Sciweavers

ESORICS
2006
Springer

Conditional Reactive Simulatability

14 years 4 months ago
Conditional Reactive Simulatability
Abstract. Simulatability has established itself as a salient notion for defining and proving the security of cryptographic protocols since it entails strong security and compositionality guarantees, which are achieved by universally quantifying over all environmental behaviors of the analyzed protocol. As a consequence, however, protocols that are secure except for certain environmental behaviors are not simulatable, even if these behaviors are efficiently identifiable and thus can be prevented by the surrounding protocol. We propose a relaxation of simulatability by conditioning the permitted environmental behaviors, i.e., simulation is only required for environmental behaviors that fulfill explicitly stated constraints. This yields a more fine-grained security definition that is achievable i) for several protocols for which unconditional simulatability is too strict a notion or ii) at lower cost for the underlying cryptographic primitives. Although imposing restrictions on the enviro...
Michael Backes, Markus Dürmuth, Dennis Hofhei
Added 22 Aug 2010
Updated 22 Aug 2010
Type Conference
Year 2006
Where ESORICS
Authors Michael Backes, Markus Dürmuth, Dennis Hofheinz, Ralf Küsters
Comments (0)