Preservation of epistemic properties in security protocol implementations

Ron van der Meyden, Thomas Wilke
2007 Proceedings of the 11th conference on Theoretical aspects of rationality and knowledge - TARK '07  
We introduce (i) a general class of security protocols with private channel as cryptographic primitive and (ii) a probabilistic epistemic logic to express properties of security protocols. Our main theorem says that when a property expressed in our logic holds for an ideal protocol (where "ideal" means that the private channel hides everything), then it also holds when the private channel is implemented using an encryption scheme that guarantees perfect secrecy (in the sense of Shannon). Our
more » ... ss of protocols contains, for instance, an oblivious transfer protocol by Rivest and Chaum's solution to the dining cryptographers problem. In our logic we can express fundamental security properties of these protocols. The proof of the main theorem is based on a notion of refinement for probabilistic Kripke structures.
doi:10.1145/1324249.1324278 dblp:conf/tark/MeydenW07 fatcat:mi2ucnnqmbbcdlrh7ovfsnzwa4