Zero-Knowledge in the Applied Pi-calculus and Automated Verification of the Direct Anonymous Attestation Protocol

May 18-May 21

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/SP.2008.23

2008 IEEE Symposium on Security and P ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Michael Backes Articles by Matteo Maffei Articles by Dominique Unruh

	ASCII Text	x
	Michael Backes, Matteo Maffei, Dominique Unruh, "Zero-Knowledge in the Applied Pi-calculus and Automated Verification of the Direct Anonymous Attestation Protocol," Security and Privacy, IEEE Symposium on, pp. 202-215, 2008 IEEE Symposium on Security and Privacy (sp 2008), 2008.

	BibTex	x
	@article{ 10.1109/SP.2008.23, author = {Michael Backes and Matteo Maffei and Dominique Unruh}, title = {Zero-Knowledge in the Applied Pi-calculus and Automated Verification of the Direct Anonymous Attestation Protocol}, journal ={Security and Privacy, IEEE Symposium on}, volume = {0}, year = {2008}, isbn = {978-0-7695-3168-7}, pages = {202-215}, doi = {http://doi.ieeecomputersociety.org/10.1109/SP.2008.23}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Security and Privacy, IEEE Symposium on TI - Zero-Knowledge in the Applied Pi-calculus and Automated Verification of the Direct Anonymous Attestation Protocol SN - 978-0-7695-3168-7 SP202 EP215 A1 - Michael Backes, A1 - Matteo Maffei, A1 - Dominique Unruh, PY - 2008 KW - Language-based security KW - zero-knowledge KW - applied pi-calculus KW - automated verification VL - 0 JA - Security and Privacy, IEEE Symposium on ER -

Michael Backes

Matteo Maffei

Dominique Unruh

We devise an abstraction of zero-knowledge protocols that is accessible to a fully mechanized analysis. The abstraction is formalized within the applied pi-calculus using a novel equational theory that abstractly characterizes the cryptographic semantics of zero-knowledge proofs. We present an encoding from the equational theory into a convergent rewriting system that is suitable for the automated protocol verifier ProVerif. The encoding is sound and fully automated. We successfully used ProVerif to obtain the first mechanized analysis of (a simplified variant of) the Direct Anonymous Attestation (DAA) protocol. This required us to devise novel abstractions of sophisticated cryptographic security definitions based on interactive games. The analysis reported a novel attack on DAA that was overlooked in its existing cryptographic security proof. We propose a revised variant of DAA that we successfully prove secure using ProVerif.

Index Terms:

Language-based security, zero-knowledge, applied pi-calculus, automated verification

Citation:

Michael Backes, Matteo Maffei, Dominique Unruh, "Zero-Knowledge in the Applied Pi-calculus and Automated Verification of the Direct Anonymous Attestation Protocol," sp, pp.202-215, 2008 IEEE Symposium on Security and Privacy (sp 2008), 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.