220 research outputs found
Relating two standard notions of secrecy
Two styles of definitions are usually considered to express that a security
protocol preserves the confidentiality of a data s. Reachability-based secrecy
means that s should never be disclosed while equivalence-based secrecy states
that two executions of a protocol with distinct instances for s should be
indistinguishable to an attacker. Although the second formulation ensures a
higher level of security and is closer to cryptographic notions of secrecy,
decidability results and automatic tools have mainly focused on the first
definition so far.
This paper initiates a systematic investigation of the situations where
syntactic secrecy entails strong secrecy. We show that in the passive case,
reachability-based secrecy actually implies equivalence-based secrecy for
digital signatures, symmetric and asymmetric encryption provided that the
primitives are probabilistic. For active adversaries, we provide sufficient
(and rather tight) conditions on the protocol for this implication to hold.Comment: 29 pages, published in LMC
08171 Abstracts Collection -- Beyond the Finite: New Challenges in Verification and Semistructured Data
From 20.04. to 25.04.2008, the Dagstuhl Seminar 08171 ``Beyond the Finite: New Challenges in Verification and Semistructured Data\u27\u27 was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl.
During the seminar, several participants presented their current
research, and ongoing work and open problems were discussed. Abstracts of
the presentations given during the seminar as well as abstracts of
seminar results and ideas are put together in this paper. The first section
describes the seminar topics and goals in general.
Links to extended abstracts or full papers are provided, if available
A Formal Theory of Key Conjuring
Key conjuring is the process by which an attacker obtains an unknown, encrypted key by repeatedly calling a cryptographic API function with random values in place of keys. We propose a formalism for detecting computationally feasible key conjuring operations, incorporated into a Dolev-Yao style model of the security API. We show that security in the presence of key conjuring operations is decidable for a particular class of APIs, which includes the key management API of IBMâs Common Cryptographic Architecture (CCA)
A unified view of parameterized verification of abstract models of broadcast communication
We give a unified view of different parameterized models of concurrent and distributed systems with broadcast communication based on transition systems. Based on the resulting formal models, we discuss related verification methods and tools based on abstractions and symbolic state exploration
Parameterized verification
The goal of parameterized verification is to prove the correctness of a system specification regardless of the number of its components. The problem is of interest in several different areas: verification of hardware design, multithreaded programs, distributed systems, and communication protocols. The problem is undecidable in general. Solutions for restricted classes of systems and properties have been studied in areas like theorem proving, model checking, automata and logic, process algebra, and constraint solving. In this introduction to the special issue, dedicated to a selection of works from the Parameterized Verification workshop PV \u201914 and PV \u201915, we survey some of the works developed in this research area
Tidy: Symbolic Verification of Timed Cryptographic Protocols
International audienc
- âŠ