Abstract
Using a probabilistic polynomial-time process calculus designed for specifying security properties as observational equivalences, we develop a form of bisimulation that justifies an equational proof system. This proof system is sufficiently powerful to derive the semantic security of El Gamal encryption from the Decision Diffie-Hellman (DDH) assumption. The proof system can also derive the converse: if El Gamal is secure, then DDH holds. While these are not new cryptographic results, these example proofs show the power of probabilistic bisimulation and equational reasoning for protocol security.
Partially supported by OSD/ONR CIP/SW URI “Software Quality and Infrastructure Protection for Diffuse Computing,” ONR Grant N00014-01-1-0795.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: 28th ACM Symposium on Principles of Programming Languages, pp. 104–115 (2001)
Abadi, M., Gordon, A.D.: A calculus for cryptographic protocols: the spi calculus. Information and Computation 143, 1–70 (1999); Expanded version available as SRC Research Report 149 (January 1998)
Atallah, M.J. (ed.): Algorithms and Theory of Computation Handbook, ch. 24, pp. 19–28. CRC Press LLC, Boca Raton (1999)
Bellantoni, S.: Predicative Recursion and Computational Complexity. PhD thesis, University of Toronto (1992)
Boneh, D.: The decision Diffie-Hellman problem. In: Proceedings of the Third Algorithmic Number Theory Symposium, vol. 1423, pp. 48–63 (1998)
Burrows, M., Abadi, M., Needham, R.: A logic of authentication. Proceedings of the Royal Society, Series A 426, 1871, 233–271 (1989); Also appeared as SRC Research Report 39 and, in a shortened form, in ACM Transactions on Computer Systems 8(1), 18–36 (February 1990)
Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: Proc. 42nd IEEE Symp. on the Foundations of Computer Science, IEEE, Los Alamitos (2001), Full version available at http://eprint.iacr.org/2000/067/
Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory 22, 644–654 (1976)
Dolev, D., Yao, A.C.-C.: On the security of public-key protocols. In: Proc. 22nd Annual IEEE Symp. Foundations of Computer Science, pp. 350–357 (1981)
Durgin, N.A., Mitchell, J.C., Pavlovic, D.: A compositional logic for protocol correctness. In: 14th IEEE Computer Security Foundations Workshop, Cape Breton, Nova Scotia, Canada (June 2001)
El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory 31, 469–472 (1985)
Goldreich, O.: The Foundations of Cryptography, vol. 1. Cambridge University Press, Cambridge (June 2001)
Goldreich, O.: The Foundations of Cryptography, vol. 2 (June 2003), Manuscript under preparation; latest version available at http://www.wisdom.weizmann.ac.il/~oded/foc-vol2.html
Goldwasser, S., Bellare, M.: Lecture Notes on Cryptography (2003), Lecture notes for a class taught by the authors at MIT (1996–2001); available online at http://www.cs.nyu.edu/courses/fall01/G22.3033-003/
Goldwasser, S., Micali, S.: Probabilistic encryption. Journal of Computer and System Sciences 28(2), 270–299 (1984), Previous version in STOC 1982
Hofmann, M.: Type Systems for Polynomial-Time Computation. Habilitation Thesis, Darmstadt, see www.dcs.ed.ac.uk/home/mxh/papers.html (1999)
Huth, M., Kwiatkowska, M.Z.: Quantitative analysis and model checking. In: LICS 1997, pp. 111–122 (1997)
Lincoln, P.D., Mitchell, J.C., Mitchell, M., Scedrov, A.: A probabilistic poly-time framework for protocol analysis. In: Reiter, M.K. (ed.) Proc. 5th ACM Conference on Computer and Communications Security, San Francisco, California, pp. 112–121. ACM Press, New York (1998)
Mateus, P., Mitchell, J.C., Scedrov, A.: Composition of cryptographic protocols in a probabilistic polynomial-time process calculus. In: Amadio, R.M., Lugiez, D. (eds.) CONCUR 2003. LNCS, vol. 2761, pp. 327–349. Springer, Heidelberg (2003)
Milner, R.: Communication and Concurrency. International Series in Computer Science. Prentice-Hall, Englewood Cliffs (1989)
Mitchell, J.C., Mitchell, M., Scedrov, A.: A linguistic characterization of bounded oracle computation and probabilistic polynomial time. In: Proc. 39th Annual IEEE Symposium on the Foundations of Computer Science, Palo Alto, California, pp. 725–733. IEEE, Los Alamitos (1998)
Mitchell, J.C., Ramanathan, A., Scedrov, A., Teague, V.: A probabilistic polynomial-time calculus for the analysis of cryptographic protocols (preliminary report). In: Brookes, S., Mislove, M. (eds.) 17th Annual Conference on the Mathematical Foundations of Programming Semantics, Arhus, Denmark, May 2001. Electronic notes in Theoretical Computer Science, vol. 45 (2001)
Needham, R., Schroeder, M.: Using encryption for authentication in large networks of computers. Communications of the ACM 21 12, 993–999 (1978)
Paulson, L.C.: Mechanized proofs for a recursive authentication protocol. In: 10th IEEE Computer Security Foundations Workshop, pp. 84–95 (1997)
Pfitzmann, B., Waidner, M.: A model for asynchronous reactive systems and its application to secure message transmission. In: IEEE Symposium on Security and Privacy, Washington, pp. 184–200 (2001)
Ramanathan, A., Mitchell, J.C., Scedrov, A., Teague, V.: A probabilistic polynomial-time calculus for the analysis of cryptographic protocols (2004), ftp://ftp.cis.upenn.edu/pub/papers/scedrov/ppc-2004-long.ps,pdf
Schneider, S.: Security properties and CSP. In: IEEE Symposium on Security and Privacy, Oakland, California (1996)
van Glabbeek, R.J., Smolka, S.A., Steffen, B.: Reactive, generative, and stratified models of probabilistic processes. International Journal on Information and Computation 121(1) (August 1995)
Yao, A.C.-C.: Theory and applications of trapdoor functions. IEEE Foundations of Computer Science, 80–91 (1982)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ramanathan, A., Mitchell, J., Scedrov, A., Teague, V. (2004). Probabilistic Bisimulation and Equivalence for Security Analysis of Network Protocols. In: Walukiewicz, I. (eds) Foundations of Software Science and Computation Structures. FoSSaCS 2004. Lecture Notes in Computer Science, vol 2987. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24727-2_33
Download citation
DOI: https://doi.org/10.1007/978-3-540-24727-2_33
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-21298-0
Online ISBN: 978-3-540-24727-2
eBook Packages: Springer Book Archive