A probabilistic polynomial-time process calculus for the analysis of cryptographic protocols

AbstractWe prove properties of a process calculus that is designed for analysing security protocols. Our long-term goal is to develop a form of protocol analysis, consistent with standard cryptographic assumptions, that provides a language for expressing probabilistic polynomial-time protocol steps, a specification method based on a compositional form of equivalence, and a logical basis for reasoning about equivalence.The process calculus is a variant of CCS, with bounded replication and probabilistic polynomial-time expressions allowed in messages and boolean tests. To avoid inconsistency between security and nondeterminism, messages are scheduled probabilistically instead of nondeterministically. We prove that evaluation of any process expression halts in probabilistic polynomial time and define a form of asymptotic protocol equivalence that allows security properties to be expressed using observational equivalence, a standard relation from programming language theory that involves quantifying over all possible environments that might interact with the protocol.We develop a form of probabilistic bisimulation and use it to establish the soundness of an equational proof system based on observational equivalences. The proof system is illustrated by a formation derivation of the assertion, well-known in cryptography, that El Gamal encryption's semantic security is equivalent to the (computational) Decision Diffie–Hellman assumption. This example demonstrates the power of probabilistic bisimulation and equational reasoning for protocol security

Generative Model for Conceptual Design of Defence Equipment

Requirement study and analysis forms a key component in conceptual design of new products and systems. For complex systems like defence equipment, concept design is very important and should primarily satisfy all user requirements. Brings out a new generative model for concept design of defence systems using principles of systems engineering. A structured model and methodology is presented starting from capturing the user requirements, developing multiple solutions, short listing the candidate solutions and finally selecting one or two feasible designs. The model and process is illustrated with the help of a case study on the development of a torpedo defence system for naval ships.

Unifying equivalence-based definitions of protocol security

, and Vitaly Shmatikov 2 1 Stanford Universit

Sequential probabilistic process calculus and simulation-based security

Abstract Several compositional forms of simulation-based security have been proposed in the litera-ture, including universal composability, black-box simulatability, and variants thereof. Thes

Probabilistic Polynomial-Time Process Calculus and Security Protocol Analysis

Abstract. We prove properties of a process calculus that is designed for analysing security protocols. Our long-term goal is to develop a form of protocol analysis, consistent with standard cryptographic assumptions, that provides a language for expressing probabilistic polynomial-time protocol steps, a specification method based on a compositional form of equivalence, and a logical basis for reasoning about equivalence. The process calculus is a variant of CCS, with bounded replication and probabilistic polynomial-time expressions allowed in messages and boolean tests. To avoid inconsistency between security and nondeterminism, messages are scheduled probabilistically instead of nondeterministically. We prove that evaluation of any process expression halts in probabilistic polynomial time and define a form of asymptotic protocol equivalence that allows security properties to be expressed using observational equivalence, a standard relation from programming language theory that involves quantifying over all possible environments that might interact with the protocol. We develop a form of probabilistic bisimulation and use it to establish the soundness of an equational proof system based on observational equivalences. The proof system is illustrated by a formation derivation of the assertion, well-known in cryptography, that El Gamal encryption’s semantic security is equivalent to the (computational) Decision Diffie-Hellman assumption. This example demonstrates the power of probabilistic bisimulation and equational reasoning for protocol security

Unifying Equivalence-Based Definitions of Protocol Security

Several related research eorts have led to three dierent ways of specifying protocol security properties by simulation or equivalence. Abstracting the speci cation conditions away from the computational frameworks in which they have been previously applied, we show that when asynchronous communication is used, universal composability, black-box simulatability, and process equivalence express the same properties of a protocol. Further, the equivalence between these conditions holds for any computational framework, such as process calculus, that satis es certain structural properties. Similar but slightly weaker results are achieved for synchronous communication