Corpus ID: 208507900

Security Criteria for a Transparent Encryption Layer (Work in Progress)

  title={Security Criteria for a Transparent Encryption Layer (Work in Progress)},
  author={Konstantinos Kallas and B. Pierce and S. Zdancewic},
We study cryptographically-masked flows in the presence of key leakage in an interactive setting. Focusing on the encryption layer in a client-server setting, we propose a range of correctness criteria embodying varying constraints on client and server behavior and assumptions about the power of attackers. We formalize these definitions in Coq and prove that a minimal encrypting middlebox satisfies the strongest property. 


A Conference Management System with Verified Document Confidentiality
We present a case study in verified security for realistic systems: the implementation of a conference management system, whose functional kernel is faithfully represented in the Isabelle theoremExpand
Security Protocols and their Properties
This paper discusses specifications for security protocols, emphasizing authenticity and secrecy properties, and suggests some gaps and some opportunities for further work. Expand
Gradual Release: Unifying Declassification, Encryption and Key Release Policies
Gradual release is introduced, a policy that unifies declassification, encryption, and key release policies, and it is shown that gradual release can be provably enforced by security types and effects. Expand
Knowledge-Based Security of Dynamic Secrets for Reactive Programs
This paper investigates how to secure sensitive user information, while maintaining the flexibility of declassification, even in the presence of active attackers, by treating script-generated content specially to ensure that declassification policies cannot be manipulated by them. Expand
Efficient representation of the attacker’s knowledge in cryptographic protocols analysis
This paper addresses the problem of representing the intruder’s knowledge in the formal verification of cryptographic protocols with a new knowledge representation strategy that is incrementally computable and is easily amenable to work with various term representation languages. Expand
A survey of symbolic methods for establishing equivalence-based properties in cryptographic protocols
This work proposes here a synthesis of decidability and undecidability results for equivalence-based security properties, and gives an overview of existing verification tools that may be used to verify equivalence, and privacy related properties. Expand
Computationally complete symbolic attacker and key exchange
First, the relationship between Bana and Comon-Lundh's technique and Fitting's embedding of classical logic into S4 is explained, and an axiomatic system in their framework to handle secure encryption when keys are allowed to be sent is provided. Expand
A calculus for cryptographic protocols: the spi calculus
The spi calculus is introduced, an extension of the pi calculus designed for describing and analyzing cryptographic protocols and state their security properties in terms of coarse-grained notions of protocol equivalence. Expand
A Logic for Information Flow Analysis of Distributed Programs
This research presents a meta-modelling architecture that automates the very labor-intensive and therefore time-heavy and therefore expensive and expensive process of manually cataloging and cataloging all the elements of a distributed system. Expand
Towards Unconditional Soundness: Computationally Complete Symbolic Attacker
Everything is possible in the symbolic model, unless it contradicts a computational assumption, and this way unconditional soundness almost by construction is obtained. Expand