Formal Eavesdropping and Its Computational Interpretation
TACS '01 Proceedings of the 4th International Symposium on Theoretical Aspects of Computer Software
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
A Hierarchy of Authentication Specifications
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Casper: A Compiler for the Analysis of Security Protocols
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Athena: a New Efficient Automatic Checker for Security Protocol Analysis
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Protocol Insecurity with Finite Number of Sessions is NP-Complete
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Computational soundness for standard assumptions of formal cryptography
Computational soundness for standard assumptions of formal cryptography
Analysing protocols subject to guessing attacks
Journal of Computer Security - Special issue on WITS'02
Computationally sound, automated proofs for security protocols
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
The AVISPA tool for the automated validation of internet security protocols and applications
CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
Security protocol verification: symbolic and computational models
POST'12 Proceedings of the First international conference on Principles of Security and Trust
| Hi-index | 0.00 |
One of the most popular abstraction used in security analysis uses abstract, symbolic terms to model the bit strings sent over the network. However, the high level of abstraction blurs the significance of proofs carried out in such models with respect to real executions. In particular, although good encryption functions are randomized, most existing symbolic models for security do not capture explicitly the randomization of ciphertexts. On the other hand, recent results relating symbolic models with cryptographic models require symbolic models where the randomization of ciphertexts is captured explicitly (through the use of labels attached to symbolic ciphertexts). Since little to no tool support exists for the resulting label-based models it may seem necessary to extend the decision procedures and the implementation of existing tools from the simpler models to the models that use labels. In this paper we put forth a more practical alternative. We show that for a large class of security properties (that includes rather standard formulations of secrecy and authenticity), security of protocols with respect to the simpler model implies security in the model that uses labels. Combined with the computational soundness result of [Cortier, V. and Warinschi, B. (2005). Computationally Sound, Automated Proofs for Security Protocols. In Proc. 14th European Symposium on Programming (ESOP'05), volume 3444 of Lecture Notes in Computer Science, pages 157-171. Springer], our theorem enables the translation of security results obtained in symbolic models that do not use labels to standard computational security. Based on these results, we have recently implemented an AVISPA module for verifying security properties in a standard cryptographic model.