TY - GEN
T1 - Composing protocols with randomized actions
AU - Bauer, Matthew S.
AU - Chadha, Rohit
AU - Viswanathan, Mahesh
N1 - Funding Information:
R. Chadha—Partially supported by grant NSF CNS 1314338.
Funding Information:
M.S. Bauer and M. Viswanathan—Partially supported by grant NSF CNS 1314485.
Publisher Copyright:
© Springer-Verlag Berlin Heidelberg 2016.
PY - 2016
Y1 - 2016
N2 - Recently, several composition results have been established, showing that two cryptographic protocols proven secure against a Dolev-Yao attacker continue to afford the same security guarantees when composed together, provided the protocol messages are tagged with the information of which protocol they belong to. The key technical tool used to establish this guarantee is a separation result which shows that any attack on the composition can be mapped to an attack on one of the composed protocols running in isolation. We consider the composition of protocols which, in addition to using cryptographic primitives, also employ randomization within the protocol to achieve their goals. We show that if the protocols never reveal a secret with a probability greater than a given threshold, then neither does their composition, given that protocol messages are tagged with the information of which protocol they belong to.
AB - Recently, several composition results have been established, showing that two cryptographic protocols proven secure against a Dolev-Yao attacker continue to afford the same security guarantees when composed together, provided the protocol messages are tagged with the information of which protocol they belong to. The key technical tool used to establish this guarantee is a separation result which shows that any attack on the composition can be mapped to an attack on one of the composed protocols running in isolation. We consider the composition of protocols which, in addition to using cryptographic primitives, also employ randomization within the protocol to achieve their goals. We show that if the protocols never reveal a secret with a probability greater than a given threshold, then neither does their composition, given that protocol messages are tagged with the information of which protocol they belong to.
UR - http://www.scopus.com/inward/record.url?scp=84962473668&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84962473668&partnerID=8YFLogxK
U2 - 10.1007/978-3-662-49635-0_10
DO - 10.1007/978-3-662-49635-0_10
M3 - Conference contribution
AN - SCOPUS:84962473668
SN - 9783662496343
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 189
EP - 210
BT - Principles of Security and Trust - 5th International Conference, POST 2016 Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2016, Proceedings
A2 - Viganò, Luca
A2 - Piessens, Frank
PB - Springer
T2 - 5th International Conference on Principles of Security and Trust, POST 2016 held as part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2016
Y2 - 2 April 2016 through 8 April 2016
ER -