Security analysis of cryptographically controlled access to XML documents
Proceedings of the twenty-fourth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Security analysis of network protocols: logical and computational methods
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
Explicit Randomness is not Necessary when Modeling Probabilistic Encryption
Electronic Notes in Theoretical Computer Science (ENTCS)
Security analysis of cryptographically controlled access to XML documents
Journal of the ACM (JACM)
Modeling and Reasoning about an Attacker with Cryptanalytical Capabilities
Electronic Notes in Theoretical Computer Science (ENTCS)
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Analysis of EAP-GPSK authentication protocol
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Formal proofs of cryptographic security of Diffie-Hellman-based protocols
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Computationally sound analysis of protocols using bilinear pairings
Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
Inductive trace properties for computational security
Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
Computational soundness about formal encryption in the presence of secret shares and key cycles
ICICS'11 Proceedings of the 13th international conference on Information and communications security
Application of formal methods for analysis of authentication protocols
IWDC'04 Proceedings of the 6th international conference on Distributed Computing
Probabilistic polynomial-time semantics for a protocol security logic
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Adaptive security of symbolic encryption
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Entropic security and the encryption of high entropy messages
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Soundness of formal encryption in the presence of key-cycles
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
| Hi-index | 0.00 |
The Dolev-Yao model is a useful and well-known framework in which to analyze security protocols. However, it models the messages of the protocol at a very high level and makes extremely strong assumptions about the power of the adversary. The computational model of cryptography, on the other hand, takes a much lower-level view of messages and uses much weaker assumptions. Despite the large differences between these two models, we have been able to show that there exists a relationship between them. Previous results of ours demonstrate that certain kinds of computational cryptography can result in an equivalence of sorts between the formal and computational adversary. Specifically: (1) We gave an interpretation to the messages of the Dolev-Yao model in terms of computational cryptography, (2) We defined a computational security condition, called weak Dolev-Yao non-malleability, that translates the main assumptions of the Dolev-Yao model into the computational setting, and (3) We demonstrated that this condition is satisfied by a standard definition of computational encryption security called plaintext awareness. In this work, we consider this result and strengthen it in four ways: (1) Firstly, we propose a stronger definition of Dolev-Yao non-malleability which ensures security against a more adaptive adversary. (2) Secondly, the definition of plaintext awareness is considered suspect because it relies on a trusted third party called the random oracle . Thus, we show that our new notion of Dolev-Yao non-malleability is satisfied by a weaker and less troublesome definition for computational encryption called chosen-ciphertext security. (3) Thirdly, we propose a new definition of plaintext-awareness that does not use random oracles, and an implementation. This implementation is conceptually simple, and relies only on general assumptions. Specifically, it can be thought of as a ‘self-referential’ variation on a well-known encryption scheme. (4) Lastly, we show how the computational soundness of the Dolev-Yao model can be maintained even as it is extended to include new operators. In particular, we show how the Diffie-Hellman key-agreement scheme and the computational Diffie-Hellman assumption can be added to the Dolev-Yao model in a computationally sound way. (Copies available exclusively from MIT Libraries, Rm. 14-0551, Cambridge, MA 02139-4307. Ph. 617-253-5668; Fax 617-253-1690.)