skip to main content
10.1145/2046707.2046717acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article

A composable computational soundness notion

Published: 17 October 2011 Publication History

Abstract

Computational soundness results show that under certain conditions it is possible to conclude computational security whenever symbolic security holds. Unfortunately, each soundness result is usually established for some set of cryptographic primitives and extending the result to encompass new primitives typically requires redoing most of the work. In this paper we suggest a way of getting around this problem. We propose a notion of computational soundness that we term deduction soundness. As for other soundness notions, our definition captures the idea that a computational adversary does not have any more power than a symbolic adversary. However, a key aspect of deduction soundness is that it considers, intrinsically, the use of the primitives in the presence of functions specified by the adversary. As a consequence, the resulting notion is amenable to modular extensions. We prove that a deduction sound implementation of some arbitrary primitives can be extended to include asymmetric encryption and public data-structures (e.g. pairings or list), without repeating the original proof effort. Furthermore, our notion of soundness concerns cryptographic primitives in a way that is independent of any protocol specification language. Nonetheless, we show that deduction soundness leads to computational soundness for languages (or protocols) that satisfy a so called commutation property.

References

[1]
M. Abadi and P. Rogaway. Reconciling two views of cryptography (the computational soundness of formal encryption). Journal of Cryptology, 15(2):103--127, 2002.
[2]
A. Armando, R. Carbone, L. Compagna, J. Cuellar, and L. T. Abad. Formal analysis of saml 2.0 web browser single sign-on: Breaking the saml-based single sign-on for google apps. In Proceedings of the 6th ACM Workshop on Formal Methods in Security Engineering (FMSE 2008), pages 1--10, 2008.
[3]
M. Backes, D. Hofheinz, and D. Unruh. Cosp: A general framework for computational soundness proofs. In ACM CCS 2009, pages 66--78, November 2009. Preprint on IACR ePrint 2009/080.
[4]
M. Backes and B. Pfitzmann. Symmetric encryption in a simulatable Dolev-Yao style cryptographic library. In Proc. 17th IEEE Computer Science Foundations Workshop (CSFW'04), pages 204--218, 2004.
[5]
M. Backes, B. Pfitzmann, and M. Waidner. A composable cryptographic library with nested operations. In Proc. 10th ACM Conference on Computer and Communications Security (CCS'03), 2003.
[6]
M. Backes and D. Unruh. Computational soundness of symbolic zero-knowledge proofs against active attackers. In Proceedings of the 21st IEEE Computer Security Foundations Symposium (CSF'08), pages 255--269, Pittsburgh, PA, USA, June 2008. IEEE Computer Society Press.
[7]
R. Canetti. Universally composable signature, certification, and authentication. In Proc. 17th IEEE Computer Security Foundations Workshop (CSFW'04), pages 219--235, 2004.
[8]
R. Canetti and J. Herzog. Universally composable symbolic analysis of mutual authentication and key-exchange protocols (extended abstract). In Proc. 3rd Theory of Cryptography Conference (TCC'06), volume 3876 of LNCS, pages 380--403. Springer, 2006.
[9]
H. Comon-Lundh and V. Cortier. Computational soundness of observational equivalence. In Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS'08), Alexandria, Virginia, USA, Oct. 2008. ACM Press.
[10]
H. Comon-Lundh and V. Cortier. How to prove security of communication protocols\u n A discussion on the soundness of formal models w.r.t. computational ones. In 28th International Symposium on Theoretical Aspects of Computer Science (STACS 2011), volume 9 of Leibniz International Proceedings in Informatics (LIPIcs), pages 29--44, 2011.
[11]
V. Cortier, S. Kremer, R. Küsters, and B. Warinschi. Computationally sound symbolic secrecy in the presence of hash functions. In Proceedings of the 26th Conference on Fundations of Software Technology and Theoretical Computer Science (FSTTCS'06), volume 4337 of LNCS, pages 176--187, Kolkata, India, 2006. Springer.
[12]
V. Cortier, S. Kremer, and B. Warinschi. A survey of symbolic methods in computational analysis of cryptographic systems. J. Autom. Reasoning, 46(3--4):225--259, 2011.
[13]
V. Cortier and B. Warinschi. Computationally sound, automated proofs for security protocols. In European Symposium on Programming (ESOP'05), volume 3444 of LNCS, pages 157--171, Edinburgh, UK, 2005. Springer.
[14]
D. Galindo, F. D. Garcia, and P. van Rossum. Computational soundness of non-malleable commitments. In Proc. 4th Information Security Practice and Experience Conference (ISPEC'08), LNCS, 2008.
[15]
J. Herzog. A computational interpretation of Dolev-Yao adversaries. Theoretical Computer Science, 340:57--81, June 2005.
[16]
R. Janvier, Y. Lakhnech, and L. Mazaré. Completing the picture: Soundness of formal encryption in the presence of active adversaries. In European Symposium on Programming (ESOP'05), volume 3444 of LNCS, pages 172--185. Springer, 2005.
[17]
R. Janvier, Y. Lakhnech, and L. Mazaré. Computational soundness of symbolic analysis for protocols using hash functions. In Proceedings of the Workshop on Information and Computer Security (ICS'06), Electronic Notes in Theoretical Computer Science, Timisoara, Romania, Sept. 2006. Elsevier Science Publishers.
[18]
R. Küsters and M. Tuengerthal. Computational Soundness for Key Exchange Protocols with Symmetric Encryption. In E. Al-Shaer, S. Jha, and A. D. Keromytis, editors, Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS 2009), pages 91--100. ACM Press, 2009.
[19]
G. Lowe. Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In Tools and Algorithms for the Construction and Analysis of Systems (TACAS'96), volume 1055 of LNCS, pages 147--166. Springer-Verlag, March 1996.
[20]
D. Micciancio and B. Warinschi. Soundness of formal encryption in the presence of active adversaries. In Proc. 1st Theory of Cryptography Conference (TCC'04), volume 2951 of LNCS, pages 133--151. Springer, 2004.

