Paper 2003/015

A Universally Composable Cryptographic Library

Michael Backes, Birgit Pfitzmann, and Michael Waidner

Abstract

Bridging the gap between formal methods and cryptography has recently received a lot of interest, i.e., investigating to what extent proofs of cryptographic protocols made with abstracted cryptographic operations are valid for real implementations. However, a major goal has not been achieved yet: a soundness proof for an abstract crypto-library as needed for the cryptographic protocols typically proved with formal methods, e.g., authentication and key exchange protocols. Prior work that directly justifies the typical Dolev-Yao abstraction is restricted to passive adversaries and certain protocol environments. Prior work starting from the cryptographic side entirely hides the cryptographic objects, so that the operations are not composable: While secure channels or signing of application data is modeled, one cannot encrypt a signature or sign a key. We make the major step towards this goal: We specify an abstract crypto-library that allows composed operations, define a cryptographic realization, and prove that the abstraction is sound for arbitrary active attacks in arbitrary reactive scenarios. The library currently contains public-key encryption and signatures, nonces, lists, and application data. The proof is a novel combination of a probabilistic, imperfect bisimulation with cryptographic reductions and static information-flow analysis.

Metadata
Available format(s)
PDF PS
Category
Foundations
Publication info
Published elsewhere. Unknown where it was published
Keywords
cryptographic protocolssecurity analysis of protocolscryptographically composable operators
Contact author(s)
mbc @ zurich ibm com
History
2003-01-24: received
Short URL
https://ia.cr/2003/015
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2003/015,
      author = {Michael Backes and Birgit Pfitzmann and Michael Waidner},
      title = {A Universally Composable Cryptographic Library},
      howpublished = {Cryptology {ePrint} Archive, Paper 2003/015},
      year = {2003},
      url = {https://eprint.iacr.org/2003/015}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.