Symmetric Encryption in a Simulatable Dolev-Yao Style Cryptographic Library.

The justification was done by defining an ideal system handling Dolev-Yao-style terms and a cryptographic realization with the same user interface, and by showing that the realization is as secure as the ... Security holds in the standard model of cryptography and under standard assumptions of adaptively secure primitives. A major primitive missing in that library so far is symmetric encryption. ... In the ideal library, handles essentially point to Dolev-Yao-like terms, while in the real library they point to cryptographic messages. ...

doi:10.1109/csfw.2004.1310742 fatcat:bsgso37ajzg4hozoaq7ged3vvy

Together with composition and preservation theorems of the underlying model, this allows us to perform the actual proof effort in a deterministic setting corresponding to a slightly extended Dolev-Yao ... The reason is that we exploit a recently proposed ideal cryptographic library, which has a provably secure cryptographic implementation. ... Dolev-Yao model. ...

doi:10.1007/978-3-540-30108-0_6 fatcat:thj2rmeylvhjtklfeujtl37u3u

in the cryptographic realization), such a proof is possible in the style already used in automated tools, only now with a sound cryptographic basis. ... Nevertheless, it seems an interesting question whether the cryptographic library, in other words the precise Dolev-Yao model used, as well as its proof could not be presented in a more modular way. ... Using the Low-level Ideal Signature System in a Dolev-Yao-style Cryptographic Library We now discuss why the use of low-level idealized signature machines in the proof of the Dolev-Yao style cryptographic ...

doi:10.1007/978-3-540-30144-8_4 fatcat:y7evy3l6inbjjauxix7e7wjpf4

Here we extend this Dolev-Yao-style model, its realization, and the security proof to include a first symmetric primitive, message authentication. ... The typical abstraction style is the Dolev-Yao model, or better "models". ... In particular, we thank Ran Canetti, Anupam Datta, Ante Derek, Joshua Guttman, Ralf Küsters, Peeter ...

doi:10.1007/s10207-004-0056-6 fatcat:ngzg5wqudfbujfudyyjaxwvlye

The universally composable cryptographic library by Backes, Pfitzmann and Waidner provides Dolev-Yao-like, but cryptographically sound abstractions to common cryptographic primitives like encryptions and ... The library has been used to give the correctness proofs of various protocols; while the arguments in such proofs are similar to the ones done with the Dolev-Yao model that has been researched for a couple ... Among the most celebrated abstractions is the universally composable cryptographic library [12, 11, 7] providing Dolev-Yao-style abstractions for common cryptographic primitives, namely symmetric and ...

doi:10.1007/978-3-540-88733-1_21 fatcat:5wldnhukujhtbdmjpi7kfsg4hm

Although we achieve security under cryptographic definitions, our proof is performed in a deterministic setting corresponding to a slightly extended Dolev-Yao model; in particular, it does not have to ... The reason is that we exploit a recently proposed ideal cryptographic library, which has a provably secure cryptographic implementation, as well as recent results on linking symbolic and cryptographic ... As our proof is the first Dolev-Yao-style, computationally sound proof of a protocol that uses symmetric encryption, our result also shows that the commitment problem, and hence also symmetric encryption ...

doi:10.1016/j.entcs.2005.11.054 fatcat:hdu4jjswrjaixhoriadf62rolu

Open Access

The other approach relies on a symbolic model of protocol executions in which cryptographic primitives are treated as black boxes. ... Since the seminal work of Dolev and Yao, it has been realized that this latter approach enables significantly simpler and often automated proofs. ... Subsequent work introduced symmetric encryption among the primitives that the simulatable cryptographic library offers [BP04b] . ...

doi:10.1007/s10817-010-9187-9 fatcat:6qrlhc34mnbnpmap2mkkrnfqhm

We present a series of cryptographically-sound abstractions of the original BPW model that bring it much closer to standard Dolev-Yao style models. ... Our starting point is the Backes-Pfitzmann-Waidner (BPW) model, which is a symbolic protocol model that is cryptographically sound in the sense of blackbox reactive simulatability. ... There are two established techniques to show the cryptographic soundness of a Dolev-Yao model: mapping-based [12, 8] and simulatability-based [15, 5] . ...

doi:10.1109/lics.2008.36 fatcat:qroyrqgponanzbbhc7hhz5ng7a

We present a series of cryptographically-sound abstractions of the original BPW model that bring it much closer to standard Dolev-Yao style models. ... Our starting point is the Backes-Pfitzmann-Waidner (BPW) model, which is a symbolic protocol model that is cryptographically sound in the sense of blackbox reactive simulatability. ... There are two established techniques to show the cryptographic soundness of a Dolev-Yao model: mapping-based [12, 8] and simulatability-based [15, 5] . ...

