skip to main content
10.1145/2508859.2516711acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article

Deduction soundness: prove one, get five for free

Published: 04 November 2013 Publication History

Abstract

Most computational soundness theorems deal with a limited number of primitives, thereby limiting their applicability. The notion of deduction soundness of Cortier and Warinschi (CCS'11) aims to facilitate soundness theorems for richer frameworks via composition results: deduction soundness can be extended, generically, with asymmetric encryption and public data structures. Unfortunately, that paper also hints at rather serious limitations regarding further composition results: composability with digital signatures seems to be precluded.
In this paper we provide techniques for bypassing the perceived limitations of deduction soundness and demonstrate that it enjoys vastly improved composition properties. More precisely, we show that a deduction sound implementation can be modularly extended with all of the five basic cryptographic primitives (symmetric/asymmetric encryption, message authentication codes, digital signatures, and hash functions). We thus obtain the first soundness framework that allows for the joint use of multiple instances of all of the basic primitives.
In addition, we show how to overcome an important restriction of the bare deduction soundness framework which forbids sending encrypted secret keys. In turn, this prevents its use for the analysis of a large class of interesting protocols (e.g.~key exchange protocols). We allow for more liberal uses of keys as long as they are hidden in a sense that we also define. All primitives typically used to send secret data (symmetric/asymmetric encryption) satisfy our requirement which we also show to be preserved under composition.

References

[1]
M. Abadi and P. Rogaway. Reconciling two views of cryptography (the computational soundness of formal encryption). In IFIP International Conference on Theoretical Computer Science (IFIP--TCS'00), volume 1872 of LNCS, pages 3--22, 2000.
[2]
M. Backes and B. Pfitzmann. Symmetric encryption in a simulatable Dolev-Yao style cryptographic library. In 17th IEEE Computer Science Foundations Workshop (CSFW'04), pages 204--218, 2004.
[3]
M. Backes, B. Pfitzmann, and M. Waidner. A composable cryptographic library with nested operations. In 10th ACM Conference on Computer and Communications Security (CCS'03), pages 220 -- 230, 2003.
[4]
M. Backes, B. Pfitzmann, and M. Waidner. Symmetric authentication within simulatable cryptographic library. In Proc. 8th European Symposium on Research in Computer Security (ESORICS'03), LNCS, pages 271--290, 2003.
[5]
M. Bellare, O. Goldreich, and A. Mityagin. The power of verification queries in message authentication and authenticated encryption. IACR Cryptology ePrint Archive, 2004:309, 2004.
[6]
M. Bellare and C. Namprempre. Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. J. Cryptology, 21(4):469--491, 2008.
[7]
M. Bellare and P. Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In 1st ACM Conference on Computer and Communications Security (CCS'93), pages 62--73. ACM, 1993.
[8]
F. Böhl, V. Cortier, and B. Warinschi. Deduction soundness: Prove one, get five for free. Cryptology ePrint Archive, Report 2013/457, 2013. Full version of this paper. http://eprint.iacr.org/.
[9]
H. Comon-Lundh and V. Cortier. Computational soundness of observational equivalence. In 15th ACM Conference on Computer and Communications Security (CCS'08). ACM Press, Oct. 2008.
[10]
V. Cortier, S. Kremer, R. Küsters, and B. Warinschi. Computationally sound symbolic secrecy in the presence of hash functions. In 26th Conference on Fundations of Software Technology and Theoretical Computer Science (FSTTCS'06), volume 4337 of LNCS, pages 176--187, Kolkata, India, 2006. Springer.
[11]
V. Cortier, S. Kremer, and B. Warinschi. A survey of symbolic methods in computational analysis of cryptographic systems. J. Autom. Reasoning, 46(3--4):225--259, 2011.
[12]
V. Cortier and B. Warinschi. Computationally sound, automated proofs for security protocols. In European Symposium on Programming (ESOP'05), volume 3444 of LNCS, pages 157--171. Springer, 2005.
[13]
V. Cortier and B. Warinschi. A composable computational soundness notion. In 18th ACM Conference on Computer and Communications Security (CCS'11), pages 63--74, Chicago, USA, October 2011. ACM.
[14]
A. Datta, A. Derek, J. C. Mitchell, V. Shmatikov, and M. Turuani. Probabilistic Polynomial-time Semantics for a Protocol Security Logic. In 32nd International Colloquium on Automata, Languages and Programming (ICALP'05), volume 3580 of LNCS, pages 16--29. Springer, 2005.
[15]
Y. Dodis, S. Goldwasser, Y. T. Kalai, C. Peikert, and V. Vaikuntanathan. Public-key encryption schemes with auxiliary inputs. In 7th Theory of Cryptography Conference, (TCC'10), LNCS, pages 361--381, 2010.
[16]
F. D. Garcia and P. van Rossum. Sound and complete computational interpretation of symbolic hashes in the standard model. Theoretical Computer Science, 394:112--133, 2008.
[17]
R. Janvier, Y. Lakhnech, and L. Mazaré. Completing the picture: Soundness of formal encryption in the presence of active adversaries. In European Symposium on Programming (ESOP'05), volume 3444 of LNCS, pages 172--185. Springer, 2005.
[18]
M. Naor and G. Segev. Public-key cryptosystems resilient to key leakage. SIAM J. Comput., 41(4):772--814, 2012.
[19]
C. Rackoff and D. R. Simon. Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In J. Feigenbaum, editor, 11th Annual International Cryptology Conference (CRYPTO'91), volume 576 of Lecture Notes in Computer Science, pages 433--444. Springer, 1991.

