Decidability of a Sound Set of Inference Rules for Computational Indistinguishability

Koutsos, Adrien

doi:10.1109/csf.2019.00011

Cited by 2 publications

(2 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Works on decision procedures remain of limited use so far, as they are limited to trace properties [31] (e.g. secrecy, authentication) or a very restrictive set of axioms [44].…”

Section: Introductionmentioning

confidence: 99%

An Interactive Prover for Protocol Verification in the Computational Model

Baelde

Delaune

Jacomme

et al. 2021

2021 IEEE Symposium on Security and Privacy (SP)

Self Cite

View full text Add to dashboard Cite

Given the central importance of designing secure protocols, providing solid mathematical foundations and computer-assisted methods to attest for their correctness is becoming crucial. Here, we elaborate on the formal approach introduced by Bana and Comon in [10], [11], which was originally designed to analyze protocols for a fixed number of sessions and which more importantly lacks support for proof mechanization.In this paper, we present a framework and an interactive prover allowing to mechanize proofs of security protocol for an arbitrary number of sessions in the computational model. More specifically, we develop a meta-logic as well as a proof system for deriving security properties. Proofs in our system only deal with high-level, symbolic representations of protocol executions, similar to proofs in the symbolic model, but providing security guarantees at the computational level. We have implemented our approach within a new interactive prover, the SQUIRREL prover, taking as input protocols specified in the applied pi-calculus, and we have performed a number of case studies covering a variety of primitives (hashes, encryption, signatures, Diffie-Hellman exponentiation) and security properties (authentication, strong secrecy, unlinkability).

show abstract

“…Works on decision procedures remain of limited use so far, as they are limited to trace properties [31] (e.g. secrecy, authentication) or a very restrictive set of axioms [44].…”

Section: Introductionmentioning

confidence: 99%

An Interactive Prover for Protocol Verification in the Computational Model

Baelde

Delaune

Jacomme

et al. 2021

2021 IEEE Symposium on Security and Privacy (SP)

Self Cite

View full text Add to dashboard Cite

show abstract

“…= represents equality (not identity) that can fail with negligible probability and serves as a congruence in the logic. [Kou19]). In the meantime, we continue developing the library of axioms, and verifying relatively simple protocols by hand, and with Coq.…”

Section: Mechanizing the Proofs Using Coqmentioning

confidence: 99%

Machine-aided analysis of vote privacy using computationally complete symbolic attacker

Eeralla¹

View full text Add to dashboard Cite

Security protocols employ cryptographic primitives such as encryption and digital signatures to provide security guarantees of confidentiality and authenticity in the presence of malicious attackers. Due to the complexities of cryptographic primitives, subtle nature of the security guarantees and asymmetry of communication over the internet, their design tends to be error-prone. Thus, formal methods are often used to establish whether the protocols actually achieve their guarantees. The analysis can be either carried out in the Dolev-Yao model, where the cryptographic primitives are assumed to be perfect, and the attacker tries to exploit the logical errors to compromise the security of the protocols or in the provable security model, where the attacker can, in addition, break the cryptographic primitives with negligible probability. The provable security model provides better guarantees. We consider formalizing and verifying the security property of vote privacy for electronic voting protocols in the provable security model. As an example, we consider analyzing the FOO electronic voting protocol introduced by Fujioka, Okamoto, and Ohta. Several automated analyses have been carried for the FOO protocol in the Dolev-Yao model, and the protocol is secure in the Dolev-Yao model. The protocol uses commitments, blind signatures, and anonymous channels to achieve vote privacy. The Dolev-Yao analyses also assume the existence of perfectly anonymous channels. We carried out the analysis of the security protocol using the Computationally Complete Symbolic Attacker (CCSA) technique, which allows the establishment of proofs of security guarantees using deduction in first-order logic. Unlike the Dolev Yao analyses of the protocol, we assume neither perfect cryptography nor existence of perfectly anonymous channels. We model the anonymous communication using a mix-net server who is responsible for checking if the received messages are distinct and outputting the decrypted messages in a lexicographic order. Our analysis reveals new attacks on vote privacy including an attack that arises due to the inadequacy of the blindness property of blind signatures and a Dolev-Yao style attack that arises due to the modeling of the anonymous communication as a mix-net server. With additional assumptions and modifications of the protocol, we were able to show that the protocol satisfies vote privacy in the sense that switching votes of two honest voters is undetectable to the attacker. In order to achieve higher assurances, we mechanized the CCSA technique in Coq, an interactive theorem-prover [BC04, PdAC+17] developed using the specification language Gallina. We demonstrate the effectiveness of our mechanization with the verification of authentication and secrecy guarantees of the Authenticated Die Hellman key exchange protocol. Finally, we prove the key lemmas of the proof of voter privacy for the FOO protocol in Coq.

show abstract

Decidability of a Sound Set of Inference Rules for Computational Indistinguishability

Cited by 2 publications

References 30 publications

An Interactive Prover for Protocol Verification in the Computational Model

An Interactive Prover for Protocol Verification in the Computational Model

Machine-aided analysis of vote privacy using computationally complete symbolic attacker

Contact Info

Product

Resources

About