Universally composable signature, certification, and authentication

被引:114
作者
Canetti, R [1 ]
机构
[1] IBM Corp, TJ Watson Res Ctr, Yorktown Hts, NY 10598 USA
来源
17TH IEEE COMPUTER SECURITY FOUNDATIONS WORKSHOP, PROCEEDINGS | 2004年
关键词
D O I
10.1109/CSFW.2004.1310743
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Recently some efforts were made towards capturing the security requirements from digital signature schemes as an ideal functionality within a composable security framework. This modeling of digital signatures potentially has some significant analytical advantages (such as enabling component-wise analysis of complex systems that use signature schemes, as well as symbolic and automatable analysis of such systems). However, it turns out that formulating ideal functionalities that capture the properties expected from signature schemes in a way that is both sound and enjoys the above advantages is not a trivial task. This work has several contributions. We first correct some flaws in the definition of the ideal signature functionality of Canetti, 2001, and subsequent formulations. Next we provide a minimal formalization of "ideal certification authorities" and show how authenticated communication can be obtained using ideal signatures and an ideal certification authority. This is done while guaranteeing full modularity (i.e., each component is analyzed as stand-alone), and in an unconditional and errorless way. This opens the door to symbolic and automated analysis of protocols for these tasks, in a way that is both modular and cryptographically sound.
引用
收藏
页码:219 / 233
页数:15
相关论文
共 32 条
[1]  
ABADI M, 2000, LNCS
[2]  
[Anonymous], 1998, RFC2409
[3]  
BACKDES M, ISC 2003, P84
[4]  
BACKES M, 2003, 2003240
[5]  
BACKES M, 2003, 10 ACM CCS
[6]  
BACKES M, 2004, 1 TCC
[7]  
BARAK B, NOTE SECURE PROTOCOL
[8]  
BELLARE M, 1998, 30 S THEOR COMP STOC
[9]  
Canetti R, 2002, LECT NOTES COMPUT SC, V2332, P337
[10]  
Canetti R., 2003, CRYPTO 03