Cryptology ePrint Archive: Report 2003/015
A Universally Composable Cryptographic Library
Michael Backes and Birgit Pfitzmann and Michael Waidner
Abstract: Bridging the gap between formal methods and cryptography has recently received a lot of interest, i.e., investigating to what extent proofs of cryptographic protocols made with abstracted cryptographic operations are valid for real implementations. However, a major goal has not been achieved yet: a soundness proof for an abstract crypto-library as needed for the cryptographic protocols typically proved with formal methods, e.g., authentication and key exchange protocols. Prior work that directly justifies the typical Dolev-Yao abstraction is restricted to passive adversaries and certain protocol environments. Prior work starting from the cryptographic side entirely hides the cryptographic objects, so that the operations are not composable: While secure channels or signing of application data is modeled, one cannot encrypt a signature or sign a key.
We make the major step towards this goal: We specify an abstract crypto-library that allows composed operations, define a cryptographic realization, and prove that the abstraction is sound for arbitrary active attacks in arbitrary reactive scenarios. The library currently contains public-key encryption and signatures, nonces, lists, and application data.
The proof is a novel combination of a probabilistic, imperfect bisimulation with cryptographic reductions and static information-flow analysis.
Category / Keywords: foundations / cryptographic protocols, security analysis of protocols, cryptographically composable operators
Date: received 24 Jan 2003
Contact author: mbc at zurich ibm com
Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation
Version: 20030124:151851 (All versions of this report)
Short URL: ia.cr/2003/015
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]