Fulltext - International Journal of Computer Technology and ...

Sanjay Kumar Sonkar et al ,Int.J.Computer Technology & Applications,Vol 3 (2), 525-531 

ISSN:2229-6093 

Interpretation of formal proof for Cryptographic Protocols into 

Computational Model 

Sanjay Kumar Sonkar 1 , Darmendra Lal Gupta 2 , Dr. Anil Kumar Malviya 3 , Ganesh Chandra 4 , Vinod Kumar Yadav 5 

1,4,5 M. Tech. Student, Department of Computer Science & Engineering, Kamla Nehru Institute of Technology, Sultanpur, (U.P.) India 

2 Assistant Professor, Department of Computer Science & Engineering, Kamla Nehru Institute of Technology, Sultanpur, (U.P.) India 

3 Associate Professor, Department of Computer Science & Engineering, Kamla Nehru Institute of Technology, Sultanpur, (U.P.) India 

E-mail: { 1 kumarsanjaysonkar@gmail.com, 2 dlgupta2002@gmail.com, 3 anilkmalviya@yahoo.com, 

4 ganesh.iiscgate@gmail.com, 5 vinodrockcsit@gmail.com } 

Abstract 

Cryptography is the spinal cord for all security measures 

involved in computing field so a lot of emphasis is required 

to be given to make it strong enough to deal all the 

transition of the security industry. We present a general 

method to prove security properties of multiple 

cryptographic protocols in an execution model where clients 

exchange messages using multiple protocols against active 

adversaries. The method discussed here allows to interpret 

the logical formal proofs of cryptographic systems into their 

computational equivalent. The security properties are 

expressed in terms of logics, which are then interpreted in a 

computational setup. Also, we further show that if the 

statement is true for any symbolic execution then the 

corresponding computational interpretation is widely 

accepted in all forms. The messages between clients are 

expressed in syntax form and do not require dealing with 

asymptotic notations and probability distribution. This 

paper provides a basic framework and edifice for extending 

the protocol specification language with other 

cryptographic primitives. 

Keywords: Cryptographic protocols, Symbolic analysis, 

Protocol logic, formal methods for security protocols. 

I. Introduction 

Cryptographic protocols are fundamental tool in the design 

of secure distributed computing systems [3][4][7], but they 

are also extremely hard to design and validate. The 

difficulty of designing valid cryptographic protocols[1][5] 

stems mostly from the fact that security properties[2] should 

remain valid even when the protocol is executed in an 

unpredictable adversarial environment, where some of the 

clients (or an external entity) are maliciously attempting to 

make the protocol deviate from its prescribed behavior. 

Basically, Cryptographic protocols are coined in one of two 

ways: [9][11][15] 

A. Computational Model: 

The computational model consists of following models: 

Messages are considered as bit-strings[17]; 

The encryption operation[19] of message is a 

concrete arithmetic; 

Security is defined in terms of that a 

computationally bounded[20][23] adversary can 

only attack successfully with negligible probability; 

Analysis of security is done by reduction. 

B. Formal Model (“Dolev-Yao model”): 

The formal model comprises of: 

Abstracts cryptographic concepts into an algebra of 

symbolic messages[9][12]; 

Messages are considered as formal expressions; 

The encryption operation is only an abstract 

function; 

Security is modeled by formal formulas[14]; 

Analysis of security is done by formal reasoning. 

This paper is divided into six parts. Starting with 

introduction (Section-I), next section covers theoretical 

experiment (Section-II). Moving ahead analysis model 

(Section-III), related work has been described in 

(Section-IV) and finally conclusion & future work has 

been described in (Section-V & VI). 

II. Theoretical Experiment 

Example: 

A→B: e = {xˋk}x k , mac(e, x mk ) 

xˋk fresh 

A sends to B a fresh key x′ k encrypted under authenticated 

encryption [22][23], implemented as encrypt-then-MAC. 

x′ k should remain secret. 

Step 1: Initialization: 

A→B: e = {xˋk}x k , mac(e, x mk ) 

xˋk fresh 

Q 0 = start(); new x r : keyseed; let x k : key= kgen(x r ) in 

new xˋr : mkeyseed; let x mk : mkey = mkgen(xˋr) in α(); (Q A | Q B ) 

Initialization of keys: 

 

The process Q 0 waits for a message on channel 

start. The adversary triggers this process. 

