Secure Composition of PKIs with Public Key Protocols

Abstract : We use symbolic formal models to study the composition of public key-based protocols with public key infras-tructures (PKIs). We put forth a minimal set of requirements which a PKI should satisfy and then identify several reasons why composition may fail. Our main results are positive and offer various trade-offs which align the guarantees provided by the PKI with those required by the analysis of protocol with which they are composed. We consider both the case of ideally distributed keys but also the case of more realistic PKIs. Our theorems are broadly applicable. Protocols are not limited to specific primitives and compositionality asks only for minimal requirements on shared ones. Secure composition holds with respect to arbitrary trace properties that can be specified within a reasonably powerful logic. For instance, secrecy and various forms of authentication can be expressed in this logic. Finally, our results alleviate the common yet demanding assumption that protocols are fully tagged.
Document type :
Conference papers
Complete list of metadatas

Cited literature [31 references]  Display  Hide  Download

https://hal.inria.fr/hal-01625766
Contributor : Véronique Cortier <>
Submitted on : Saturday, October 28, 2017 - 7:38:15 PM
Last modification on : Tuesday, December 18, 2018 - 4:38:25 PM
Long-term archiving on : Monday, January 29, 2018 - 2:17:53 PM

File

CSF2017-PKI(1).pdf
Files produced by the author(s)

Identifiers

Citation

Vincent Cheval, Véronique Cortier, Bogdan Warinschi. Secure Composition of PKIs with Public Key Protocols. CSF'17 - 30th IEEE Computer Security Foundations Symposium, Aug 2017, Santa Barbara, United States. pp.144 - 158, ⟨10.1109/CSF.2017.28⟩. ⟨hal-01625766⟩

Share

Metrics

Record views

395

Files downloads

107