Abstract
When discussing protocol properties in the symbolic (Dolev-Yao; term-based) model of cryptography, the set of cryptographic primitives is defined by the constructors of the term algebra and by the equational theory on top of it. The set of considered primitives is not easily modifiable during the discussion. In particular, it is unclear what it means to define a new primitive from the existing ones, or why a primitive in the considered set may be unnecessary because it can be modeled using other primitives. This is in stark contrast to the computational model of cryptography where the constructions and relationships between primitives are at the very foundation of the theory. In this paper, we explore how a primitive may be constructed from other primitives in the symbolic model, such that no protocol breaks if an atomic primitive is replaced by the construction. As an example, we show the construction of (symbolic) “randomized” symmetric encryption from (symbolic) one-way functions and exclusive or.
Supported by Estonian Science Foundation, grant #8124, by European Regional Development Fund through the Estonian Center of Excellence in Computer Science, EXCS, and by EU FP7-ICT Project HATS.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Proceedings of the 23rd IEEE Computer Security Foundations Symposium, CSF 2010, Edinburgh, United Kingdom, July 17-19. IEEE Computer Society, Los Alamitos (2010)
Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: POPL, pp. 104–115 (2001)
Aceto, L., Hennessy, M.: Towards action-refinement in process algebras. Inf. Comput. 103(2), 204–269 (1993)
Backes, M., Pfitzmann, B., Waidner, M.: A Universally Composable Cryptographic Library. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, Washington, DC. ACM Press, New York (2003); Extended version available as Report 2003/015 of Cryptology ePrint Archive
Bellare, M., Canetti, R., Krawczyk, H.: Keying Hash Functions for Message Authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)
Blanchet, B., Podelski, A.: Verification of Cryptographic Protocols: Tagging Enforces Termination. In: Gordon, A.D. (ed.) FOSSACS 2003. LNCS, vol. 2620, pp. 136–152. Springer, Heidelberg (2003)
Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: FOCS, pp. 136–145 (2001)
Ciobâca, S., Cortier, V.: Protocol composition for arbitrary primitives. In: CSF [1], pp. 322–336
Delaune, S., Kremer, S., Pereira, O.: Simulation based security in the applied pi calculus. In: Kannan, R., Kumar, K.N. (eds.) FSTTCS. LIPIcs, vol. 4, pp. 169–180. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik (2009)
Dolev, D., Yao, A.C.-C.: On the Security of Public Key Protocols. IEEE Transactions on Information Theory 29(2), 198–207 (1983)
Dworkin, M.: Recommendation for Block Cipher Modes of Operation. NIST Special Publication 800-38A (2001)
Goldwasser, S., Micali, S.: Probabilistic Encryption. Journal of Computer and System Sciences 28(2), 270–299 (1984)
Muñiz, M.G., Laud, P.: On the (Im)possibility of Perennial Message Recognition Protocols without Public-Key Cryptography. In: 26th ACM Symposium On Applied Computing, vol. 2, pp. 1515–1520 (March 2011)
Luby, M., Rackoff, C.: How to construct pseudorandom permutations from pseudorandom functions. SIAM J. Comput. 17(2), 373–386 (1988)
Maurer, U.M., Renner, R., Holenstein, C.: Indifferentiability, Impossibility Results on Reductions, and Applications to the Random Oracle Methodology. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 21–39. Springer, Heidelberg (2004)
Milner, R.: Functions as processes. Mathematical Structures in Computer Science 2(2), 119–141 (1992)
Pfitzmann, B., Waidner, M.: A model for asynchronous reactive systems and its application to secure message transmission. In: IEEE Symposium on Security and Privacy, pp. 184–200 (2001)
Reeves, S., Streader, D.: Comparison of Data and Process Refinement. In: Dong, J.S., Woodcock, J. (eds.) ICFEM 2003. LNCS, vol. 2885, pp. 266–285. Springer, Heidelberg (2003)
Roggenbach, M.: CSP-CASL - a new integration of process algebra and algebraic specification. Theor. Comput. Sci. 354(1), 42–71 (2006)
Ryan, M.D., Smyth, B.: Applied pi calculus. In: Cortier, V., Kremer, S. (eds.) Formal Models and Techniques for Analyzing Security Protocols. IOS Press, Amsterdam (2010)
Yao, A.C.: Theory and applications of trapdoor functions (extended abstract). In: 23rd Annual Symposium on Foundations of Computer Science, Chicago, Illinois, pp. 80–91. IEEE Computer Society Press, Los Alamitos (1982)
Yilek, S.: Resettable Public-Key Encryption: How to Encrypt on a Virtual Machine. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 41–56. Springer, Heidelberg (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Laud, P. (2011). Implementing Cryptographic Primitives in the Symbolic Model. In: Bobaru, M., Havelund, K., Holzmann, G.J., Joshi, R. (eds) NASA Formal Methods. NFM 2011. Lecture Notes in Computer Science, vol 6617. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-20398-5_20
Download citation
DOI: https://doi.org/10.1007/978-3-642-20398-5_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-20397-8
Online ISBN: 978-3-642-20398-5
eBook Packages: Computer ScienceComputer Science (R0)