525

Q 0 generates encryption and MAC keys, x k and x mk 

[2][6] respectively, using the key generation 

algorithms kgen and mkgen. 

Q 0 returns control to the adversary by the output 

α(). 

Q A and Q B represent the actions of A and B. 

Step 2: 

a) Role of A: 

 

 

 


A→B: e = {xˋk}x k , mac(e, x mk ) xˋk fresh 

Q A = β i ≤ n C A (); new xˋk : key; new x″ r :coins; 

Let xm : bitstring = enc(k2b(xˋk), x k , x″ r ) in 

C A 

β i ≤ n represents n copies, indexes by i ϵ [1,n] 

The protocol can be run n times (polynomial in the 

security parameter [4]). 

The process is triggered when a message is sent on 

C A by the adversary. 

The process chooses a fresh key xˋk and sends the 

message on channel C A . 

We obtain a sequence of games G 0 ≈ G 1 ≈ … ≈ G m , which 

implies G 0 ≈ G m . 

If some equivalence or trace property hold with 

overwhelming probability in G m , then it also hold with 

overwhelming probability in G 0 . 

Step 5: Security definition [1][2][9]: 

A MAC scheme: 

(Randomized) key generation function mkgen. 

MAC function mac (m, k) takes as input a message 

m and a key k. 

Verification function verify(m, k, t) such that 

Verify (m, k, mac (m, k)) = true. 

ISSN:2229-6093 

A MAC guarantees the integrity and authenticity [26] of the 

message because only someone who knows the secret key 

can build the mac. 

More formally, an adversary A that has oracle access to mac 

and verify has a negligible probability to forge a MAC: 

b) Role of B: 

A→B: e = {xˋk}x k , mac(e, x mk ) xˋk fresh 

Q B = β i ≤ n C B (xˋm : bitstring, x ma : macstring); 

if veriry (xˋm , x mk , x ma ) than 

let i ⊥ (k2b(x″ k )) = dec (xˋm, x k ) in C B () 

n copies, as for Q A . 

The process Q B waits for the message on channel 

C B . 

It verifies the MAC, decrypts and stores the key in 

x″ k . 

Step 3: Indistinguishability as observational equivalence: 

Two processes Q1, Q2 are observationally equivalent where 

the adversary has a negligible probability of distinguishing 

them: 

Q 1 ≈ Q 2 

In the formal definition, the adversary is represented by an 

acceptable evaluation context C:: = C|Q & Q|C new 

Channel c; C. 

Observation equivalence is an equivalence relation. 

It is contextual: Q 1 ≈ Q 2 implies C[Q] ≈ C[Q] 

where C is any acceptable evaluation context. 

Step 4: Proof Technique: 

We transform a Game G 0 into an observationally equivalent 

[27][28] on using: 

Observational equivalences: L ≈ R given as 

axioms and that come from security assumptions 

on primitives. These equivalences are used inside a 

context: 

G1 ≈ C[L] C[R] ≈ G2 

Syntactic transformations: Simplification, 

expansion of assignments, 

max Pr[verify (m, k, t) | k ← mkgen; (m, t) ← A mac (. , k), verify(. , k, .) ] 

A 

is negligible, when the adversary A has not called the mac 

oracle on message m. 

Step 6: Intuitive Implementation: 

By the previous definition, up to neglible probability, 

 

 

 

The adversary cannot forge a correct MAC. 

So when verifying a MAC with verify (m, k, t) and 

k ← mkgen is used only for generating and 

verifying MACs, the verification can succeed only 

if m is in the list (array) of message whose mac has 

been computed by the protocol. 

So we can replace a call to verify with an array 

lookup: 

If the call to mac is mac (x, k), we replace verify 

(m, k, t) with find j ≤ N such that defined (x[j]) ˄ 

(m = x[j]) ˄ verify (m, k, t) then true else false. 

