Secrecy by Witness-Functions under Equational Theories

01/05/2018
by   Jaouhar Fattahi, et al.
0

In this paper, we use the witness-functions to analyze cryptographic protocols for secrecy under nonempty equational theories. The witness-functions are safe metrics used to compute security. An analysis with a witness-function consists in making sure that the security of every atomic message does not decrease during its lifecycle in the protocol. The analysis gets more difficult under nonempty equational theories. Indeed, the intruder can take advantage of the algebraic properties of the cryptographic primitives to derive secrets. These properties arise from the use of mathematical functions, such as multiplication, addition, exclusive-or or modular exponentiation in the cryptosystems and the protocols. Here, we show how to use the witness-functions under nonempty equational theories and we run an analysis on the Needham-Schroeder-Lowe protocol under the cipher homomorphism. This analysis reveals that although this protocol is proved secure under the perfect encryption assumption, its security collapses under the homomorphic primitives. We show how the witness-functions help to illustrate an attack scenario on it and we propose an amended version to fix it.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
01/11/2018

Secrecy by Witness-Functions on Increasing Protocols

In this paper, we present a new formal method to analyze cryptographic p...
research
09/22/2021

Statistical Analysis of ReRAM-PUF based Keyless Encryption Protocol Against Frequency Analysis Attack

There has been a growing interest in fully integrating Physical Unclonab...
research
03/21/2018

A Theorem for Secrecy in Tagged Protocols Using the Theory of Witness-Functions

In this paper, we enunciate the theorem of secrecy in tagged protocols u...
research
10/18/2019

Universal Composability is Secure Compilation

Universal composability is a framework for the specification and analysi...
research
01/16/2018

Relaxed Conditions for Secrecy in a Role-Based Specification

In this paper, we look at the property of secrecy through the growth of ...
research
04/16/2018

Enrich-by-need Protocol Analysis for Diffie-Hellman (Extended Version)

Enrich-by-need protocol analysis is a style of symbolic protocol analysi...
research
03/11/2023

Approaching Shannon's One-Time Pad: Metrics, Architectures, and Enabling Technologies

The rapid development of advanced computing technologies such as quantum...

Please sign up or login with your details

Forgot password? Click here to reset