Filters








12,976 Hits in 3.0 sec

Secure Composition of Cryptographic Protocols [chapter]

Vipul Goyal
2011 Lecture Notes in Computer Science  
This is an explicit attack which establishes general impossibility of designing secure protocols in the concurrent setting.  ...  concurrent secure computation (where there is an apriori bound on the total number of concurrent sessions), standalone protocol execution with man-in-the-middle (i.e., the setting of nonmalleable protocols  ...  This is an explicit attack which establishes general impossibility of designing secure protocols in the concurrent setting.  ... 
doi:10.1007/978-3-642-24316-5_2 fatcat:2o6n4gsvrzau3ph6y5tjyzqm7a

Secure Composition of Cryptographic Protocols [chapter]

Vipul Goyal
2011 Lecture Notes in Computer Science  
This is an explicit attack which establishes general impossibility of designing secure protocols in the concurrent setting.  ...  concurrent secure computation (where there is an apriori bound on the total number of concurrent sessions), standalone protocol execution with man-in-the-middle (i.e., the setting of nonmalleable protocols  ...  This is an explicit attack which establishes general impossibility of designing secure protocols in the concurrent setting.  ... 
doi:10.1007/978-3-642-25560-1_4 fatcat:5ncmeyaquvf2fcwqrfx7d6t4eq

Security and composition of cryptographic protocols

Ran Canetti
2006 ACM SIGACT News  
Part 2: Security and composition • Discuss secure protocol composition: -Show what can go wrong -Discuss settings and requirements • Demonstrate the limited compositional properties of the basic definition  ...  ( Why isn't basic security preserved under concurent composition?  ...  Two benefits of security-preserving composition of protocols Parallel composition of ZK protocols [Goldreich-Krawczyk88]: • Assume the following gadget.  ... 
doi:10.1145/1165555.1165570 fatcat:vy7qgjym6bdadjabqvou52dtia

Term-based composition of security protocols [article]

Bela Genge, Piroska Haller, Ovidiu Ratoi, Iosif Ignat
2009 arXiv   pre-print
In the context of security protocol parallel composition, where messages belonging to different protocols can intersect each other, we introduce a new paradigm: term-based composition (i.e. the composition  ...  We illustrate the proposed composition process by using two existing protocols.  ...  SECURITY REQUIREMENTS The composition of security protocols can not be made by simply adding messages to one protocol.  ... 
arXiv:0908.3083v1 fatcat:nul7rl4xpbf3dmhueeeu3f7miu

Informal specification-based performance evaluation of security protocols

Genge Bela, Haller Piroska, Iosif Ignat, Ovidiu Ratoi
2008 2008 4th International Conference on Intelligent Computer Communication and Processing  
We propose a performance evaluation method for security protocols.  ...  We illustrate the applicability of our method by comparatively analyzing the performance of the original CCITT X.509 protocol and a slightly modified version of the same protocol.  ...  The composition process makes use of the informal [6] specification of security protocols which does not include any implementation-related information such as selected cryptographic algorithm, key size  ... 
doi:10.1109/iccp.2008.4648372 fatcat:vrqytbgskffpfmy7ae7lkgbmau

Towards Quantum-resistant Virtual Private Networks

Joo Cho, Stefan-Lukas Gazdag, Alexander von Gernler, Helmut Grießer, Sophia Grundner-Culemann, Tobias Guggemos, Tobias Heider, Daniel Loebenberger
2019 Krypto-Tag  
Consequently, a new class of cryptographic schemes which are secure against attacks from quantum computers is being developed and standardized [5].  ...  To make the protocols post-quantum safe not only the cryptographic primitives have to be replaced, but also the structure of the protocol has to be modified [11, 2] .  ...  Consequently, a new class of cryptographic schemes which are secure against attacks from quantum computers is being developed and standardized [5] .  ... 
doi:10.18420/cdm-2019-31-22 dblp:conf/kryptotag/ChoGGGGGHL19 fatcat:ucttzkh3ovdntffjcx736fde3m

Universal Composability is Secure Compilation [article]

Marco Patrignani, Riad S. Wahby, Robert Künnemann
2020 arXiv   pre-print
Universal composability is a framework for the specification and analysis of cryptographic protocols with a strong compositionality guarantee: UC protocols are secure even when composed with other protocols  ...  This paper outlines the connection between universal composability and robust compilation, the latest of secure compilation theories.  ...  Acknowledgements: This work was partially supported by the German Federal Ministry of Education and Research (BMBF) through funding for the CISPA-Stanford Center for Cybersecurity (FKZ: 13N1S0762).  ... 
arXiv:1910.08634v2 fatcat:pedvgaujufhali2tix7l67y4ta

Classical cryptographic protocols in a quantum world

Sean Hallgren, Adam Smith, Fang Song
2015 International Journal of Quantum Information  
Cryptographic protocols, such as protocols for secure function evaluation (SFE), have played a crucial role in the development of modern cryptography.  ...  Our main contribution is showing the existence of classical two-party protocols for the secure evaluation of any polynomial-time function under reasonable computational assumptions (for example, it suffices  ...  The only general composition framework we know of for stand-alone protocols is that of Fehr and Schaffner [21] , which applies only to information-theoretically secure protocols of a particular form (  ... 
doi:10.1142/s0219749915500288 fatcat:snylg7x6svdnfaklwglowqz5zq

