Learn More
Both the formal and the computational models of cryptography contain the notion of message equivalence or indistinguishability. An encryption scheme provides soundness for indistinguishability if, when mapping formal messages into the computational model, equivalent formal messages are mapped to indistinguishable computational distributions. Previous(More)
We consider expansions of the Abadi-Rogaway logic of indistinguishability of formal cryptographic expressions. We expand the logic in order to cover cases when partial information of the encrypted plaintext is revealed. We consider not only computational, but also purely probabilistic, information-theoretic interpretations. We present a general, systematic(More)
We consider the question of the adequacy of symbolic models versus computational models for the verification of security protocols. We neither try to include properties in the symbolic model that reflect the properties of the computational primitives nor add computational requirements that enforce the soundness of the symbolic model. We propose in this(More)
In their seminal work, Abadi and Rogaway [2, 3] show that the formal (Dolev-Yao) notion of indistinguishability is sound with respect to the computational model: messages that are indistinguishable in the formal model become indistinguishable messages in the computational model. However, this result leaves two problems unsolved. First, it cannot tolerate(More)
We consider the problem of computational indistinguishability of protocols. We design a symbolic model, amenable to automated deduction, such that a successful inconsistency proof implies computational indistinguishability. Conversely, symbolic models of distinguishability provide clues for likely computational attacks. We follow the idea we introduced(More)
In the investigation of the relationship between the formal and the computational view of cryptography, a recent approach, first proposed in [10], uses static equivalence from cryptographic pi calculi as a notion of formal indistinguishability. Previous work [10, 1] has shown that this yields the soundness of natural interpretations of some interesting(More)
SOUNDNESS AND COMPLETENESS OF FORMAL LOGICS OF SYMMETRIC ENCRYPTION Gergei Bana Supervisor: Andre Scedrov In the last two decades, two major directions in cryptography have developed: formal and computational. The formal approach uses simple, manageable formal languages to describe cryptographic protocols; this approach is amenable to automatization,(More)
We present a computationally sound first-order system for security-analysis of protocols that places secrecy of nonces and keys in its center. Even trace properties such as agreement and authentication are proven via proving a non-trace property, namely, secrecy first with an inductive method. This results a very powerful system, the working of which we(More)
Recently, Bana and Comon-Lundh introduced the notion of computationally complete symbolic attacker to deliver unconditional computational soundness to symbolic protocol verification. First we explain the relationship between their technique and Fitting's embedding of classical logic into S4. Then, based on predicates for "key usability", we provide an(More)