Computational soundness results show that under certain conditions it is possible to conclude computational secu-rity whenever symbolic security holds. Unfortunately, each soundness result is usually established for some set of cryp-tographic primitives and extending the result to encompass new primitives typically requires redoing most of the work. In this paper we suggest a way of getting around this prob-lem. We propose a notion of computational soundness that we term deduction soundness. As for other soundness notions, our definition captures the idea that a computational adver-sary does not have any more power than a symbolic adver-sary. However, a key aspect of deduction soundness is that it considers, intrinsically, the use of the pr...
Formal analysis of security protocols based on symbolic mod-els has been very successful in finding ...
Abstract. The formal and computational views of cryptography have been related by the seminal work o...
Abstract. The use of passwords in security protocols is particularly delicate because of the possibi...
International audienceComputational soundness results show that under certain conditions it is possi...
International audienceMost computational soundness theorems deal with a limited number of primitives...
International audienceWe consider the question of the adequacy of symbolic models versus computation...
The abstraction of cryptographic operations by term algebras, called symbolic models, is essential i...
The Dolev–Yao model is a useful and widespread framework in which to analyze security protocols. How...
1 Introduction In the past few years, significant effort has been made to link formal and compu-tati...
We consider expansions of the Abadi-Rogaway logic of indistinguishability of formal cryptographic ex...
We develop a compositional method for proving cryptographically sound security properties of key exc...
In the last two decades, two major directions in cryptography have developed: formal and computation...
We have been developing a cryptographically sound formal logic for proving protocol security propert...
We formalize Abadi and Rogaway's computational soundness result in the Coq interactive theorem prove...
Recently, we proposed a technique [1] to define a com-putationally complete symbolic attacker for th...
Formal analysis of security protocols based on symbolic mod-els has been very successful in finding ...
Abstract. The formal and computational views of cryptography have been related by the seminal work o...
Abstract. The use of passwords in security protocols is particularly delicate because of the possibi...
International audienceComputational soundness results show that under certain conditions it is possi...
International audienceMost computational soundness theorems deal with a limited number of primitives...
International audienceWe consider the question of the adequacy of symbolic models versus computation...
The abstraction of cryptographic operations by term algebras, called symbolic models, is essential i...
The Dolev–Yao model is a useful and widespread framework in which to analyze security protocols. How...
1 Introduction In the past few years, significant effort has been made to link formal and compu-tati...
We consider expansions of the Abadi-Rogaway logic of indistinguishability of formal cryptographic ex...
We develop a compositional method for proving cryptographically sound security properties of key exc...
In the last two decades, two major directions in cryptography have developed: formal and computation...
We have been developing a cryptographically sound formal logic for proving protocol security propert...
We formalize Abadi and Rogaway's computational soundness result in the Coq interactive theorem prove...
Recently, we proposed a technique [1] to define a com-putationally complete symbolic attacker for th...
Formal analysis of security protocols based on symbolic mod-els has been very successful in finding ...
Abstract. The formal and computational views of cryptography have been related by the seminal work o...
Abstract. The use of passwords in security protocols is particularly delicate because of the possibi...