Cited By

View all
  • (2023)A Core Calculus for Equational Proofs of Cryptographic ProtocolsProceedings of the ACM on Programming Languages10.1145/35712237:POPL(866-892)Online publication date: 9-Jan-2023
  • (2019)How to Wrap it up - A Formally Verified Proposal for the use of Authenticated Wrapping in PKCS#112019 IEEE 32nd Computer Security Foundations Symposium (CSF)10.1109/CSF.2019.00012(62-6215)Online publication date: Jun-2019
  • (2019)Symbolic Encryption with Pseudorandom KeysAdvances in Cryptology – EUROCRYPT 201910.1007/978-3-030-17659-4_3(64-93)Online publication date: 19-May-2019
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
CCS '11: Proceedings of the 18th ACM conference on Computer and communications security
October 2011
742 pages
ISBN:9781450309486
DOI:10.1145/2046707
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 October 2011

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. composability
  2. computational soundness

Qualifiers

  • Research-article

Conference

CCS'11
Sponsor:

Acceptance Rates

CCS '11 Paper Acceptance Rate 60 of 429 submissions, 14%;
Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)7
  • Downloads (Last 6 weeks)1
Reflects downloads up to 14 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2023)A Core Calculus for Equational Proofs of Cryptographic ProtocolsProceedings of the ACM on Programming Languages10.1145/35712237:POPL(866-892)Online publication date: 9-Jan-2023
  • (2019)How to Wrap it up - A Formally Verified Proposal for the use of Authenticated Wrapping in PKCS#112019 IEEE 32nd Computer Security Foundations Symposium (CSF)10.1109/CSF.2019.00012(62-6215)Online publication date: Jun-2019
  • (2019)Symbolic Encryption with Pseudorandom KeysAdvances in Cryptology – EUROCRYPT 201910.1007/978-3-030-17659-4_3(64-93)Online publication date: 19-May-2019
  • (2018)A Study of Process Calculus for Formal Verification and Analysis of Security Protocol2018 4th International Conference on Applied and Theoretical Computing and Communication Technology (iCATccT)10.1109/iCATccT44854.2018.9001950(119-124)Online publication date: Sep-2018
  • (2016)Computational Soundness Results for Stateful Applied $$\pi $$π CalculusProceedings of the 5th International Conference on Principles of Security and Trust - Volume 963510.5555/3089491.3089507(254-275)Online publication date: 2-Apr-2016
  • (2016)Computational Soundness for Dalvik BytecodeProceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security10.1145/2976749.2978418(717-730)Online publication date: 24-Oct-2016
  • (2016)Computational Soundness Results for Stateful Applied $$\pi $$ π CalculusPrinciples of Security and Trust10.1007/978-3-662-49635-0_13(254-275)Online publication date: 2016
  • (2016)Computational Soundness for Interactive PrimitivesComputer Security -- ESORICS 201510.1007/978-3-319-24174-6_7(125-145)Online publication date: 13-Jan-2016
  • (2014)Computational Soundness Results for ProVerifPrinciples of Security and Trust10.1007/978-3-642-54792-8_3(42-62)Online publication date: 2014
  • (2013)Deduction soundnessProceedings of the 2013 ACM SIGSAC conference on Computer & communications security10.1145/2508859.2516711(1261-1272)Online publication date: 4-Nov-2013
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media