| In the last two decades, two major directions in cryptography have developed: formal and computational. The formal approach uses simple, manageable formal language to describe cryptographic protocols; it is amenable to automatization, suitable for computer tools, but its accuracy is often unclear. The computational approach is harder to handle mathematically, involves probability theory and considers limits in computing power; proofs are done by hand, but it is more accurate, hence widely accepted. Much effort has been done to bridge the gap between the two views starting with Martin Abadi and Philip Rogaway in 2000, and followed by many others. These approaches are inspiring, but are worked out only for specific settings, and lack generality.; Our aim is to give a complete, general analysis of the original Abadi-Rogaway approach, including applications to specific settings. The AR approach has three important ingredients: a formal language along with an equivalence notion of formal expressions, a computational cryptosystem with the notion of computational equivalence of ensembles of random distributions, and an interpreting function that assigns to each formal expression an ensemble of distributions. We say that the interpretation satisfies soundness if equivalence of formal expressions implies computational equivalence of their interpretations, and satisfies completeness if computational equivalence of the interpretations requires equivalence of the expressions.; The language of the AR logic uses a box as formal notation for indecipherable strings, through which formal equivalence is defined. We expand the logic by considering different kinds of boxes corresponding to equivalence classes of formal ciphers. We consider not only computational, but also purely probabilistic, information-theoretic interpretations. We establish soundness and completeness for specific interpretations not covered in earlier works: a purely probabilistic one that interprets formal expressions in One-Time Pad, and another one in the so-called type 2 (which-key revealing) cryptosystems based on computational complexity. Furthermore, we present a general, systematic treatment of expansions of the logic as well as general soundness and completeness theorems for the interpretations, and some applications for specific settings. |
