Logical concepts in cryptography

This thesis is about a breadth-first exploration of logical concepts in cryptography and their linguistic abstraction and model-theoretic combination in a comprehensive logical system, called CPL (for Cryptographic Protocol Logic). We focus on two fundamental aspects of cryptography. Namely, the security of communication (as opposed to security of storage) and cryptographic protocols (as opposed to cryptographic operators). The primary logical concepts explored are the following: the modal concepts of belief, knowledge, norms, provability, space, and time. The distinguishing feature of CPL is that it unifies and refines a variety of existing approaches. This feature is the result of our wholistic conception of property-based (modal logics) and model-based (process algebra) formalisms

Theory and tool support for the formal verification of cryptographic protocols

Cryptographic protocols are an essential component of network communications. Despite their relatively small size compared to other distributed algorithms, they are known to be error-prone. This is due to the obligation to behave robustly in the context of unknown hostile attackers who might want to act against the security objectives of the jointly interacting entities. The need for techniques to verify the correctness of cryptographic protocols has stimulated the development of new frameworks and tools during the last decades. Among the various models is the spi calculus: a process calculus which is an extension of the pi calculus that incorporates cryptographic primitives. Process calculi such as the spi calculus offer the possibility to describe in a precise and concise way distributed algorithms such as cryptographic protocols. Moreover, spi calculus offers an elegant way to formalise some security properties of cryptographic protocols via behavioural equivalences. At the time this thesis began, this approach lacked tool support. Inspired by the situation in the pi calculus, we propose a new notion of behavioural equivalence for the spi calculus that is close to an algorithm. Besides, we propose a "coq" formalisation of our results that not only validates our theoretical developments but also will eventually be the basis of a certified tool that would automate equivalence checking of spi calculus terms. To complete the toolchain, we propose a formal semantics for an informal notation to describe cryptographic protocols, so called protocol narrations. We give a rigorous procedure to translate protocol narrations into spi calculus terms; this constitutes the foundations of our automatic translation tool "spyer"

Logical Abstractions for Protocol Engineering

The definition of a cryptographic protocol begins (and “ends ” if this stage is not mastered [1]) with requirements engineering, i.e., the definition of the requirements (global properties) the protocol is supposed to meet. Protocol definition and in particular requirements engineering are engineering tasks. In contrast, the definition of cryptographic operators is a scientific task requiring profound expertise from different fields of discrete mathematics. Protocol engineers do (and should) not have (to have) this expertise. For example, it is legitimate for a protocol engineer to “abstract ” negligible probabilities and consider them as what they are — negligible. Ideally, engineers should only have to master a single, common, and formal language for requirements engineering that adequately abstracts “hard-core ” mathematical concepts. Since logic is what all sciences have in common, it is natural to stipulate that such a lingua franca for requirements engineering cryptographic protocols be an appropriate logical language. Our task shall be to synthesise the relevant logical concepts in cryptography into a cryptographic protocol logic [2] in the tradition of temporal 1 logic (cf. [3] fo

Cryptographic protocol logic: Satisfaction for (timed) Dolev-Yao cryptography

This article is about a breadth-first exploration of logical concepts in cryptography and their linguistic abstraction and model-theoretic combination in a comprehensive logical system, called CPL (for Cryptographic Protocol Logic). We focus on two fundamental aspects of cryptography. Namely, the security of communication (as opposed to security of storage) and cryptographic protocols (as opposed to cryptographic operators). The logical concepts explored are the following. PRIMARY CONCEPTS: The modal concepts of knowledge, norms, provability, space, and time. SECONDARY CONCEPTS: Individual and propositional knowledge, confidentiality norms, truth-functional and relevant (in particular, intuitionistic) implication, multiple and complex truth values, and program types. The distinguishing feature of CPL is that it unifies and refines a variety of existing approaches. This feature is the result of our wholistic conception of property-based (modal logics) and model-based (process algebra) formalisms. We illustrate the expressiveness of CPL on representative requirements engineering case studies. Further, we extend (core) CPL (qualitative time) with rational-valued time, i.e. time stamps, timed keys, and potentially drifting local clocks, to tCPL (quantitative time). Our extension is conservative and provides further evidence for Lamport's claim that adding real time to an untimed formalism is really simple. (C) 2008 Elsevier Inc. All rights reserved