Relating two Standard Notions of Secrecy

Eugen Zalinescu 1 Véronique Cortier 1 Michaël Rusinowitch 1
1 CASSIS - Combination of approaches to the security of infinite states systems
FEMTO-ST - Franche-Comté Électronique Mécanique, Thermique et Optique - Sciences et Technologies (UMR 6174), INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : Two styles of definitions are usually considered to express that a security protocol preserves the confidentiality of a data s. Reachability-based secrecy means that s should never be disclosed while equivalence-based secrecy states that two executions of a protocol with distinct instances for s should be indistinguishable to an attacker. Although the second formulation ensures a higher level of security and is closer to cryptographic notions of secrecy, decidability results and automatic tools have mainly focused on the first definition so far. This paper initiates a systematic investigation of situations where syntactic secrecy entails strong secrecy. We show that in the passive case, reachability-based secrecy actually implies equivalence-based secrecy for signatures, symmetric and asymmetric encryption provided that the primitives are probabilistic. For active adversaries in the case of symmetric encryption, we provide sufficient (and rather tight) conditions on the protocol for this implication to hold.
Document type :
Reports
Complete list of metadatas

https://hal.inria.fr/inria-00071357
Contributor : Rapport de Recherche Inria <>
Submitted on : Tuesday, May 23, 2006 - 4:51:09 PM
Last modification on : Friday, July 6, 2018 - 3:06:10 PM
Long-term archiving on : Tuesday, February 22, 2011 - 11:54:46 AM

Identifiers

  • HAL Id : inria-00071357, version 1

Citation

Eugen Zalinescu, Véronique Cortier, Michaël Rusinowitch. Relating two Standard Notions of Secrecy. [Research Report] RR-5908, INRIA. 2006, pp.32. ⟨inria-00071357⟩

Share

Metrics

Record views

264

Files downloads

239