Cited By

View all
  • (2019)How to Wrap it up - A Formally Verified Proposal for the use of Authenticated Wrapping in PKCS#112019 IEEE 32nd Computer Security Foundations Symposium (CSF)10.1109/CSF.2019.00012(62-6215)Online publication date: Jun-2019
  • (2019)Symbolic Encryption with Pseudorandom KeysAdvances in Cryptology – EUROCRYPT 201910.1007/978-3-030-17659-4_3(64-93)Online publication date: 19-May-2019
  • (2016)Computational Soundness Results for Stateful Applied $$\pi $$π CalculusProceedings of the 5th International Conference on Principles of Security and Trust - Volume 963510.5555/3089491.3089507(254-275)Online publication date: 2-Apr-2016
  • Show More Cited By

Index Terms

  1. Deduction soundness: prove one, get five for free

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
    November 2013
    1530 pages
    ISBN:9781450324779
    DOI:10.1145/2508859
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 04 November 2013

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. composability
    2. computational soundness

    Qualifiers

    • Research-article

    Conference

    CCS'13
    Sponsor:

    Acceptance Rates

    CCS '13 Paper Acceptance Rate 105 of 530 submissions, 20%;
    Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

    Upcoming Conference

    CCS '25

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)3
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 16 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2019)How to Wrap it up - A Formally Verified Proposal for the use of Authenticated Wrapping in PKCS#112019 IEEE 32nd Computer Security Foundations Symposium (CSF)10.1109/CSF.2019.00012(62-6215)Online publication date: Jun-2019
    • (2019)Symbolic Encryption with Pseudorandom KeysAdvances in Cryptology – EUROCRYPT 201910.1007/978-3-030-17659-4_3(64-93)Online publication date: 19-May-2019
    • (2016)Computational Soundness Results for Stateful Applied $$\pi $$π CalculusProceedings of the 5th International Conference on Principles of Security and Trust - Volume 963510.5555/3089491.3089507(254-275)Online publication date: 2-Apr-2016
    • (2016)Computational Soundness for Dalvik BytecodeProceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security10.1145/2976749.2978418(717-730)Online publication date: 24-Oct-2016
    • (2016)Computational Soundness Results for Stateful Applied $$\pi $$ π CalculusPrinciples of Security and Trust10.1007/978-3-662-49635-0_13(254-275)Online publication date: 2016
    • (2016)Computational Soundness for Interactive PrimitivesComputer Security -- ESORICS 201510.1007/978-3-319-24174-6_7(125-145)Online publication date: 13-Jan-2016
    • (2014)A Sound Abstraction of the Parsing ProblemProceedings of the 2014 IEEE 27th Computer Security Foundations Symposium10.1109/CSF.2014.26(259-273)Online publication date: 19-Jul-2014
    • (2014)Computational Soundness Results for ProVerifPrinciples of Security and Trust10.1007/978-3-642-54792-8_3(42-62)Online publication date: 2014

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media