Step 7: Formal implementation (1) [15]: 

Verify (m, mkgen(r), mac(m, mkgen(r))) = true 

β N″ new r : mkeyseed; (β N (x : bitstring) → mac(x, mkgen(r)), 

β Nˋ(m : bitstring, t : macstring) → verify(m, mkgen(r), t)) 

≈ 


β Nˋ(m : bitstring, t : macstring) → 

find j ≤ N such that defined(x[j]) ˄ (m = x[j]) ˄ verify(m, 

mkgen(r), t) then true else false. 

Formal implementation (2): 

Verify (m, mkgen(r), mac(m, mkgen(r))) = true 


β Nˋ(m : bitstring, t : macstring) → verify(m, mkgen(r), t)) 

526


≈ 

β N″ new r : mkeyseed; (β N (x : bitstring) → macˋ(x, mkgenˋ(r)), 

β Nˋ(m : bitstring, t : macstring) → 

find j ≤ N such that defined(x[j]) ˄ (m = x[j]) ˄ verifyˋ(m, 

mkgenˋ(r), t) then true else false. 

The prover applies the previous rule automatically in any 

(polynomial-time) context, perhaps containing several 

occurrences of mac and verify following: 

ISSN:2229-6093 

prove the source of the message to a third party. A practical 

secure deniable authentication protocol should have the 

following properties: Completeness or authentication, strong 

deniability, weak deniability, security of forgery attack, 

security of impersonate attack, security of compromising 

session secret attack, security of man-in-the-middle attack. 

 

 

Each occurrence of mac is replaced with macˋ. 

Each occurrence of verify is replaced with a 

message key and find that looks in all arrays of 

computed MACs. 

Step 8: Proof of security properties: 

a. One-session secrecy: 

The adversary cannot distinguish any of the 

secretes from a random number with one test query. 

Criterion for proving one-session secrecy [19][21] of x: 

X is defined by new x[i] : T and there is a set of 

variables S such that only variables in S depend on x. 

The output messages and the control-flow do not 

depend on x. 

b. Secrecy: 

The adversary cannot distinguish the secrets from 

independent random numbers with several test queries. 

Criterion for proving secrecy of x: 

Same as one-session secrecy, plus x[i] and x[iˋ] do 

not come from the same copy of the same restriction when 

i ≠ iˋ. 

Step 9: Result: 

In most cases, the prover succeeds in proving the 

desired properties when they hold and obviously it always 

fails to prove them when they do not hold. 

Only cases in which the prover fails although the property 

holds: 

Needham-Schroeder [9][11] public-key when the 

exchanged key is the nonce N A. 

Needham-Schroeder shared-key: fails to prove that 

N B [i] ≠ N B [iˋ]-1 with overwhelming probability, 

where N B is a nonce. 

III. Analysis Model 

Deniable authentication protocols allow a Sender to 

authenticate a message for a receiver, in a way that the 

receiver cannot convince a third party that such 

authentication (or any authentication) ever took place. 

Deniable authentication has two characteristics that differ 

from traditional authentication: One is that only the intended 

receiver can authenticate the true source of a given message; 

the other is that the receiver cannot provide the evidences to 

Figure 1: Analysis model of deniable authentication protocols with 

Blanchet calculus 

Generally deniable authentication protocol includes three 

roles, Sender which is initiator, receiver which is responder 

and third party, represented by Sender, Receiver and Third 

party, respectively. We assume that Sender plays only on the 

role of the initiator; Receiver plays only the role of 

responder, Third party play only on the prover. The deniable 

authentication protocol consists of a sequence of messages 

exchanged between the Sender and the Receiver & the 

Receiver and Third party. In deniable authentication 

protocol Sender can authenticate a message for Receiver, in 

a way that they cannot Receiver convince a Third party that 

such authentication (or any authentication) ever took place. 

Deniable authentication protocol has two characteristics that 

differ from traditional authentication protocol. One is that 

only the intended Receiver can authenticate the true source 

of a given message. The other is that the Sender cannot 

provide the evidences to prove the source of the message to 

a third party at some condition and the Receiver can provide 

the evidences to prove the source of the message to a third 

party. The ability of adversary is defined in the previous 

section. It can control the channel SR between Sender and 

Receiver. It cannot control the channels: Channel ST and 

channel RT. At the same time the adversary is a 

probabilistic polynomial-time attacker. 

