Cryptology ePrint Archive: Report 2006/266

Computationally Sound Secrecy Proofs by Mechanized Flow Analysis

Michael Backes and Peeter Laud

Abstract: We present a novel approach for proving secrecy properties of security protocols by mechanized flow analysis. In contrast to existing tools for proving secrecy by abstract interpretation, our tool enjoys cryptographic soundness in the strong sense of blackbox reactive simulatability/UC which entails that secrecy properties proven by our tool are automatically guaranteed to hold for secure cryptographic implementations of the analyzed protocol, with respect to the more fine-grained cryptographic secrecy definitions and adversary models.

Our tool is capable of reasoning about a comprehensive language for expressing protocols, in particular handling symmetric encryption and asymmetric encryption, and it produces proofs for an unbounded number of sessions in the presence of an active adversary. We have implemented the tool and applied it to a number of common protocols from the literature.

Category / Keywords: cryptographic protocols / security analysis, reactive simulatability

Publication Info: Full version of a paper published in the proceedings of the 13th ACM Conference on Computer and Communication Security (CCS 2006)

Date: received 10 Aug 2006

Contact author: peeter laud at ut ee

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20060810:132235 (All versions of this report)

Short URL: ia.cr/2006/266

Discussion forum: Show discussion | Start new discussion