CORE

🇺🇦   make metadata, not war

    2 research outputs found

    Dynamic tags for security protocol

    Author
    Publication venue
    'Logical Methods in Computer Science e.V.'
    Publication date
    Field of study
    Get PDF
    The design and verification of cryptographic protocols is a notoriously difficult task, even in symbolic models which take an abstract view of cryptography. This is mainly due to the fact that protocols may interact with an arbitrary attacker which yields a verification problem that has several sources of unboundedness (size of messages, number of sessions, etc. In this paper, we characterize a class of protocols for which deciding security for an unbounded number of sessions is decidable. More precisely, we present a simple transformation which maps a protocol that is secure for a bounded number of protocol sessions (a decidable problem) to a protocol that is secure for an unbounded number of sessions. The precise number of sessions that need to be considered is a function of the security property and we show that for several classical security properties a single session is sufficient. Therefore, in many cases our results yields a design strategy for security protocols: (i) design a protocol intended to be secure for a {single session}; and (ii) apply our transformation to obtain a protocol which is secure for an unbounded number of sessions.Comment: 50 pages with 30 reference
    arXiv.org e-Print Archive
    HAL - Université de Franche-Comté
    Crossref
    Episciences.org
    INRIA a CCSD electronic archive server
    Directory of Open Access Journals
    Edinburgh Research Explorer

    How to Guarantee Secrecy for Cryptographic Protocols

    Author
    Publication venue
    HAL CCSD
    Publication date
    Field of study
    No full text
    19 pagesRapport interneIn this paper we propose a general definition of secrecy for cryptographic protocols in the Dolev-Yao model. We give a sufficient condition ensuring secrecy for protocols where rules have encryption depth at most two, that is satisfied by almost all practical protocols. The only allowed primitives in the class of protocols we consider are pairing and encryption with atomic keys. Moreover, we describe an algorithm of practical interest which transforms a cryptographic protocol into a secure one from the point of view of secrecy, without changing its original goal with respect to secrecy of nonces and keys, provided the protocol satisfies some conditions. These conditions are not very restrictive and are satisfied for most practical protocols
    arXiv.org e-Print Archive
    HAL Descartes
    Hal-Diderot
    HAL - UPEC / UPEM
    corecore