doi:10.1109/csf.2008.19 dblp:conf/csfw/SprengerB08 fatcat:m7oycg7iajbtfcjrlon35n33me

In this paper we make some initial steps toward this goal with respect to an extension of a tracebased security model (Micciancio and Warinschi, TCC 2004) including asymmetric and symmetric encryption; ... in particular we prove that a random computational trace can be soundly abstracted by a coinductive symbolic trace with overwhelming probability, provided that both the underlying encryption schemes provide ... [4] shows that secure realization of ideal symmetric encryption (in the sense of reactive simulatability) is possible in their cryptographic library [6] if the commitment problem does not occur (i.e ...

doi:10.1007/978-3-642-36594-2_30 fatcat:pzobdno3tfe6fjwhfysc44cvgu

Roughly, simulatability means that a real system implements an ideal system (specification) in a way that preserves security in a general cryptographic sense. ... In terms of distributed systems, reactive simulatability is a type of refinement that preserves particularly strong properties, in particular confidentiality. ... In particular, joint work with Matthias on examples of synchronous reactive systems also influenced this asynchronous model, and so did joint work with Michael on liveness and adaptiveness. ...

doi:10.1016/j.ic.2007.05.002 fatcat:r2vscqglnfcttcglezdwuvci4u

Szczepanski

A cryptographic justification of a Dolev-Yao model in the sense of BRSIM/UC was first given in [10] with extensions in [11, 8] . ... foundations for a Dolev-Yao model of symmetric encryption but specific to certain confidentiality properties where the surrounding protocols are restricted to straight-line programs. ... From the start, the actual cryptographic operations in such proofs were idealized into so-called Dolev-Yao models, following [21, 22, 39] , e.g., see [30, 47, 1, 37, 44, 12] . ...

doi:10.1145/1180405.1180450 dblp:conf/ccs/BackesL06 fatcat:xrkyyczn4jbndbywktjoxvh3yi

The cryptographic concept of simulatability has become a salient technique for faithfully analyzing and proving security properties of arbitrary cryptographic protocols. ... We investigate the relationship between simulatability in synchronous and asynchronous frameworks by means of the formal models of Pfitzmann et al., which are seminal in using this concept in order to ... Laud [39] has presented a cryptographic underpinning for a Dolev-Yao model of symmetric encryption under active attacks. ...

doi:10.1016/j.jlap.2004.09.002 fatcat:q2e76u3o7bbwvpl3agnvq5nbhy

Szczepanski

We present a generic computational soundness result for interactive cryptographic primitives. ... sound Dolev-Yao model for non-interactive primitives, and given UC-secure interactive primitives, we obtain computational soundness for the combined model that encompasses both the non-interactive and ... In the mode key, a key pair (P K, SK) is ...

doi:10.1007/978-3-319-24174-6_7 fatcat:yr3h3hy4xzad3a6fnbx62pss2a

We define and study a distributed cryptographic implementation for an asynchronous pi calculus. At the source level, we adapt simple type systems designed for establishing formal secrecy properties. ... We rely on compilation to a typed intermediate language with a fixed scheduling strategy. ... In particular, cycles must be excluded in the cryptographic library [9] , as follows: every secret symmetric-key encryption has an integer rank, k, and the idealized library checks that, for every encryption ...

doi:10.1007/11924661_16 fatcat:iqy6iuipxbe7jiqbpqs7ucr7fi

Symmetric encryption in a simulatable Dolev-Yao style cryptographic library

Preserved Fulltext

A Cryptographically Sound Dolev-Yao Style Security Proof of the Otway-Rees Protocol [chapter]

Preserved Fulltext

Low-Level Ideal Signatures and General Integrity Idealization [chapter]

Preserved Fulltext

Symmetric authentication in a simulatable Dolev–Yao-style cryptographic library

Preserved Fulltext

Threshold Homomorphic Encryption in the Universally Composable Cryptographic Library [chapter]

Preserved Fulltext

Real-or-random Key Secrecy of the Otway-Rees Protocol via a Symbolic Security Proof

Preserved Fulltext

A Survey of Symbolic Methods in Computational Analysis of Cryptographic Systems

Preserved Fulltext

Cryptographically-Sound Protocol-Model Abstractions

Preserved Fulltext

Cryptographically-Sound Protocol-Model Abstractions

Preserved Fulltext

Computational Soundness of Coinductive Symbolic Security under Active Attacks [chapter]

Preserved Fulltext

The reactive simulatability (RSIM) framework for asynchronous systems

Preserved Fulltext

Computationally sound secrecy proofs by mechanized flow analysis

Preserved Fulltext

Unifying simulatability definitions in cryptographic systems under different timing assumptions

Preserved Fulltext

Computational Soundness for Interactive Primitives [chapter]

Preserved Fulltext

Computational Secrecy by Typing for the Pi Calculus [chapter]

Preserved Fulltext