On Classical Cryptographic Protocols in Post-Quantum World

István Vajda
2017 International Journal of Computer Network and Information Security  
This way and by applying the Unruh's Quantum Lifting Theorem as well as the Quantum Universal Composition Theorem we gain a computationally quantum UC-secure protocol from a classical UC-secure protocol  ...  Index Terms-Post-quantum cryptography, cryptographic protocols, universal composability.  ...  The (classical) UC composition theorem implies that the hybrid protocol is also a (classical) UC-secure realization of the task.  ... 
doi:10.5815/ijcnis.2017.08.01 fatcat:pje7deeesvfhzhopt3dm5o7jhq

Compositionality of Security Protocols: A Research Agenda

Cas Cremers
2006 Electronical Notes in Theoretical Computer Science  
In this paper we identify a number of issues that are relevant to applying formal methods to the problem of security protocol composition.  ...  One of the main reasons for this is that these protocols are composed of several sub-protocols. Such a composition of protocols is not addressed in the majority of formalisms.  ...  The security protocol analysis works at a different level of abstraction than the cryptographic primitives.  ... 
doi:10.1016/j.entcs.2004.12.047 fatcat:imwclgyajzb7digp6nz6r6axf4

miTLS: Verifying Protocol Implementations against Real-World Attacks

Karthikeyan Bhargavan, Cedric Fournet, Markulf Kohlweiss
2016 IEEE Security and Privacy  
Using compositional provable security techniques, one should be able to prove the security of each construction, and then put these proofs together to obtain a security theorem for TLS.  ...  For the last 20 years, the security of TLS has been analyzed in a variety of cryptographic and programming models, in order to establish strong formal guarantees for various configurations of the protocol  ... 
doi:10.1109/msp.2016.123 fatcat:fisjry37bzexpdcl26l67e67p4

Cryptanalysis and protocol failures (abstract)

Gustavus J. Simmons
1993 Proceedings of the 1st ACM conference on Computer and communications security - CCS '93  
Most information integrity protocols depend crucially on one or more cryptographic or crypto-like operations to deny unauthorized access to, or use of, information whose integrity the protocol is intended  ...  What is not obvious, however, and indeed often comes as a shock to a protocol designer or user, is that a protocol can be completely subverted without impeaching, or even eroding, the security of the underlying  ...  Cryptographic algorithms are simply component elements in the design of protocols --and as we've indicated, the security of the one does not necessarily imply the security of the other.  ... 
doi:10.1145/168588.168614 dblp:conf/ccs/Simmons93 fatcat:dyoriczg55ajhbskkejygsfgbq

Modeling Complexity in Secure Distributed Computing [chapter]

Christian Cachin
2003 Lecture Notes in Computer Science  
Thus, (probabilistically) uniformly bounded statistics are closed under polynomial composition, which is their main benefit for analyzing the composition of (randomized) cryptographic protocols.  ...  We argue that an integration of these two approaches is necessary for reasoning about the security of cryptographic protocols in distributed systems.  ... 
doi:10.1007/3-540-37795-6_11 fatcat:bmdwawomqbdrznbmqkblupiruu

Towards secure integration of cryptographic software

Steven Arzt, Sarah Nadi, Karim Ali, Eric Bodden, Sebastian Erdweg, Mira Mezini
2015 2015 ACM International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software (Onward!) - Onward! 2015  
use of cryptographic mechanisms.  ...  Such issues arise with both simple operations such as encryption as well as with complex secure communication protocols such as SSL.  ...  This work is funded by the DFG as part of project E1 within the CRC 1119 CROSSING, and was further supported by the BMBF within EC SPRIDE and by the Hessian LOEWE excellence initiative within CASED.  ... 
doi:10.1145/2814228.2814229 dblp:conf/oopsla/ArztNABEM15 fatcat:xaj7yilnyrd77jglsgorfqo3rm

Cryptographically Sound Security Proofs for Basic and Public-Key Kerberos [chapter]

M. Backes, I. Cervesato, A. D. Jaggard, A. Scedrov, J. -K. Tsay
2006 Lecture Notes in Computer Science  
'06]: Symbolic analysis of Kerberos (basic and public-key) using Multi Set Rewriting • [He,Sundararajan,Datta,Derek,Mitchell'05]: Correctness Proof of IEEE 802.11i and TLS using Protocol Composition  ...  Protocols Want to prove protocols secure in computational model; So far only for academic protocols, e.g.  ...  Computational security of Kerberos (basic and public-key ) 10 • Proposed by Backes, Pfitzmann and Waidner • Justifying the Dolev-Yao model • Pair of detailed system models for cryptographic protocols  ... 
doi:10.1007/11863908_23 fatcat:b6g5gob2crcmhn4wqibzv6ovoi
« Previous Showing results 1 — 15 out of 12,976 results