Filters








2,447 Hits in 6.7 sec

Soundness Conditions for Cryptographic Algorithms and Parameters Abstractions in Formal Security Protocol Models

Alfredo Pironti, Riccardo Sisto
2008 2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX  
In particular, encryption is assumed to be perfect and cryptographic algorithms and their parameters are often abstracted away.  ...  This paper states a set of constraints under which, if an abstract protocol model is secure, then a refined model, which takes into account cryptographic algorithms and parameters, is implied to be secure  ...  Section 3 shows how cryptographic algorithms and parameters can be added to Dolev-Yao security protocol models, and specifies the conditions under which they can be abstracted away.  ... 
doi:10.1109/depcos-relcomex.2008.34 dblp:conf/depcos/PirontiS08 fatcat:aahtt2do5ffw3fvrseat4geg2i

A Cryptographically Sound Dolev-Yao Style Security Proof of the Otway-Rees Protocol [chapter]

Michael Backes
2004 Lecture Notes in Computer Science  
We hope that it paves the way for cryptographically sound verification of security protocols by means of formal proof tools.  ...  We present the first cryptographically sound security proof of the well-known Otway-Rees protocol.  ...  Conclusion We have proven the Otway-Rees protocol in the real cryptographic setting via a deterministic, provably secure abstraction of a real cryptographic library.  ... 
doi:10.1007/978-3-540-30108-0_6 fatcat:thj2rmeylvhjtklfeujtl37u3u

A Survey of Symbolic Methods in Computational Analysis of Cryptographic Systems

Véronique Cortier, Steve Kremer, Bogdan Warinschi
2010 Journal of automated reasoning  
Computational soundness aims to establish sufficient conditions under which results obtained using symbolic models imply security under computational models.  ...  The other approach relies on a symbolic model of protocol executions in which cryptographic primitives are treated as black boxes.  ...  Here, the idea is to show that under certain conditions symbolic models are sound abstractions of cryptographic models, w.r.t. certain security properties.  ... 
doi:10.1007/s10817-010-9187-9 fatcat:6qrlhc34mnbnpmap2mkkrnfqhm

Formally based semi-automatic implementation of an open security protocol

Alfredo Pironti, Davide Pozza, Riccardo Sisto
2012 Journal of Systems and Software  
The approach used in the experiment starts with the formalization of the protocol at an abstract level.  ...  This case study demonstrates that the adopted model-driven approach is viable even for a real security protocol, despite the complexity of the models needed in order to achieve an interoperable implementation  ...  Acknowledgments We would like to thank Bruno Blanchet for his valuable support in the verification phase of our case study.  ... 
doi:10.1016/j.jss.2011.10.052 fatcat:mkmmbplh3raipe75bf23ko3gfu

The work of Dean Rosenzweig

Andre Scedrov
2007 Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering - ESEC-FSE '07  
We highlight his contributions to modeling, analysis, and testing of network security protocols, and his work on information technology used in the Zagreb Stock Exchange.  ...  Dean Rosenzweig, who passed away in January 2007, was a distinguished mathematician and computer scientist.  ...  , allowing their direct interpretation also in computational models and/or concrete implementations of cryptographic algorithms; 3) Provide a framework for translating formal proofs into computational  ... 
doi:10.1145/1287624.1287677 dblp:conf/sigsoft/Scedrov07 fatcat:hwbk67uknnhhhmobtqd4d6fhvi

Formal verification of security protocol implementations: a survey

Matteo Avalle, Alfredo Pironti, Riccardo Sisto
2012 Formal Aspects of Computing  
Automated formal verification of security protocols has been mostly focused on analyzing highlevel abstract models which, however, are significantly different from real protocol implementations written  ...  The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approach.  ...  Unfortunately, the papers surveyed in section 6 about the conditions for safely abstracting away encoding functions in formal models are currently limited to Dolev-Yao models and weak secrecy.  ... 
doi:10.1007/s00165-012-0269-9 fatcat:z7bgh5nnuzh4leo7wgf5rwd5ci

Computational Soundness for Interactive Primitives [chapter]

Michael Backes, Esfandiar Mohammadi, Tim Ruffing
2015 Lecture Notes in Computer Science  
sound Dolev-Yao model for non-interactive primitives, and given UC-secure interactive primitives, we obtain computational soundness for the combined model that encompasses both the non-interactive and  ...  We present a generic computational soundness result for interactive cryptographic primitives.  ...  This work was supported by the German Ministry for Education and Research (BMBF) through funding for the Center for IT-Security, Privacy and Accountability (CISPA) and the German Universities Excellence  ... 
doi:10.1007/978-3-319-24174-6_7 fatcat:yr3h3hy4xzad3a6fnbx62pss2a

Real-or-random Key Secrecy of the Otway-Rees Protocol via a Symbolic Security Proof

