Computer Science – Cryptography and Security
Scientific paper
2009-11-11
EPTCS 8, 2009, pp. 51-65
Computer Science
Cryptography and Security
Scientific paper
10.4204/EPTCS.8.5
A model-theoretic approach can establish security theorems for cryptographic protocols. Formulas expressing authentication and non-disclosure properties of protocols have a special form. They are quantified implications for all xs . (phi implies for some ys . psi). Models (interpretations) for these formulas are *skeletons*, partially ordered structures consisting of a number of local protocol behaviors. Realized skeletons contain enough local sessions to explain all the behavior, when combined with some possible adversary behaviors. We show two results. (1) If phi is the antecedent of a security goal, then there is a skeleton A_phi such that, for every skeleton B, phi is satisfied in B iff there is a homomorphism from A_phi to B. (2) A protocol enforces for all xs . (phi implies for some ys . psi) iff every realized homomorphic image of A_phi satisfies psi. Hence, to verify a security goal, one can use the Cryptographic Protocol Shapes Analyzer CPSA (TACAS, 2007) to identify minimal realized skeletons, or "shapes," that are homomorphic images of A_phi. If psi holds in each of these shapes, then the goal holds.
No associations
LandOfFree
Security Theorems via Model Theory does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.
If you have personal experience with Security Theorems via Model Theory, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Security Theorems via Model Theory will most certainly appreciate the feedback.
Profile ID: LFWR-SCP-O-532849