Paper 2009/079
From Dolev-Yao to Strong Adaptive Corruption: Analyzing Security in the Presence of Compromising Adversaries
David Basin and Cas Cremers
Abstract
We formalize a hierarchy of adversary models for security protocol analysis, ranging from a Dolev-Yao style adversary to more powerful adversaries who can reveal different parts of principals' states during protocol execution. We define our hierarchy by a modular operational semantics describing adversarial capabilities. We use this to formalize various, practically-relevant notions of key and state compromise. Our semantics can be used as a basis for protocol analysis tools. As an example, we extend an existing symbolic protocol-verification tool with our adversary models. The result is the first tool that systematically supports notions such as weak perfect forward secrecy, key compromise impersonation, and adversaries capable of so-called strong corruptions and state-reveal queries. As further applications, we use our model hierarchy to relate different adversarial notions, gaining new insights on their relative strengths, and we use our tool to find new attacks on protocols.
Note: A detailed description of the revision history can be found in the appendix of the paper.
Metadata
- Available format(s)
-
PDF
- Category
- Foundations
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- adversary modelsstate-revealperfect forward secrecykey compromise impersonationtools
- Contact author(s)
- cas cremers @ inf ethz ch
- History
- 2009-11-09: last of 7 revisions
- 2009-02-18: received
- See all versions
- Short URL
- https://ia.cr/2009/079
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2009/079,
author = {David Basin and Cas Cremers},
title = {From Dolev-Yao to Strong Adaptive Corruption: Analyzing Security in the Presence of Compromising Adversaries},
howpublished = {Cryptology {ePrint} Archive, Paper 2009/079},
year = {2009},
url = {https://eprint.iacr.org/2009/079}
}
