ACM Digital Library home
ACM home
Advanced Search
10.1145/2508859.2516710acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedings
research-article

Computationally complete symbolic attacker and key exchange

Publication: CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications securityNovember 2013 Pages 1231–1246https://doi.org/10.1145/2508859.2516710
  • 2citation
  • 274
    • Downloads
Metrics
Total Citations2
Total Downloads274
Last 12 Months27
Last 6 weeks1

ABSTRACT

Recently, Bana and Comon-Lundh introduced the notion of computationally complete symbolic attacker to deliver unconditional computational soundness to symbolic protocol verification. First we explain the relationship between their technique and Fitting's embedding of classical logic into S4. Then, based on predicates for "key usability", we provide an axiomatic system in their framework to handle secure encryption when keys are allowed to be sent. We examine both IND-CCA2 and KDM-CCA2 encryptions, both symmetric and asymmetric situations. For unforgeability, we consider INT-CTXT encryptions. This technique does not require the usual limitations of computational soundness such as the absence of dynamic corruption, the absence of key-cycles or unambiguous parsing of bit strings. In particular, if a key-cycle possibly corrupts CCA2 encryption, our technique delivers an attack. If it does not endanger security, the security proof goes through. We illustrate how our notions can be applied in protocol proofs.

References

  1. P. Adão, G. Bana, J. Herzog, and A. Scedrov. Soundness and completeness of formal encryption: the cases of key-cycles and partial information leakage. Journal of Computer Security, 17(5):737--797, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. M. Backes, A. Malik, and D. Unruh. Computational soundness without protocol restrictions. In CCS'12, pages 699--711. ACM, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. M. Backes, B. Pfitzmann, and M. Waidner. A composable cryptographic library with nested operations. In CCS'03, pages 220--230. ACM, 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. M. Backes, B. Pfitzmann, and M. Waidner. The reactive simulatability (rsim) framework for asynchronous systems. Information and Computation, 205(12):1685--1720, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. G. Bana, P. Adão, and H. Sakurada. Computationally Comlete Symbolic Attacker in Action. In FSTTCS'12, LIPIcs, pages 546--560. Schloss Dagstuhl, 2012.Google ScholarGoogle Scholar
  6. G. Bana and H. Comon-Lundh. Towards unconditional soundness: Computationally complete symbolic attacker. Available at IACR ePrint Archive, Report 2012/019.Google ScholarGoogle Scholar
  7. G. Bana and H. Comon-Lundh. Towards unconditional soundness: Computationally complete symbolic attacker. In POST'12, LNCS, pages 189--208. Springer, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. G. Bana, K. Hasebe, and M. Okada. Computational semantics for first-order logical analysis of cryptographic protocols. In Formal to Practical Security, volume 5458 of LNCS, pages 33--58. Springer, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. G. Barthe, B. Grégoire, and S. Zanella Béguelin. Formal certification of code-based cryptographic proofs. In POPL'09, pages 90--101. ACM, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. G. Barthe, B. Grégoire, and S. Zanella Béguelin. Formal certification of code-based cryptographic proofs. In POPL, pages 90--101. ACM, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. M. Bellare, A. Boldyreva, and S. Micali. Public-key encryption in a multi-user setting. In EUROCRYPT'00, pages 258--274. Springer, 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. M. Bellare, A. Desai, D. Pointcheval, and P. Rogaway. Relations among notions of security for public-key encryption schemes. In CRYPTO'98, LNCS. Springer, 1998. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. M. Bellare and Ch. Namprempre. Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. J. Cryptology, 21(4):469--491, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. B. Blanchet. A computationally sound mechanized prover for security protocols. IEEE Transactions on Dependable and Secure Computing, 5(4):193--207, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. J. Camenisch, N. Chandran, and V. Shoup. A public key encryption scheme secure against key dependent chosen plaintext and adaptive chosen ciphertext attacks. In EUROCRYPT'09, LNCS, pages 351--368. Springer, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. H. Comon, C. Marché, and R. Treinen, editors. Constraints in Computational Logics: Theory and Applications, International Summer School, CCS'99, LNCS, 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. H. Comon-Lundh and V. Cortier. Computational soundness of observational equivalence. In CCS'08, pages 109--118. ACM, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. H. Comon-Lundh and V. Cortier. How to prove security of communication protocols? A discussion on the soundness of formal models w.r.t. computational ones. In STACS'11, LIPIcs, pages 29--44. Schloss Dagstuhl, March 2011.Google ScholarGoogle Scholar
  19. H. Comon-Lundh, V. Cortier, and G. Scerri. Tractable inference systems: an extension with a deducibility predicate. In CADE'13, LNAI. Springer, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. V. Cortier and B. Warinschi. Computationally sound, automated proofs for security protocols. In ESOP'05, LNCS, pages 157--171, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. A. Datta, A. Derek, J. C. Mitchell, V. Shmatikov, and M. Turuani. Probabilistic polynomial-time semantics for a protocol security logic. In ICALP'05, LNCS, pages 16--29. Springer, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. A. Datta, A. Derek, J. C. Mitchell, and B. Warinschi. Computationally sound compositional logic for key exchange protocols. In CSFW '06, pages 321--334. IEEE, 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Melvin Fitting. An embedding of classical logic in s4. The Journal of Symbolic Logic, 35(4):529--534, 1970.Google ScholarGoogle ScholarCross RefCross Ref
  24. R. Küsters and M. Tuengerthal. Computational soundness for key exchange protocols with symmetric encryption. In CCS'09, pages 91--100. ACM, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. F. J. Thayer, J. C. Herzog, and J. D. Guttman. Strand spaces: Proving security protocols correct. Journal of Computer Security, 7(1):191--230, 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Computationally complete symbolic attacker and key exchange

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    Get this Publication

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    View Table of Contents
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!