Cryptology ePrint Archive: Report 2006/047

Cryptographically Sound Theorem Proving

Christoph Sprenger and Michael Backes and David Basin and Birgit Pfitzmann and Michael Waidner

Abstract: We describe a faithful embedding of the Dolev-Yao model of Backes, Pfitzmann, and Waidner (CCS 2003) in the theorem prover Isabelle/HOL. This model is cryptographically sound in the strong sense of reactive simulatability/UC, which essentially entails the preservation of arbitrary security properties under active attacks and in arbitrary protocol environments. The main challenge in designing a practical formalization of this model is to cope with the complexity of providing such strong soundness guarantees. We reduce this complexity by abstracting the model into a sound, light-weight formalization that enables both concise property specifications and efficient application of our proof strategies and their supporting proof tools. This yields the first tool-supported framework for symbolically verifying security protocols that enjoys the strong cryptographic soundness guarantees provided by reactive simulatability/UC. As a proof of concept, we have proved the security of the Needham-Schroeder-Lowe protocol using our framework.

Category / Keywords: foundations / formal methods, cryptographic soundness, Dolev-Yao, simulatability, UC, theorem proving

Date: received 9 Feb 2006

Contact author: sprenger at inf ethz ch

Available format(s): PDF | BibTeX Citation

Version: 20060210:213635 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]