Michael Backes
2006 Electronical Notes in Theoretical Computer Science  
We present the first cryptographically sound security proof of the well-known Otway-Rees protocol.  ...  Besides establishing the cryptographic security of the Otway-Rees protocol, our result also exemplifies the potential of this cryptographic library and the recent secrecy preservation theorem for symbolic  ...  Establishing this side condition is crucial for using symmetric encryption in abstract, cryptographically sound proofs.  ... 
doi:10.1016/j.entcs.2005.11.054 fatcat:hdu4jjswrjaixhoriadf62rolu

Sound Computational Interpretation of Formal Encryption with Composed Keys [chapter]

Peeter Laud, Ricardo Corin
2004 Lecture Notes in Computer Science  
In this paper we consider an extension of the formal model presented by Abadi and Rogaway, in which it is allowed to use composed keys in formal encryption.  ...  We then provide a computational interpretation for expressions that allow us to establish the computational soundness of formal encryption with composed keys.  ...  We would like to thank Sandro Etalle and the anonymous reviewers for useful comments.  ... 
doi:10.1007/978-3-540-24691-6_5 fatcat:kfbtvmzizrgvjclxpqau4y2vn4

Visual model-driven design, verification and implementation of security protocols

Piergiuseppe Bettassa Copet, A. Pironti, D. Pozza, R. Sisto, P. Vivoli
2012 2012 IEEE 14th International Symposium on High-Assurance Systems Engineering  
The proposed approach integrates intuitive visual modeling with formal analysis and sound generation of interoperable code for the whole class of security protocols.  ...  As a first step the abstract model is refined, by adding low level details (e.g. which cryptographic algorithm must be used for a hash operation, or how to transform a message into its network binary representation  ... 
doi:10.1109/hase.2012.23 dblp:conf/hase/CopetPPSV12 fatcat:cqkj3f2yyfdn5lufpof2hhgkqa

Soundness of Formal Encryption in the Presence of Active Adversaries [chapter]

Daniele Micciancio, Bogdan Warinschi
2004 Lecture Notes in Computer Science  
Still, we show that the method is sound, meaning that logic statements can be naturally interpreted in the computational setting in such a way that if a statement holds true for any abstract (symbolic)  ...  execution of the protocol in the presence of a Dolev-Yao adversary, then its computational interpretation is also correct in the standard computational model where the adversary is an arbitrary probabilistic  ...  The oracle environments for the formal and for the concrete execution models are denoted set of identifiers used in the abstract description of a protocol, and " !  ... 
doi:10.1007/978-3-540-24638-1_8 fatcat:7stlmypaszcmtad3lrhgz6rina

A Cryptographically Sound Security Proof of the Needham–Schroeder–Lowe Public-Key Protocol

M. Backes, B. Pfitzmann
2004 IEEE Journal on Selected Areas in Communications  
Besides establishing the cryptographic security of the Needham-Schroeder-Lowe protocol, our result also exemplifies the potential of this cryptographic library and paves the way for cryptographically sound  ...  verification of security protocols by means of formal proof tools.  ...  library of [5] for the cryptographically sound verification of cryptographic protocols.  ... 
doi:10.1109/jsac.2004.836016 fatcat:qccclxpggbacdpcn2idkgtioiq

A Cryptographically Sound Security Proof of the Needham-Schroeder-Lowe Public-Key Protocol [chapter]

Michael Backes, Birgit Pfitzmann
2003 Lecture Notes in Computer Science  
Besides establishing the cryptographic security of the Needham-Schroeder-Lowe protocol, our result also exemplifies the potential of this cryptographic library and paves the way for cryptographically sound  ...  verification of security protocols by means of formal proof tools.  ...  library of [5] for the cryptographically sound verification of cryptographic protocols.  ... 
doi:10.1007/978-3-540-24597-1_1 fatcat:tweqnnt5qjf4djp4psbiwg4z6a

The Java SPI Framework for Security Protocol Implementation

Matteo Avalle, Alfredo Pironti, Riccardo Sisto, Davide Pozza
2011 2011 Sixth International Conference on Availability, Reliability and Security  
This paper presents JavaSPI, a "model-driven" development framework that allows the user to reliably develop security protocol implementations in Java, starting from abstract models that can be verified  ...  The main novelty of this approach stands in the use of Java as both a modeling language and the implementation language.  ...  However, in [3] there is no neat distinction between protocol logic and lower-level details such as cryptographic algorithms and parameters or data marshaling.  ... 
doi:10.1109/ares.2011.117 dblp:conf/IEEEares/AvallePSP11 fatcat:gowacthovvcrfokqvhnj4wy4na

Security protocols over open networks and distributed systems: formal methods for their analysis, design, and verification

S Gritzalis, D Spinellis, P Georgiadis
1999 Computer Communications  
Formal methods, theory, and supporting tools can aid the design, analysis, and verification of the security-related and cryptographic protocols used over open networks and distributed systems.  ...  Recent research work focuses on the ex-ante use of formal methods in the design state of new security protocols, as the synthesis approach.  ...  Mao, Hewlett-Packard, and the anonymous referees for their insightful remarks and constructive comments.  ... 
doi:10.1016/s0140-3664(99)00030-4 fatcat:cv3vmaztf5drxc2edllnfgefva
« Previous Showing results 1 — 15 out of 2,447 results