A calculus for cryptographic protocols: the spi calculus
Proceedings of the 4th ACM conference on Computer and communications security
A probabilistic poly-time framework for protocol analysis
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Formal Eavesdropping and Its Computational Interpretation
TACS '01 Proceedings of the 4th International Symposium on Theoretical Aspects of Computer Software
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
Cryptographically Sound and Machine-Assisted Verification of Security Protocols
STACS '03 Proceedings of the 20th Annual Symposium on Theoretical Aspects of Computer Science
Computational Probabilistic Non-interference
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Casper: A Compiler for the Analysis of Security Protocols
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Polynomial Fairness and Liveness
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Intransitive Non-Interference for Cryptographic Purposes
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
A Model for Asynchronous Reactive Systems and its Application to Secure Message Transmission
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Cryptographic protocols
A composable cryptographic library with nested operations
Proceedings of the 10th ACM conference on Computer and communications security
Symmetric Encryption in a Simulatable Dolev-Yao Style Cryptographic Library
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Computationally sound secrecy proofs by mechanized flow analysis
Proceedings of the 13th ACM conference on Computer and communications security
The reactive simulatability (RSIM) framework for asynchronous systems
Information and Computation
Preservation of epistemic properties in security protocol implementations
TARK '07 Proceedings of the 11th conference on Theoretical aspects of rationality and knowledge
Securing nonintrusive web encryption through information flow
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Journal of Computer Security - 20th IEEE Computer Security Foundations Symposium (CSF)
Modeling and Reasoning about an Attacker with Cryptanalytical Capabilities
Electronic Notes in Theoretical Computer Science (ENTCS)
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
AuraConf: a unified approach to authorization and confidentiality
Proceedings of the 7th ACM SIGPLAN workshop on Types in language design and implementation
A Survey of Symbolic Methods in Computational Analysis of Cryptographic Systems
Journal of Automated Reasoning
Soundness of formal encryption in the presence of key-cycles
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Cryptographically sound security proofs for basic and public-key kerberos
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Formal methods and cryptography
FM'06 Proceedings of the 14th international conference on Formal Methods
Security protocol verification: symbolic and computational models
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Analysing TLS in the strand spaces model
Journal of Computer Security
Hi-index | 0.00 |
We investigate the relation between symbolic and cryptographic secrecy properties for cryptographic protocols. Symbolic secrecy of payload messages or exchanged keys is arguably the most important notion of secrecy shown with automated proof tools. It means that an adversary restricted to symbolic operations on terms can never get the entire considered object into its knowledge set. Cryptographic secrecy essentially means computational indistinguishability between the real object and a random one, given the view of a much more general adversary. In spite of recent advances in linking symbolic and computational models of cryptography, no relation for secrecy under active attacks is known yet. For exchanged keys, we show that a certain strict symbolic secrecy definition over a specific Dolev-Yao-style cryptographic library implies cryptographic key secrecy for a real implementation of this cryptographic library. For payload messages, we present the first general cryptographic secrecy definition for a reactive scenario. The main challenge is to separate secrecy violations by the protocol under consideration from secrecy violations by the protocol users in a general way. For this definition, we show a general secrecy preservation theorem under reactive simulatability, the cryptographic notion of secure implementation. This theorem is of independent cryptographic interest. We then show that symbolic secrecy implies cryptographic payload secrecy for the same cryptographic library as used in key secrecy. Our results thus enable formal proof techniques to establish cryptographically sound proofs of secrecy for payload messages and exchanged keys.