Modular Verification of Protocol Equivalence in the Presence of Randomness

Bauer, Matthew S; Chadha, Rohit; Viswanathan, Mahesh

Permalink

https://hdl.handle.net/2142/96261 Copy

Description

Title

Modular Verification of Protocol Equivalence in the Presence of Randomness

Author(s)

• Bauer, Matthew S
• Chadha, Rohit
• Viswanathan, Mahesh

Issue Date

2017

Keyword(s)

cryptographic protocols

Abstract

Security protocols that provide privacy and anonymity guarantees are growing increasingly prevalent in the online world. The highly intricate nature of these protocols makes them vulnerable to subtle design flaws. Formal methods have been successfully deployed to detect these errors, where protocol correctness is formulated as a notion of equivalence (indistinguishably). The high overhead for verifying such equivalence properties, in conjunction with the fact that protocols are never run in isolation, has created a need for modular verification techniques. Existing approaches in formal modeling and (compositional) verification of protocols for privacy have abstracted away a fundamental ingredient in the effectiveness of these protocols, randomness. We present the first composition results for equivalence properties of protocols that are explicitly able to toss coins. Our results hold even when protocols share data (such as long term keys) provided that protocol messages are tagged with the information of which protocol they belong to.

Type of Resource

text

Language

en

Permalink

http://hdl.handle.net/2142/96261

Owning Collections