Add to ORKGAbstract. Security-critical systems are an important application area for formal methods. However, such systems often contain cryptographic subsystems. The natural definitions of these subsystems are probabilistic and in most cases computational. Hence it is not obvious how one can treat cryptographic subsystems in a sound way within formal methods, in particular if one does not want to encumber the proof of an overall system by probabilities and computational restrictions due only to its cryptographic subsystems. We survey our progress on integrating cryptography into formal models, in particular our work on reactive simulatability (RSIM), a refinement notion suitable for cryptography. We also present the underlying system model which unif...
Abstract. Polynomial time adversaries based on a computational view of cryptography have additional ...
In this paper we develop symbolic and computational representations for a class of cryptographic mod...
Abstract. We consider abstract specifications of cryptographic protocols which are both suitable for...
AbstractWe define reactive simulatability for general asynchronous systems. Roughly, simulatability ...
Automated tools such as model checkers and theorem provers for the analysis of security protocols t...
Abstract. Simulatability has established itself as a salient notion for defining and proving the sec...
The cryptographic concept of simulatability has become a salient technique for faithfully analyzing ...
AbstractThe cryptographic concept of simulatability has become a salient technique for faithfully an...
International audienceSince the 1980s, two approaches have been developed for analyzing security pro...
International audienceSecurity protocols are the small distributed programs which are omnipresent in...
Computer-aided cryptography improves the rigor of security proofs by mechanizing their verification....
Polynomial time adversaries based on a computational view of cryptography have additional capabiliti...
We present a formal view of cryptography that overcomes the usual assumptions of formal models for r...
Abstract. Simulatability has established itself as a salient notion for dening and proving the secur...
We introduce a precise definition of the security of reactive systems following the simulatability a...
Abstract. Polynomial time adversaries based on a computational view of cryptography have additional ...
In this paper we develop symbolic and computational representations for a class of cryptographic mod...
Abstract. We consider abstract specifications of cryptographic protocols which are both suitable for...
AbstractWe define reactive simulatability for general asynchronous systems. Roughly, simulatability ...
Automated tools such as model checkers and theorem provers for the analysis of security protocols t...
Abstract. Simulatability has established itself as a salient notion for defining and proving the sec...
The cryptographic concept of simulatability has become a salient technique for faithfully analyzing ...
AbstractThe cryptographic concept of simulatability has become a salient technique for faithfully an...
International audienceSince the 1980s, two approaches have been developed for analyzing security pro...
International audienceSecurity protocols are the small distributed programs which are omnipresent in...
Computer-aided cryptography improves the rigor of security proofs by mechanizing their verification....
Polynomial time adversaries based on a computational view of cryptography have additional capabiliti...
We present a formal view of cryptography that overcomes the usual assumptions of formal models for r...
Abstract. Simulatability has established itself as a salient notion for dening and proving the secur...
We introduce a precise definition of the security of reactive systems following the simulatability a...
Abstract. Polynomial time adversaries based on a computational view of cryptography have additional ...
In this paper we develop symbolic and computational representations for a class of cryptographic mod...
Abstract. We consider abstract specifications of cryptographic protocols which are both suitable for...