Synthesizing Secure Protocols

Veronique Cortier; Bogdan Warinschi; Eugen Zalinescu

Synthesizing Secure Protocols

Veronique Cortier, Bogdan Warinschi, Eugen Zalinescu

Research output: Chapter in Book/Report/Conference proceeding › Conference Contribution (Conference Proceeding)

11 Citations (Scopus)

Abstract

We propose a general transformation that maps a cryptographic protocol that is secure in an extremely weak sense (essentially in a model where no adversary is present) into a protocol that is secure against a fully active adversary which interacts with an unbounded number of protocol sessions, and has absolute control over the network. The transformation works for arbitrary protocols with any number of participants, written with usual cryptographic primitives. Our transformation provably preserves a large class of security properties that contains secrecy and authenticity. An important byproduct contribution of this paper is a modular protocol development paradigm where designers focus their effort on an extremely simple execution setting – security in more complex settings being ensured by our generic transformation. Conceptually, the transformation is very simple, and has a clean, well motivated design. Each message is tied to the session for which it is intended via digital signatures and on-the-fly generated session identifiers, and prevents replay attacks by encrypting the messages under the recipient’s public key.

Translated title of the contribution	Synthesizing Secure Protocols
Original language	English
Title of host publication	European Symposium On Research In Computer Security - ESORICS 2007
Publisher	Springer Berlin Heidelberg
Pages	406-421
Volume	4734
Publication status	Published - 2007

Bibliographical note

Other page information: 406-421
Conference Proceedings/Title of Journal: 12th European Symposium On Research In Computer Security -- ESORICS'07
Other identifier: 2000757

Access to Document

http://www.cs.bris.ac.uk/Publications/pub_master.jsp?id=2000757

Fingerprint Dive into the research topics of 'Synthesizing Secure Protocols'. Together they form a unique fingerprint.

Cite this

@inproceedings{055eaea6089f4908b92a9fa67fd1ec46,

title = "Synthesizing Secure Protocols",

abstract = " We propose a general transformation that maps a cryptographic protocol that is secure in an extremely weak sense (essentially in a model where no adversary is present) into a protocol that is secure against a fully active adversary which interacts with an unbounded number of protocol sessions, and has absolute control over the network. The transformation works for arbitrary protocols with any number of participants, written with usual cryptographic primitives. Our transformation provably preserves a large class of security properties that contains secrecy and authenticity. An important byproduct contribution of this paper is a modular protocol development paradigm where designers focus their effort on an extremely simple execution setting – security in more complex settings being ensured by our generic transformation. Conceptually, the transformation is very simple, and has a clean, well motivated design. Each message is tied to the session for which it is intended via digital signatures and on-the-fly generated session identifiers, and prevents replay attacks by encrypting the messages under the recipient{\textquoteright}s public key. ",

author = "Veronique Cortier and Bogdan Warinschi and Eugen Zalinescu",

note = "Other page information: 406-421 Conference Proceedings/Title of Journal: 12th European Symposium On Research In Computer Security -- ESORICS'07 Other identifier: 2000757",

year = "2007",

language = "English",

volume = "4734",

pages = "406--421",

booktitle = "European Symposium On Research In Computer Security - ESORICS 2007",

publisher = "Springer Berlin Heidelberg",

address = "Germany",

}

TY - GEN

T1 - Synthesizing Secure Protocols

AU - Cortier, Veronique

AU - Warinschi, Bogdan

AU - Zalinescu, Eugen

N1 - Other page information: 406-421 Conference Proceedings/Title of Journal: 12th European Symposium On Research In Computer Security -- ESORICS'07 Other identifier: 2000757

PY - 2007

Y1 - 2007

N2 - We propose a general transformation that maps a cryptographic protocol that is secure in an extremely weak sense (essentially in a model where no adversary is present) into a protocol that is secure against a fully active adversary which interacts with an unbounded number of protocol sessions, and has absolute control over the network. The transformation works for arbitrary protocols with any number of participants, written with usual cryptographic primitives. Our transformation provably preserves a large class of security properties that contains secrecy and authenticity. An important byproduct contribution of this paper is a modular protocol development paradigm where designers focus their effort on an extremely simple execution setting – security in more complex settings being ensured by our generic transformation. Conceptually, the transformation is very simple, and has a clean, well motivated design. Each message is tied to the session for which it is intended via digital signatures and on-the-fly generated session identifiers, and prevents replay attacks by encrypting the messages under the recipient’s public key.

AB - We propose a general transformation that maps a cryptographic protocol that is secure in an extremely weak sense (essentially in a model where no adversary is present) into a protocol that is secure against a fully active adversary which interacts with an unbounded number of protocol sessions, and has absolute control over the network. The transformation works for arbitrary protocols with any number of participants, written with usual cryptographic primitives. Our transformation provably preserves a large class of security properties that contains secrecy and authenticity. An important byproduct contribution of this paper is a modular protocol development paradigm where designers focus their effort on an extremely simple execution setting – security in more complex settings being ensured by our generic transformation. Conceptually, the transformation is very simple, and has a clean, well motivated design. Each message is tied to the session for which it is intended via digital signatures and on-the-fly generated session identifiers, and prevents replay attacks by encrypting the messages under the recipient’s public key.

M3 - Conference Contribution (Conference Proceeding)

VL - 4734

SP - 406

EP - 421

BT - European Symposium On Research In Computer Security - ESORICS 2007

PB - Springer Berlin Heidelberg

ER -