POPL '90 Proceedings of the 17th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Entity authentication and key distribution
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Provably secure session key distribution: the three party case
STOC '95 Proceedings of the twenty-seventh annual ACM symposium on Theory of computing
A calculus for cryptographic protocols: the spi calculus
Proceedings of the 4th ACM conference on Computer and communications security
A probabilistic poly-time framework for protocol analysis
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Using encryption for authentication in large networks of computers
Communications of the ACM
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Analyzing the Needham-Schroeder Public-Key Protocol: A Comparison of Two Approaches
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Modelling and verifying key-exchange protocols using CSP and FDR
CSFW '95 Proceedings of the 8th IEEE workshop on Computer Security Foundations
Mechanized proofs for a recursive authentication protocol
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Proving Properties of Security Protocols by Induction
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Probabilistic Noninterference in a Concurrent Language
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
A Linguistic Characterization of Bounded Oracle Computation and Probabilistic Polynomial Time
FOCS '98 Proceedings of the 39th Annual Symposium on Foundations of Computer Science
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Automated analysis of cryptographic protocols using Mur/spl phi/
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Theory and application of trapdoor functions
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
Mathematical Models of Computer Security
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
FME '02 Proceedings of the International Symposium of Formal Methods Europe on Formal Methods - Getting IT Right
Probabilistic Analysis of Anonymity
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Inductive trace properties for computational security
Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
On the relationships between notions of simulation-based security
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
A type system for computationally secure information flow
FCT'05 Proceedings of the 15th international conference on Fundamentals of Computation Theory
Machine-checked security proofs of cryptographic signature schemes
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Automated security proofs with sequences of games
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Games and the impossibility of realizable ideal functionality
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Universally composable symbolic analysis of mutual authentication and key-exchange protocols
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Computational verification of C protocol implementations by symbolic execution
Proceedings of the 2012 ACM conference on Computer and communications security
| Hi-index | 0.00 |
We use properties of observational equivalence for a probabilistic process calculus to prove an authentication property of a cryptographic protocol. The process calculus is a form of π -calculus, with probabilistic scheduling instead of nondeterminism, over a term language that captures probabilistic polynomial time. The operational semantics of this calculus gives priority to communication over private channels, so that the presence of private communication does not affect the observable probability of visible actions. Our definition of observational equivalence involves asymptotic comparison of uniform process families, only requiring equivalence to within vanishing error probabilities. This definition differs from previous notions of probabilistic process equivalence that require equal probabilities for corresponding actions; asymptotics fit our intended application and make equivalence transitive, thereby justifying the use of the term "equivalence." Our security proof uses a series of lemmas about probabilistic observational equivalence that may well prove useful for establishing correctness of other cryptographic protocols.