A Computationally Sound Mechanized Prover for Security Protocols

Authors:
Bruno Blanchet
Affiliations:
CNRS, Ecole Normale Superieure, Paris
Venue:
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Year:
2006

Citing 0
Cited 60

Securing the drop-box architecture for assisted living

Proceedings of the fourth ACM workshop on Formal methods in security
Computationally sound secrecy proofs by mechanized flow analysis

Proceedings of the 13th ACM conference on Computer and communications security
Secure sessions for Web services

ACM Transactions on Information and System Security (TISSEC)
Static specification inference using predicate mining

Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
The reactive simulatability (RSIM) framework for asynchronous systems

Information and Computation
A Probabilistic Scheduler for the Analysis of Cryptographic Protocols

Electronic Notes in Theoretical Computer Science (ENTCS)
Analyzing Security Protocols Using Time-Bounded Task-PIOAs

Discrete Event Dynamic Systems
Breaking and fixing public-key Kerberos

Information and Computation
Computationally sound mechanized proofs for basic and public-key Kerberos

Proceedings of the 2008 ACM symposium on Information, computer and communications security
An Integrative Framework to Protocol Analysis and Repair: Bellare-Rogaway Model + Planning + Model Checker

Informatica
Modeling and Analysis of Security Protocols Using Role Based Specifications and Petri Nets

PETRI NETS '08 Proceedings of the 29th international conference on Applications and Theory of Petri Nets
Formalized Information-Theoretic Proofs of Privacy Using the HOL4 Theorem-Prover

PETS '08 Proceedings of the 8th international symposium on Privacy Enhancing Technologies
Towards automated proofs for asymmetric encryption schemes in the random oracle model

Proceedings of the 15th ACM conference on Computer and communications security
Cryptographically verified implementations for TLS

Proceedings of the 15th ACM conference on Computer and communications security
Formal certification of code-based cryptographic proofs

Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Threshold Homomorphic Encryption in the Universally Composable Cryptographic Library

ProvSec '08 Proceedings of the 2nd International Conference on Provable Security
A Formal Language for Cryptographic Pseudocode

LPAR '08 Proceedings of the 15th International Conference on Logic for Programming, Artificial Intelligence, and Reasoning
Computationally sound implementations of equational theories against passive adversaries

Information and Computation
Rewriting Techniques in the Constraint Solver

Electronic Notes in Theoretical Computer Science (ENTCS)
Models and Proofs of Protocol Security: A Progress Report

CAV '09 Proceedings of the 21st International Conference on Computer Aided Verification
The Computational SLR: A Logic for Reasoning about Computational Indistinguishability

TLCA '09 Proceedings of the 9th International Conference on Typed Lambda Calculi and Applications
Modeling and Reasoning about an Attacker with Cryptanalytical Capabilities

Electronic Notes in Theoretical Computer Science (ENTCS)
CoSP: a general framework for computational soundness proofs

Proceedings of the 16th ACM conference on Computer and communications security
Computational soundness for key exchange protocols with symmetric encryption

Proceedings of the 16th ACM conference on Computer and communications security
On Secure Implementation of an IHE XUA-Based Protocol for Authenticating Healthcare Professionals

ICISS '09 Proceedings of the 5th International Conference on Information Systems Security
Modular verification of security protocol code by typing

Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Game-based criterion partition applied to computational soundness of adaptive security

FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
Application of dependency graphs to security protocol analysis

TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Security protocols: principles and calculi tutorial notes

Foundations of security analysis and design IV
Calibrating the power of schedulers for probabilistic polynomial-time calculus

Journal of Computer Security - Security Issues in Concurrency (SecCo'07)
Computational indistinguishability logic

Proceedings of the 17th ACM conference on Computer and communications security
Computationally sound verification of source code

Proceedings of the 17th ACM conference on Computer and communications security
A certifying compiler for zero-knowledge proofs of knowledge based on Σ-protocols

ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Modeling and analyzing security in the presence of compromising adversaries

ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Refinement types for secure implementations

ACM Transactions on Programming Languages and Systems (TOPLAS)
Inductive trace properties for computational security

Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
Computational soundness of symbolic zero-knowledge proofs

Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
How to evaluate the security of real-life cryptographic protocols? the cases of ISO/IEC 29128 and CRYPTREC

FC'10 Proceedings of the 14th international conference on Financial cryptograpy and data security
The computational slr: A logic for reasoning about computational indistinguishability

Mathematical Structures in Computer Science
A Survey of Symbolic Methods in Computational Analysis of Cryptographic Systems

Journal of Automated Reasoning
Automated Proofs for Asymmetric Encryption

Journal of Automated Reasoning
Proving the security of ElGamal encryption via indistinguishability logic

Proceedings of the 2011 ACM Symposium on Applied Computing
Computer-aided security proofs for the working cryptographer

CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Extracting and verifying cryptographic models from C protocol code by symbolic execution

Proceedings of the 18th ACM conference on Computer and communications security
Modular code-based cryptographic verification

Proceedings of the 18th ACM conference on Computer and communications security
A probabilistic hoare-style logic for game-based cryptographic proofs

ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Secure information flow for distributed systems

FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
A user interface for a game-based protocol verification tool

FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Cryptographically sound security proofs for basic and public-key kerberos

ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Limits of the BRSIM/UC soundness of dolev-yao models with hashes

ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Automated security proofs with sequences of games

CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Automated proofs for asymmetric encryption

Concurrency, Compositionality, and Correctness
Certified security proofs of cryptographic protocols in the computational model: an application to intrusion resilience

CPP'11 Proceedings of the First international conference on Certified Programs and Proofs
A computational indistinguishability logic for the bounded storage model

FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
A study on computational formal verification for practical cryptographic protocol: the case of synchronous RFID authentication

FC'11 Proceedings of the 2011 international conference on Financial Cryptography and Data Security
Verified security of redundancy-free encryption from Rabin and RSA

Proceedings of the 2012 ACM conference on Computer and communications security
Adaptive soundness of static equivalence

ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
A vulnerability in the UMTS and LTE authentication and key agreement protocols

MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
Fully automated analysis of padding-based encryption in the computational model

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Tractable inference systems: an extension with a deducibility predicate

CADE'13 Proceedings of the 24th international conference on Automated Deduction

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present a new mechanized prover for secrecy properties of cryptographic protocols. In contrast to most previous provers, our tool does not rely on the Dolev-Yao model, but on the computational model. It produces proofs presented as sequences of games; these games are formalized in a probabilistic polynomial-time process calculus. Our tool provides a generic method for specifying security properties of the cryptographic primitives, which can handle sharedand public-key encryption, signatures, message authentication codes, and hash functions. Our tool produces proofs valid for a number of sessions polynomial in the security parameter, in the presence of an active adversary. We have implemented our tool and tested it on a number of examples of protocols from the literature.