Paper 2003/114

Unifying Simulatability Definitions in Cryptographic Systems under Different Timing Assumptions

Michael Backes


The cryptographic concept of simulatability has become a salient technique for faithfully analyzing and proving security properties of arbitrary cryptographic protocols. We investigate the relationship between simulatability in synchronous and asynchronous frameworks by means of the formal models of Pfitzmann et. al., which are seminal in using this concept in order to bridge the gap between the formal-methods and the cryptographic community. We show that the synchronous model can be seen as a special case of the asynchronous one with respect to simulatability, i.e., we present an embedding between both models that we show to preserve simulatability. We show that this result allows for carrying over lemmas and theorems that rely on simulatability from the asynchronous model to its synchronous counterpart without any additional work. Hence future work can concentrate on the more general asynchronous case, without having to neglect the analysis of synchronous protocols.

Available format(s)
Publication info
Published elsewhere. 14th international conference on concurrency theory (CONCUR 2003)
simulatabilityprobabilistic systemssynchronousasynchronous
Contact author(s)
mbc @ zurich ibm com
2003-06-03: received
Short URL
Creative Commons Attribution


      author = {Michael Backes},
      title = {Unifying Simulatability Definitions in Cryptographic Systems under Different Timing Assumptions},
      howpublished = {Cryptology ePrint Archive, Paper 2003/114},
      year = {2003},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.