Fulltext - International Journal of Computer Technology and ...

More documents

Recommendations

Info

which means that the Sender and the Receiver provide all the transcripts of the message in the deniable authentication protocol to them. If DAP satisfies the condition one and four in: Inj-event (whole sender (Receiver, x)) = inj-event(whole Receiver (Sender, x) ) Inj-event (whole Thirdparty (Receiver, x)) = inj-event(whole Thirdparty (Sender, x) ) Definition DAP and DAP’ satisfies the correspondence and with public variables V = φ, then DAP is a secure deniable authentication protocol with session in a adversary model in strong deniability. In the above definition of DAP the injective correspondence can be instead by non-injective correspondence. Weak deniability: The purpose of weak deniability is to protect the privacy of Sender. After execution of the deniable authentication protocol the Receiver can prove to have spoken to Sender but not the content of what the Sender authenticated in a way that the Receiver cannot convince a third party. Deniable Authentication Protocol Security Properties Active Adversary Model Sanjay Kumar Sonkar et al ,Int.J.Computer Technology & Applications,Vol 3 (2), 525-531 Relating the Two Models: Meng & Shao Mechnized Model Automated Verification ISSN:2229-6093 In order to prove any relationship between the formal and computational worlds, we need to define the interpretation of expressions [8] and patterns. Once an encryption scheme is depicted, we can define the interpretation function α, which assigns to each expression or pattern M a family of random variables {α η (M)} η∈ N such that each α η (M) takes values in strings. For expressions: Blocks are interpreted as strings, Each key is interpreted by running the key generation algorithm, Pairs are translated into computational pairs, Formal encryptions terms are interpreted by running the encryption algorithm. Difference between Formal approach and Computational approach [15]: Formal approach Computational approach Message Terms Bits-strings Encryption Idealized Algorithm Adversary Idealized Any polynomial algorithm Secrecy Reach ability-based Indistingability property property Guarantees Unclear Strong Proof Automatic By hand and errorprone Balnchet Calculus Computational Model Crypto Verification Figure 2: Model of automatic verification of deniable authentication protocols If the Receiver want to prove that the Sender have authenticated messages to Receiver, he must provide the evidence related to the thing. An adversary model in weak deniability: When discussing the weak deniability, in addition the adversary has the ability in previous section; we always suppose that only the Receiver generates the evidence that the Sender have authenticated messages to Receiver. Receiver cannot get the secret information of the Sender, for example the private key of Sender. Receiver can provide his secret information to the Third party. If DAP’ satisfies the condition one in definition DAP and DAP’ satisfies the correspondence: Inj-event (whole sender (Receiver, x)) = inj-event(whole Receiver (Sender, x) ) Inj-event (whole Thirdparty (Receiver, x)) = inj-event(whole Thirdparty (Sender, x) ) and with public variables V = φ, then DAP is a secure deniable authentication protocol with session functions in a adversary model in weak deniability. In the above definition of DAP the injective correspondence can be instead by noninjective correspondence. Our Contribution: The primary contribution of this paper is that it tried to bring about various concepts which are requisite for concrete development in proofs of cryptography protocols and remove the bottleneck reason for its failure. In particular, we define the equivalence between formal messages in the presence of both key cycles and secret shares, and then prove the computational soundness [13][16] about formal encryption in this setting. 1. First computational analysis of an industrial protocol: Consider authentication[29] and secrecy properties[26], Analyzed Basic Kerberos 5 and public-key Kerberos[22], Kerberos is complex (e.g. PKINIT uses both public-key and symmetric). Cryptographic primitives (Encryption, Signatures, MACs). 2. Proofs were carried out symbolically in the BPW model: Proofs in Dolev-Yao style model are cryptographically sound, Proofs can be automated. 528
