Paper 2020/1040

MoSS: Modular Security Specifications Framework

Amir Herzberg, Hemi Leibowitz, Ewa Syta, and Sara Wrotniak

Abstract

Applied cryptographic protocols have to meet a rich set of security requirements under diverse environments and against diverse adversaries. However, currently used security specifications, based on either simulation (e.g., `ideal functionality' in UC) or games, are monolithic, combining together different aspects of protocol requirements, environment and assumptions. Such security specifications are complex, error-prone, and foil reusability, modular analysis and incremental design. We present the Modular Security Specifications (MoSS) framework, which cleanly separates the security requirements (goals) which a protocol should achieve, from the models (assumptions) under which each requirement should be ensured. This modularity allows us to reuse individual models and requirements across different protocols and tasks, and to compare protocols for the same task, either under different assumptions or satisfying different sets of requirements. MoSS is flexible and extendable, e.g., it can support both asymptotic and concrete definitions for security. So far, we confirmed the applicability of MoSS to two applications: secure broadcast protocols and PKI schemes.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
A major revision of an IACR publication in CRYPTO 2021
DOI
10.1007/978-3-030-84252-9_2
Keywords
provable-security
Contact author(s)
sara wrotniak @ uconn edu
History
2021-08-16: last of 4 revisions
2020-08-28: received
See all versions
Short URL
https://ia.cr/2020/1040
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/1040,
      author = {Amir Herzberg and Hemi Leibowitz and Ewa Syta and Sara Wrotniak},
      title = {MoSS: Modular Security Specifications Framework},
      howpublished = {Cryptology ePrint Archive, Paper 2020/1040},
      year = {2020},
      doi = {10.1007/978-3-030-84252-9_2},
      note = {\url{https://eprint.iacr.org/2020/1040}},
      url = {https://eprint.iacr.org/2020/1040}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.