| A cryptographic protocol is a distributed algorithm that performs a security-related function and applies cryptographic methods (such as public key encryption, digital signatures, hash function), defined by a sequence of steps precisely specifying the actions required of two or more parties in order to achieve a specified objective. The formal analysis of cryptographic protocols has turned out to provide a useful way to find errors in security protocols that had already been designed and deployed, or to validate them. In principle, it is of course much preferable to catch and remove problems early in the design phase, and before deployment. We need models and tools that enable the development and analysis of new, improved solutions as well as the analysis of existing protocols.A key feature that is needed to support the integration of methods into cryptographic protocol design is composability. Most of the design of a working cryptographic protocol is incremental in nature. One starts with a simple pattern that gives the basic skeleton of the protocol. If some of the added features require interaction between the principals, it may be necessary to compose the protocol with some other protocol or protocols. A desirable goal for cryptographic protocols is to guarantee security when the protocol is composed with other protocol instances. Such a general notion of security is provided by the universally composable (UC) security framework, which provides a very general composability property: A UC-secure protocol maintains its security properties even when composed concurrently with an unbounded number of instances of arbitrary protocols. In this thesis, we study some cryptographic protocols within the universally composable (UC) security framework. The main results presented are as follows:1. We study the feasibility of obtaining universally composable with identity joint state. The definition of security for cryptographic protocol, and the composition operation and theorem are provided by the universally composable (UC) security framework. We show the two type of composition operation of the"subroutine substitution"and the"joint internal state of multi-instance interaction"by each party who is identified via a unique party identifier PID. As in the case of protocol emulation, we present a new composition operation and theorem, which is called the universally composable with identity joint state (ID-JUC), in the setting where a single instance has some amount of identity joint state, and demonstrate sufficient condition for when the new operation preserves security. The case of composing ideal protocols follows as a special case, specified in an application to secure multicast of the Group Domain of Interpretation (GDOI) protocol is that the identity, allowing multiple identities can be useful for security associations. We demonstrate the use of our ID-JUC operation and theorem by proving that GDOI protocol is secure in our model.2. Routing protocols is one of the most basic networking functions in networks. However, the security of routing protocols has mainly been analyzed by informal means only. We report on a few exceptions, where some attempts are made to use formal methods for the verification and the development of routing protocols. We advocate a more systematic way of analysis. We propose a framework based on UC security in which security can be precisely defined and routing protocols can be proved to be secure in a rigorous manner. To the best of our knowledge, it has not been applied in the context of routing protocols so far. We also propose a new source routing protocol, called Secure Multiple Node-Disjoint Paths Source Routing Protocol, and we demonstrate the use of our framework by proving that it is secure in our model.3. We defined and realized specific primitives within the UC framework. Three process of the development and analysis of UC security cryptographic protocol are security definitions, complexity theoretic primitives, and defining and realizing the ideal functionality of the cryptographic protocols and their proofs of security. We formulated a number of ideal functionality that captures the security requirements from a GDOI protocol, source routing protocols, deniable authentication, key establishment for wireless sensor networks and mobile satellite communication systems, and we proposed and analyze a number of protocols such as Oblivious Transfer and protocols mentioned above in Universally Composable model.
|
PDF Full Text Request