4 research outputs found
Secrecy by Witness-Functions on Increasing Protocols
In this paper, we present a new formal method to analyze cryptographic
protocols statically for the property of secrecy. It consists in inspecting the
level of security of every component in the protocol and making sure that it
does not diminish during its life cycle. If yes, it concludes that the protocol
keeps its secret inputs. We analyze in this paper an amended version of the
Woo-Lam protocol using this new method
Relaxed Conditions for Secrecy in a Role-Based Specification
In this paper, we look at the property of secrecy through the growth of the
protocol. Intuitively, an increasing protocol preserves the secret. For that,
we need functions to estimate the security of messages. Here, we give relaxed
conditions on the functions and on the protocol and we prove that an increasing
protocol is correct when analyzed with functions that meet these conditions.Comment: The initial version of this paper was published in the International
Journal of Information Security, 2014. V1, pp 33-36. This is an enhanced
version and an extended one of it that includes the proofs of correcntess of
increasing protocols. It is a prerequisite for arXiv:1408.2774 and all the
series of other papers related to witness function
Secrecy by Witness-Functions under Equational Theories
In this paper, we use the witness-functions to analyze cryptographic
protocols for secrecy under nonempty equational theories. The witness-functions
are safe metrics used to compute security. An analysis with a witness-function
consists in making sure that the security of every atomic message does not
decrease during its lifecycle in the protocol. The analysis gets more difficult
under nonempty equational theories. Indeed, the intruder can take advantage of
the algebraic properties of the cryptographic primitives to derive secrets.
These properties arise from the use of mathematical functions, such as
multiplication, addition, exclusive-or or modular exponentiation in the
cryptosystems and the protocols. Here, we show how to use the witness-functions
under nonempty equational theories and we run an analysis on the
Needham-Schroeder-Lowe protocol under the cipher homomorphism. This analysis
reveals that although this protocol is proved secure under the perfect
encryption assumption, its security collapses under the homomorphic primitives.
We show how the witness-functions help to illustrate an attack scenario on it
and we propose an amended version to fix it.Comment: http://ieeexplore.ieee.org/document/7301205
A Semi-Decidable Procedure for Secrecy in Cryptographic Protocols
In this paper, we present a new semi-decidable procedure to analyze
cryptographic protocols for secrecy based on a new class of functions that we
call: the Witness-Functions. A Witness-Function is a reliable function that
guarantees the secrecy in any protocol proved increasing once analyzed by it.
Hence, the problem of correctness becomes a problem of protocol growth. A
Witness-Function operates on derivative messages in a role-based specification
and introduces new derivation techniques. We give here the technical aspects of
the Witness-Functions and we show how to use them in a semi-decidable
procedure. Then, we analyze a variation of the Needham-Schroeder protocol and
we show that a Witness-Function can also help to teach about flaws. Finally, we
analyze the NSL protocol and we prove that it is correct with respect to
secrecy.Comment: Presentation enhance