A calculus for cryptographic protocols: the spi calculus
Proceedings of the 4th ACM conference on Computer and communications security
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Foundations of Cryptography: Basic Tools
Foundations of Cryptography: Basic Tools
Formal Eavesdropping and Its Computational Interpretation
TACS '01 Proceedings of the 4th International Symposium on Theoretical Aspects of Computer Software
Encryption-Scheme Security in the Presence of Key-Dependent Messages
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Automated analysis of cryptographic protocols using Mur/spl phi/
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
Computational and Information-Theoretic Soundness and Completeness of Formal Encryption
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
A probabilistic polynomial-time process calculus for the analysis of cryptographic protocols
Theoretical Computer Science
Security under key-dependent inputs
Proceedings of the 14th ACM conference on Computer and communications security
Security analysis of cryptographically controlled access to XML documents
Journal of the ACM (JACM)
Circular-Secure Encryption from Decision Diffie-Hellman
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Optimal communication complexity of generic multicast key distribution
IEEE/ACM Transactions on Networking (TON)
Journal of Computer Security - 20th IEEE Computer Security Foundations Symposium (CSF)
On the (Im)Possibility of Key Dependent Encryption
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Fast Cryptographic Primitives and Circular-Secure Encryption Based on Hard Learning Problems
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Towards key-dependent message security in the standard model
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Corrupting one vs. corrupting many: the case of broadcast and multicast encryption
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Adaptive security of symbolic encryption
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
A type system for computationally secure information flow
FCT'05 Proceedings of the 15th international conference on Fundamentals of Computation Theory
Soundness of formal encryption in the presence of key-cycles
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Computational soundness about formal encryption in the presence of secret shares and key cycles
ICICS'11 Proceedings of the 13th international conference on Information and communications security
Computational soundness of coinductive symbolic security under active attacks
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
| Hi-index | 0.00 |
We analyze the relation between induction, co-induction and the presence of encryption cycles in the context of computationally sound symbolic equivalence of cryptographic expressions. Our main finding is that the use of co-induction in the symbolic definition of the adversarial knowledge allows to prove soundness results without the need to require syntactic restrictions, like the absence of encryption cycles, common to most previous work in the area. Encryption cycles are relevant only to the extent that the key recovery function associated to acyclic expressions can be shown to have a unique fixed point. So, when a cryptographic expression has no encryption cycles, the inductive (least fixed point) and co-inductive (greatest fixed point) security definitions produce the same results, and the computational soundness of the inductive definitions for acyclic expressions follows as a special case of the soundness of the co-inductive definition.