Paper 2016/069

Verification Methods for the Computationally Complete Symbolic Attacker Based on Indistinguishability

Gergei Bana and Rohit Chadha


In recent years, a new approach has been developed for verifying security protocols with the aim of combining the benefits of symbolic attackers and the benefits of unconditional soundness: the technique of the computationally complete symbolic attacker of Bana and Comon (BC). In this paper we argue that the real breakthrough of this technique is the recent introduction of its version for indistinguishability because, with the extensions we introduce here, for the first time, there is a computationally sound symbolic technique that is syntactically strikingly simple, to which translating standard computational security notions is a straightforward matter, and that can be effectively used for verification of not only equivalence properties, but trace properties of protocols as well. We first fully develop the core elements of this newer version by introducing several new axioms. We illustrate the power and the diverse use of the introduced axioms on simple examples first. We introduce an axiom expressing the Decisional Diffie-Hellman property. We analyze the Diffie-Hellman key exchange, both in its simplest form and an authenticated version as well. We provide computationally sound verification of real-or-random secrecy of the Diffie-Hellman key exchange protocol for multiple sessions, without any restrictions on the computational implementation other than the DDH assumption. We also show authentication for a simplified version of the station-to-station protocol using UF-CMA assumption for digital signatures. Finally, we axiomatize IND-CPA, IND-CCA1 and IND-CCA2 security properties and illustrate their usage.

Available format(s)
Cryptographic protocols
Publication info
Preprint. MINOR revision.
formal verificationcomputational security guarantees
Contact author(s)
bana @ math upenn edu
2016-01-26: received
Short URL
Creative Commons Attribution


      author = {Gergei Bana and Rohit Chadha},
      title = {Verification Methods for the Computationally Complete Symbolic Attacker Based on Indistinguishability},
      howpublished = {Cryptology ePrint Archive, Paper 2016/069},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.