Strong deniability: 

The purpose of strong deniability is to protect the privacy of 

Sender. After execution of the deniable authentication 

protocol the Sender can deny to have ever authenticated 

anything to Receiver. If the prover (Receiver or the any 

other party) wants to prove that the Sender have 

authenticated messages to Receiver, they must provide all 

the relevant evidence. The Sender can provide his secret 

information to the Third party. A adversary model in strong 

deniability: we suppose that the Sender and the Receiver 

cooperate with the judge or the prover or the any other party 

527

which means that the Sender and the Receiver provide all 

the transcripts of the message in the deniable authentication 

protocol to them. 

If DAP satisfies the condition one and four in: 

Inj-event (whole sender (Receiver, x)) = inj-event(whole Receiver (Sender, x) ) 

Inj-event (whole Thirdparty (Receiver, x)) = inj-event(whole Thirdparty (Sender, x) ) 

Definition DAP and DAP’ satisfies the correspondence and 

with public variables V = φ, then DAP is a secure deniable 

authentication protocol with session in a adversary model in 

strong deniability. In the above definition of DAP the 

injective correspondence can be instead by non-injective 

correspondence. 

Weak deniability: 

The purpose of weak deniability is to protect the privacy of 

Sender. After execution of the deniable authentication 

protocol the Receiver can prove to have spoken to Sender 

but not the content of what the Sender authenticated in a 

way that the Receiver cannot convince a third party. 

Deniable Authentication Protocol 

Security Properties 

Active Adversary Model 


Relating the Two Models: 

Meng & Shao 

Mechnized Model 

Automated 

Verification 

ISSN:2229-6093 

In order to prove any relationship between the formal and 

computational worlds, we need to define the interpretation 

of expressions [8] and patterns. Once an encryption scheme 

is depicted, we can define the interpretation function α, 

which assigns to each expression or pattern M a family of 

random variables {α η (M)} η∈ N such that each α η (M) takes 

values in strings. For expressions: 

Blocks are interpreted as strings, 

Each key is interpreted by running the key 

generation algorithm, 

Pairs are translated into computational pairs, 

Formal encryptions terms are interpreted by 

running the encryption algorithm. 

Difference between Formal approach and 

Computational approach [15]: 

Formal approach Computational 

approach 

Message Terms Bits-strings 

Encryption Idealized Algorithm 

Adversary Idealized Any polynomial 

algorithm 

Secrecy Reach ability-based Indistingability 

property property 

Guarantees Unclear Strong 

Proof Automatic By hand and errorprone 

Balnchet Calculus 

Computational Model 

Crypto Verification 

Figure 2: Model of automatic verification of deniable authentication 

protocols 

If the Receiver want to prove that the Sender have 

authenticated messages to Receiver, he must provide the 

evidence related to the thing. An adversary model in weak 

deniability: When discussing the weak deniability, in 

addition the adversary has the ability in previous section; we 

always suppose that only the Receiver generates the 

evidence that the Sender have authenticated messages to 

Receiver. Receiver cannot get the secret information of the 

Sender, for example the private key of Sender. Receiver can 

provide his secret information to the Third party. 

If DAP’ satisfies the condition one in definition DAP and 

DAP’ satisfies the correspondence: 

Inj-event (whole sender (Receiver, x)) = inj-event(whole Receiver (Sender, x) ) 

Inj-event (whole Thirdparty (Receiver, x)) = inj-event(whole Thirdparty (Sender, x) ) 

and with public variables V = φ, then DAP is a secure 

deniable authentication protocol with session functions in a 

adversary model in weak deniability. In the above definition 

of DAP the injective correspondence can be instead by noninjective 

correspondence. 

Our Contribution: 

The primary contribution of this paper is that it tried to bring 

about various concepts which are requisite for concrete 

development in proofs of cryptography protocols and 

remove the bottleneck reason for its failure. In particular, we 

define the equivalence between formal messages in the 

presence of both key cycles and secret shares, and then 

prove the computational soundness [13][16] about formal 

encryption in this setting. 

