6 research outputs found
Approximating Imperfect Cryptography in a Formal Model
We present a formal view of cryptography that overcomes the usual assumptions of formal models for reasoning about security of computer systems, i.e. perfect cryptography and Dolev-Yao adversary model. In our framework, equivalence among formal cryptographic expressions is parameterized by a computational adversary that may exploit weaknesses of the cryptosystem to cryptanalyze ciphertext with a certain probability of success. To validate our approach, we show that in the restricted setting of ideal cryptosystems, for which the probability of guessing information that the Dolev-Yao adversary cannot derive is negligible, the computational adversary is limited to the allowed behaviors of the Dolev-Yao adversary
Static Analysis of Circuits for Security
The purpose of the present work is to define a methodology to analyze a system description given in VHDL code and test its security properties. In particular the analysis is aimed at ensuring that a malicious user cannot make a circuit output the secret data it contains
Models for Cryptographic Protocol Analysis
Formal models for security protocols often rely on assumptions not to be found in computational models. A first assumption is the perfect encryption one: encrypted data can not be manipulated in any way unless the decryption key is known. Another usual assumption is the free algebra one: only a few cryptographic primitives are considered in the model, and these must form a free algebra. We study these assumptions, and relax them to define more general models. We then define static analysis techniques for veryfing protocols secure in our models