information and Computation
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Timestamps in key distribution protocols
Communications of the ACM
Using encryption for authentication in large networks of computers
Communications of the ACM
OCB: a block-cipher mode of operation for efficient authenticated encryption
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Formal Eavesdropping and Its Computational Interpretation
TACS '01 Proceedings of the 4th International Symposium on Theoretical Aspects of Computer Software
Cryptographically Sound and Machine-Assisted Verification of Security Protocols
STACS '03 Proceedings of the 20th Annual Symposium on Theoretical Aspects of Computer Science
Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Relations Among Notions of Security for Public-Key Encryption Schemes
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Mechanized proofs for a recursive authentication protocol
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Honest Ideals on Strand Spaces
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
A Linguistic Characterization of Bounded Oracle Computation and Probabilistic Polynomial Time
FOCS '98 Proceedings of the 39th Annual Symposium on Foundations of Computer Science
A Model for Asynchronous Reactive Systems and its Application to Secure Message Transmission
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Logics for Reasoning about Cryptographic Constructions
FOCS '03 Proceedings of the 44th Annual IEEE Symposium on Foundations of Computer Science
A composable cryptographic library with nested operations
Proceedings of the 10th ACM conference on Computer and communications security
Symmetric Encryption in a Simulatable Dolev-Yao Style Cryptographic Library
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Relating Symbolic and Cryptographic Secrecy
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
A Cryptographically Sound Dolev-Yao Style Security Proof of an Electronic Payment System
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Analysis of the SSL 3.0 protocol
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
Analyzing encryption protocols using formal verification techniques
IEEE Journal on Selected Areas in Communications
Composable Formal Security Analysis: Juggling Soundness, Simplicity and Efficiency
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
| Hi-index | 0.00 |
We present the first cryptographically sound security proof of the well-known Otway-Rees protocol. More precisely, we show that the protocol is secure against arbitrary active attacks including concurrent protocol runs if it is implemented using provably secure cryptographic primitives. We prove secrecy of the exchanged keys with respect to the accepted cryptographic definition of real-or-random secrecy, i.e., indistinguishability of exchanged keys and random ones, given the view of a general cryptographic attacker. Although we achieve security under cryptographic definitions, our proof is performed in a deterministic setting corresponding to a slightly extended Dolev-Yao model; in particular, it does not have to deal with probabilistic aspects of cryptography and is hence in the scope of current proof tools. The reason is that we exploit a recently proposed ideal cryptographic library, which has a provably secure cryptographic implementation, as well as recent results on linking symbolic and cryptographic key secrecy. Besides establishing the cryptographic security of the Otway-Rees protocol, our result also exemplifies the potential of this cryptographic library and the recent secrecy preservation theorem for symbolic yet cryptographically sound proofs of security.