1. First computational analysis of an industrial protocol: 

Consider authentication[29] and secrecy 

properties[26], 

Analyzed Basic Kerberos 5 and public-key 

Kerberos[22], 

Kerberos is complex (e.g. PKINIT uses both 

public-key and symmetric). 

Cryptographic primitives (Encryption, Signatures, 

MACs). 

2. Proofs were carried out symbolically in the BPW 

model: 

Proofs in Dolev-Yao style model are 

cryptographically sound, 

Proofs can be automated. 

528


IV. Related Work 

Early work on linking Dolev-Yao models and cryptography 

only considered passive attacks, and therefore cannot make 

general statements about protocols. A Cryptographic 

justification for a Dolev-Yao model in the sense of under 

active attacks and within arbitrary surrounding interactive 

protocols [29][30]. 

Diminishing the distance between the computational and 

logic treatment of Cryptography has been the subject of 

many recent research efforts. The works which are more 

closely related to our paper, which present a simple logic for 

reasoning about the security protocols written in a language 

similar to ours, but only for the case of passive adversaries. 

Other approaches to bridging the logic and computational 

models of cryptography have also been considered in the 

literature, but they all seem considerably more complex. The 

notions of probability, polynomial bounded computation, 

and computational in distinguish ability are incorporated in 

a process calculus, and security is defined in terms of 

observational equivalence on processes. 

Work is in progress regarding formulation of mathematical 

model for syntactic approach dealing with probability and 

polynomial-time [14] considerations and encoding them into 

proof tools, in particular. This is equivalent to the work of 

justifying Dolev-Yao models, which offer a higher level of 

abstractions and thus much simpler proofs where applicable, 

so that proofs of larger systems can be automated. 

V. Conclusion 

On the macroscopic view, we come across the various 

security measures involved in security protocol proofs. This 

paper properly deals with all the computational technique 

which can overcome all the day by day new developments 

in cryptographic field. 

This paper reflects logical formal proofs of security 

protocols into the computational model. The formal proofs 

are easy with respect to computational model as we don’t 

have to consider the probabilistic distribution and 

asymptotic notations. The security properties are expressed 

in terms simple logic based language using syntactic 

expressions and are then interpreted in a computational 

setup. Also these formal proof are sound as any active 

adversaries can extract information from messages if the 

statement hold true for any symbolic execution. Therefore, 

we need such a framework for the interpretation of formal 

proof into cryptographic system so as to develop more and 

more secure communication systems. 

VI. Future Work 

1. Considering execution models in which we can extend 

instances not of a single but of a set of protocols if they 

are developed in future. 

2. Developing a more general execution model involving 

reactive clients. 

3. Generalize our abstract definition of security notions to 

capture secrecy properties. 

4. Augmenting the BPW model with tailored protocol 

logics to further simplify modular reasoning. 

5. Understanding the relation of correctness proofs of 

(commercial) protocols in MSR and in the BPW 

model. 

VII. References 

ISSN:2229-6093 

[1] E. S. Cohen, “Information transmission in 

computational systems,” ACM SIGOPS Operating 

Systems Review, vol. 11, no. 5, pp. 133–139, 1977. 

[2] J. McLean, “Security models and information 

flow,” in Proc. IEEE Symp. on Security and 

Privacy, May 1990, pp. 180–187. 

[3] Focardi and R. Gorrieri, “A classification of 

security properties for process algebras,” J. 

Computer Security, vol. 3, no. 1, pp. 5–33, 1995. 

[4] D. Song. An automatic checker for security 

protocol analysis. In 12th IEEE Computer Security 

Foundations Workshop, June 1999. 

[5] D. Kozen, “Language-based security,” in Proc. 

Mathematical Foundations of Computer Science. 

Sept. 1999, vol. 1672 of LNCS, pp. 284– 298, 

Springer-Verlag. 

[6] Aldini, “Probabilistic information flow in process 

algebra,” in Proc. CONCUR’01. Aug. 2001, vol. 

2154 of LNCS, pp. 152–168, Springer-Verlag. 

[7] Michele Boreale. Symbolic trace analysis of 

cryptographic protocols. In 28th Colloquium on 

Automata, Languages and Programming (ICALP), 

LNCS. Springer, July 2001. 