Sanjay Kumar Sonkar et al ,Int.J.Computer Technology & Applications,Vol 3 (2), 525-531 IV. Related Work Early work on linking Dolev-Yao models and cryptography only considered passive attacks, and therefore cannot make general statements about protocols. A Cryptographic justification for a Dolev-Yao model in the sense of under active attacks and within arbitrary surrounding interactive protocols [29][30]. Diminishing the distance between the computational and logic treatment of Cryptography has been the subject of many recent research efforts. The works which are more closely related to our paper, which present a simple logic for reasoning about the security protocols written in a language similar to ours, but only for the case of passive adversaries. Other approaches to bridging the logic and computational models of cryptography have also been considered in the literature, but they all seem considerably more complex. The notions of probability, polynomial bounded computation, and computational in distinguish ability are incorporated in a process calculus, and security is defined in terms of observational equivalence on processes. Work is in progress regarding formulation of mathematical model for syntactic approach dealing with probability and polynomial-time [14] considerations and encoding them into proof tools, in particular. This is equivalent to the work of justifying Dolev-Yao models, which offer a higher level of abstractions and thus much simpler proofs where applicable, so that proofs of larger systems can be automated. V. Conclusion On the macroscopic view, we come across the various security measures involved in security protocol proofs. This paper properly deals with all the computational technique which can overcome all the day by day new developments in cryptographic field. This paper reflects logical formal proofs of security protocols into the computational model. The formal proofs are easy with respect to computational model as we don’t have to consider the probabilistic distribution and asymptotic notations. The security properties are expressed in terms simple logic based language using syntactic expressions and are then interpreted in a computational setup. Also these formal proof are sound as any active adversaries can extract information from messages if the statement hold true for any symbolic execution. Therefore, we need such a framework for the interpretation of formal proof into cryptographic system so as to develop more and more secure communication systems. VI. Future Work 1. Considering execution models in which we can extend instances not of a single but of a set of protocols if they are developed in future. 2. Developing a more general execution model involving reactive clients. 3. Generalize our abstract definition of security notions to capture secrecy properties. 4. Augmenting the BPW model with tailored protocol logics to further simplify modular reasoning. 5. Understanding the relation of correctness proofs of (commercial) protocols in MSR and in the BPW model. VII. References ISSN:2229-6093 [1] E. S. Cohen, “Information transmission in computational systems,” ACM SIGOPS Operating Systems Review, vol. 11, no. 5, pp. 133–139, 1977. [2] J. McLean, “Security models and information flow,” in Proc. IEEE Symp. on Security and Privacy, May 1990, pp. 180–187. [3] Focardi and R. Gorrieri, “A classification of security properties for process algebras,” J. Computer Security, vol. 3, no. 1, pp. 5–33, 1995. [4] D. Song. An automatic checker for security protocol analysis. In 12th IEEE Computer Security Foundations Workshop, June 1999. [5] D. Kozen, “Language-based security,” in Proc. Mathematical Foundations of Computer Science. Sept. 1999, vol. 1672 of LNCS, pp. 284– 298, Springer-Verlag. [6] Aldini, “Probabilistic information flow in process algebra,” in Proc. CONCUR’01. Aug. 2001, vol. 2154 of LNCS, pp. 152–168, Springer-Verlag. [7] Michele Boreale. Symbolic trace analysis of cryptographic protocols. In 28th Colloquium on Automata, Languages and Programming (ICALP), LNCS. Springer, July 2001. [8] M. Zanotti, “Security typings by abstract interpretation,” in Proc.Symposium on Static Analysis. Sept. 2002, vol. 2477 of LNCS, pp. 360– 375, Springer-Verlag. [9] M. Backes and B. Pfitzmann. A cryptographically sound security proof of the Needham-Schroeder- Lowe public-key protocol. Available as Cryptology ePrint Archive, Report 2003/121. [10] M. Backes, B. Pfitzmann, and M. Waidner. A universally composable cryptographic library. Available as Cryptology ePrint Archive, Report 2003/015. [11] M. Backes and B. Pfitzmann. Symmetric Encryption in a simulatable Dolev-Yao style cryptographic library. In Proceedings of the 17th Computer Security Foundations Workshop, pages 204{218. IEEE Computer Society, June 2004. [12] Iliano Cervesato, Aaron D. Jaggard, Andre Scedrov, and Christopher Walstad. Specifying Kerberos 5 Cross-Realm Authentication. In Proc. WITS’05, pages 12–26. ACM Digital Lib., 2005. [13] V`eronique Cortier and Bogdan Warinschi. Computationally sound, automated proofs for security protocols. In Proc. 14th European 529
Page 1 and 2: Sanjay Kumar Sonkar et al ,Int.J.Co
Page 3: Sanjay Kumar Sonkar et al ,Int.J.Co
Page 7: Sanjay Kumar Sonkar et al ,Int.J.Co

Fulltext - International Journal of Computer Technology and ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?