ENSURING THE CORRECTNESS OF CRYPTOGRAPHIC PROTOCOLS WITH RESPECT TO SECRECY

Hanane Houmani, Mohamed Mejri

Abstract

This paper gives sufficient conditions to ensure secrecy property of cryptographic protocols that allow to share a session keys. Indeed, this paper proves that if within a protocol agents don’t decease or increase the security level of components, then this protocol respect the secrecy property. This sufficient condition holds even we change our context of verification (message algebra, intruder capacities or cryptographic assumptions). To verify this condition we use the notion of interpretation functions. An interpretation function is a safe way allowing an agent to appropriately estimate the security level of message components that he receives so that he can handle them correctly.

References

  1. Abadi, M. and Cortier, V. (2006). Deciding knowledge in security protocols under equational theories. Theor. Comput. Sci., 367(1):2-32.
  2. Boreale, M. and Gorla, D. (2002). Process calculi and the verification of security properties. Journal of Telecommunication and Information TechnologySpecial Issue on Cryptographic Protocol Verification, (4/02):28-40.
  3. Chevalier, Y., Ksters, R., Rusinowitch, M., and Turuani, M. (2003). An np decision procedure forprotocol insecurity with xor. In LICS 7803, volume 25. IEEE Computer Society Press.
  4. Comon, H. and Shmatikov, V. (2002). Is it possible to decide whether a cryptographic protocol is secure or not. Journal of Telecommunications and Information Technolog,.
  5. Comon-Lundh, H. and Cortier, V. (2003a). New decidability results for fragments of first-order logic and application to cryptographic protocols. In RTA, pages 148-164.
  6. Comon-Lundh, H. and Cortier, V. (2003b). New Decidability Results for Fragments of First-Order Logic and Application to Cryptographic Protocols, volume 2706 of Lecture Notes in Computer Science. Springer Berlin / Heidelberg.
  7. Debbabi, M., Mejri, M., Tawbi, N., and Yahmadi, I. (1997). From Protocol Specifications to Flaws and Attack Scenarios: An Automatic and Formal Algorithm. In Proceedings of the Second International Workshop on Enterprise Security, Massachusetts Institute of Technology (MIT), Cambridge, Massachusetts, USA. IEEE Press.
  8. Goubault-Larrecq, J. (2005). Deciding h1 by resolution. Inf. Process. Lett., 95(3):401-408.
  9. Houmani, H. and Mejri, M. (2007a). Practical and universal interpretation functions for secrecy. In International Conference on Security and Cryptography: Secrypt, Barcelona, Spain.
  10. Houmani, H. and Mejri, M. (2007b). Secrecy by interpretation functions. Journal of Knowledge-Based Systems, 20(7):617-635.
  11. Houmani, H. and Mejri, M. (2008). Sufficient conditions for secrecy under equational theories. In The 2nd International Conference on Information Security and Assurance, Busan, Korea. IEEE CS.
  12. Jacquemard, F., Rusinowitch, M., and Vigneron, L. (2000). Compiling and verifying security protocols. In Logic Programming and Automated Reasoning, pages 131- 160.
  13. Meadows, C. (2003). What makes a cryptographic protocol secure? the evolution of requirements specification in formal cryptographic protocol analysis. In Proceedings of ESOP 03. Springer-Verlag.
  14. Paulson, L. C. (1997). Mechanized proofs for a recursive authentication protocol. In 10th Computer Security Foundations Workshop, pages 84-95. IEEE Computer Society Press.
  15. Sabelfeld, A. and Myers, A. (2003). information-flow security.
  16. Shmatikov, V. (2004). NP Decidable Analysis of Cryptographic Protocols with Products and Modular Exponentiation, volume 2986 of Lecture Notes in Computer Science. Springer Berlin / Heidelberg.
  17. Turuani, M. (2003). Scurit des protocoles cryptographiques : dcidabilit et complexit. PhD thesis, Universit Henri Poincar, Nancy.
  18. Woo, T. Y. C. and Lam, S. S. (1994). A Lesson on Authentication Protocol Design. Operating Systems Review, pages 24-37.
Download


Paper Citation


in Harvard Style

Houmani H. and Mejri M. (2008). ENSURING THE CORRECTNESS OF CRYPTOGRAPHIC PROTOCOLS WITH RESPECT TO SECRECY . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2008) ISBN 978-989-8111-59-3, pages 184-189. DOI: 10.5220/0001927401840189


in Bibtex Style

@conference{secrypt08,
author={Hanane Houmani and Mohamed Mejri},
title={ENSURING THE CORRECTNESS OF CRYPTOGRAPHIC PROTOCOLS WITH RESPECT TO SECRECY},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2008)},
year={2008},
pages={184-189},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001927401840189},
isbn={978-989-8111-59-3},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2008)
TI - ENSURING THE CORRECTNESS OF CRYPTOGRAPHIC PROTOCOLS WITH RESPECT TO SECRECY
SN - 978-989-8111-59-3
AU - Houmani H.
AU - Mejri M.
PY - 2008
SP - 184
EP - 189
DO - 10.5220/0001927401840189