[8] M. Zanotti, “Security typings by abstract 

interpretation,” in Proc.Symposium on Static 

Analysis. Sept. 2002, vol. 2477 of LNCS, pp. 360– 

375, Springer-Verlag. 

[9] M. Backes and B. Pfitzmann. A cryptographically 

sound security proof of the Needham-Schroeder- 

Lowe public-key protocol. Available as Cryptology 

ePrint Archive, Report 2003/121. 

[10] M. Backes, B. Pfitzmann, and M. Waidner. A 

universally composable cryptographic library. 

Available as Cryptology ePrint Archive, Report 

2003/015. 

[11] M. Backes and B. Pfitzmann. Symmetric 

Encryption in a simulatable Dolev-Yao style 

cryptographic library. In Proceedings of the 17th 

Computer Security Foundations Workshop, pages 

204{218. IEEE Computer Society, June 2004. 

[12] Iliano Cervesato, Aaron D. Jaggard, Andre 

Scedrov, and Christopher Walstad. Specifying 

Kerberos 5 Cross-Realm Authentication. In Proc. 

WITS’05, pages 12–26. ACM Digital Lib., 2005. 

[13] V`eronique Cortier and Bogdan Warinschi. 

Computationally sound, automated proofs for 

security protocols. In Proc. 14th European 

529


Symposium on Programming (ESOP), pages 157– 

171, 2005. 

[14] Anupam Datta, Ante Derek, John Mitchell, Vitalij 

Shmatikov, and Matthieu Turuani. Probabilistic 

polynomial-time semantics for protocol security 

logic. In Proc. 32nd International Colloquium on 

Automata, Languages and Programming (ICALP), 

volume 3580 of Lecture Notes in Computer 

Science, pages 16–29. Springer, 2005. 

[15] Laud, P. Formal analysis of crypto protocols: 

Secrecy types for a simulatable cryptographic 

library. In Proc. ACM Conf. on Computer and 

Communication Security (ACM CCS 2005) 

(2005), ACM Press, pp. 26–35. 

http://scialert.net/fulltext/?doi=itj.2011.1068.1091 

&org=11 

[16] C. He and J. C. Mitchell. Security Analysis and 

Improvements for IEEE 802.11i. In Proceedings of 

the 11th Annual Network and Distributed System 

Security Symposium (NDSS ’05), February 2005. 

[17] Ran Canetti and Jonathan Herzog. Universally 

composable symbolic analysis of cryptographic 

protocols (the case of encryption-based mutual 

authentication and key exchange). In Proc. 3rd 

Theory of Cryptography Conference (TCC), 2006. 

[18] Iliano Cervesato, Aaron D. Jaggard, Andre 

Scedrov, Joe-Kai Tsay, and Chris Walstad. 

Breaking and fixing public-key Kerberos. In Proc. 

WITS’06, pages 55–70, 2006. 

[19] Anupam Datta, Ante Derek, John Mitchell, and 

Bogdan Warinschi. Key exchange protocols: 

Security definition, proof method, and applications. 

In 19th IEEE Computer Security Foundations 

Workshop (CSFW 19), Venice, Italy, 2006. IEEE 

Press. 

[20] Tsudik, G. YA-TRAP: Yet another trivial RFID 

authentication protocol. In Proc. IEEE Intern. Conf. 

on Pervasive Computing and Communications 

(PerCom 2006) (2006), IEEE Press. 

[21] Oren, Y., and Shamir, A. Power analysis of RFID 

tags. Appeared in the rump session of Advances in 

Cryptology, CRYPTO 2006. Available online at 

http://www.wisdom.weizmann.ac.il/_yossio/rfid/, 

Weizmann Institute, 2006. 

[22] Burmester, M., van Le, T., and de Medeiros, B. 

Provably secure ubiquitous systems: Universally 

composable RFID authentication protocols. E-print 

report 2006/131, International Association for 

Cryptological Research, 2006. 

[23] IETF. Public Key Cryptography for Initial 

Authentication in Kerberos, 1996–2006. Sequence 

of Internet drafts available from 

http://tools.ietf.org/wg/krb-wg/draft-ietf-catkerberos-pk-init/. 

[24] F. Wang and Y. Zhang, “A new provably secure 

authentication and key agreement mechanism for 

SIP using certificateless public-key cryptography”, 

Cryptology ePrint Archive, Report 2007/220, 2007. 

[25] Tarjei K. Mandt and Chik How Tan, 

“Certificateless authenticated two-party key 

agreement protocol”, ASIAN 2006, LNCS 4435, 

pp.37-44, 2007. 

[26] Y. Sun, F. Zhang, and J. Baek, “Strongly Secure 

Certificate less Public Key Encryption without 

Pairing”, CANS 2007, LNCS 4856, pp.194-208, 

2007. 

[27] X. Liang, SH. Wang, J. Shen and G. Xu, “Breaking 

and Repairing the Certificate less key agreement 

protocol from ASIAN 2006”, Wuhan University 

Journal of Natural Sciences,vol. 13, no. 5, pp. 562- 

566, 2008. 

[28] Dario Fiore and Rosario Gennaro, “Making the 

Diffie-Hellman Protocol Identity-Based”, 

http://eprint.iacr.org/2009/174,2009. 

[29] Georg Lippold, Colin Boyd and Juan Gonzalez 

Nieto, “Strongly Secure Certificate less Key 

Agreement”, http://eprint.iacr.org/2009/219. 

[30] Cas J.F. Cremers, “Formally and Practically 

Relating the CK, CK-HMQV, and eCK Security 

Models for Authenticated Key Exchange”, 

http://eprint.iacr.org/2009/253. 

Bibliographies: 

ISSN:2229-6093 

Sanjay Kumar Sonkar was born at 

Varanasi, (U.P.), in India. He received 

the B. Tech degree in Computer Science 

& Engineering in 2010 from Radha 

Govind Engineering College, Meerut, 

India. Presently, he is an M.Tech student 

in Computer Science & Engineering from Kamla Nehru 

Institute of Technology, Sultanpur, U.P., India. 

Dharmendra Lal Gupta is currently 

working as an Assistant Professor in the 

Department of Computer Science & 

Engineering at KNIT, Sultanpur (U.P.) 

India. And he is also pursuing his Ph.D. 

in Computer Science & Engineering 

from Mewar University, Chittorgarh (Rajasthan). He 

received B.Tech.(1999) from Kamla Nehru Institute of 

Technology (KNIT) Sultanpur, in Computer Science & 

Engineering, M.Tech. Hon’s (2003) in Digital Electronics 

and Systems from Kamla Nehru Institute of Technology 

(KNIT) Sultanpur. His research interests are Cryptography 

and Network Security, Software Quality Engineering, and 

Software Engineering. 

Dr. Anil Kumar Malviya is an Associate 

Professor in the Computer Science & 

Engineeering. Department at Kamla 

Nehru Institute of Technology, (KNIT), 

Sultanpur. He received his B.Sc. & 

M.Sc. both in Computer Science from 

Banaras Hindu University, Varanasi respectively in 1991 

and 1993 and Ph.D. degree in Computer Science from 

530


Dr. B.R. Ambedkar University; Agra in 2006.He is Life 

Member of CSI, India. He has published about 31papers in 

International/National Journals, conferences and seminars. 

His research interests are Data mining, Software 

Engineering, Cryptography & Network Security. 

ISSN:2229-6093 

Ganesh Chandra was born at Kanpur, 

India. He received the B. Tech. Degree 

in Computer Science and Engineering in 

2009 from Dr. Ambedkar Institute of 

Technology for Handicapped, Kanpur, 

India. He is currently pursuing M. Tech 

in Computer Science and Engineering 

from Kamla Nehru Institute of Technology, Sultanpur, U.P, 

India. 

Vinod Kumar Yadav was born in 

Jaunpur, India. He received the B.Tech. 

Degree in Computer Science and 

Information Technology in 2008 from 

I.E.T., M.J.P. Rohilkhand University 

Bareilly, India. He is currently pursuing 

M.Tech in Computer Science and 

Engineering from Kamla Nehru Institute 

of Technology, Sultanpur, U.P., India. 

531

Fulltext - International Journal of Computer Technology and ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?