多集重写中的条件观察等价和离线猜测攻击

2022 IEEE 35th Computer Security Foundations Symposium (CSF) Pub Date : 2022-08-01 DOI:10.1109/CSF54842.2022.9919659

Petar Paradžik, Ante Derek

{"title":"多集重写中的条件观察等价和离线猜测攻击","authors":"Petar Paradžik, Ante Derek","doi":"10.1109/CSF54842.2022.9919659","DOIUrl":null,"url":null,"abstract":"We propose conditional observational equivalence — a variant of observational equivalence that is more flexible since it can be made dependent on arbitrary safety trace properties. We extend an existing method for verifying observational equivalence in the multiset rewriting setting with the ability to handle conditions. Our extension can automatically verify conditional observational equivalence for a simple class of conditions that depend only on the structure of the execution. By using conditional observational equivalence, we give the first method for verifying off-line guessing resistance in the multiset rewriting setting and apply it to analyze and verify the properties of EAP-EKE, a password-authenticated key exchange (PAKE) protocol.","PeriodicalId":412553,"journal":{"name":"2022 IEEE 35th Computer Security Foundations Symposium (CSF)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Conditional Observational Equivalence and Off-line Guessing Attacks in Multiset Rewriting\",\"authors\":\"Petar Paradžik, Ante Derek\",\"doi\":\"10.1109/CSF54842.2022.9919659\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We propose conditional observational equivalence — a variant of observational equivalence that is more flexible since it can be made dependent on arbitrary safety trace properties. We extend an existing method for verifying observational equivalence in the multiset rewriting setting with the ability to handle conditions. Our extension can automatically verify conditional observational equivalence for a simple class of conditions that depend only on the structure of the execution. By using conditional observational equivalence, we give the first method for verifying off-line guessing resistance in the multiset rewriting setting and apply it to analyze and verify the properties of EAP-EKE, a password-authenticated key exchange (PAKE) protocol.\",\"PeriodicalId\":412553,\"journal\":{\"name\":\"2022 IEEE 35th Computer Security Foundations Symposium (CSF)\",\"volume\":\"23 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE 35th Computer Security Foundations Symposium (CSF)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSF54842.2022.9919659\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE 35th Computer Security Foundations Symposium (CSF)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSF54842.2022.9919659","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

我们提出了条件观测等效——观测等效的一种变体，它更灵活，因为它可以依赖于任意的安全跟踪属性。我们扩展了一种现有的方法，用于验证多集重写设置中的观测等价性，并具有处理条件的能力。我们的扩展可以自动验证仅依赖于执行结构的一类简单条件的条件观察等效性。利用条件观测等价的方法，给出了验证多集重写设置下的离线抗猜测性的第一种方法，并应用该方法分析和验证了密码认证密钥交换(PAKE)协议EAP-EKE的特性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Conditional Observational Equivalence and Off-line Guessing Attacks in Multiset Rewriting

We propose conditional observational equivalence — a variant of observational equivalence that is more flexible since it can be made dependent on arbitrary safety trace properties. We extend an existing method for verifying observational equivalence in the multiset rewriting setting with the ability to handle conditions. Our extension can automatically verify conditional observational equivalence for a simple class of conditions that depend only on the structure of the execution. By using conditional observational equivalence, we give the first method for verifying off-line guessing resistance in the multiset rewriting setting and apply it to analyze and verify the properties of EAP-EKE, a password-authenticated key exchange (PAKE) protocol.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2022 IEEE 35th Computer Security Foundations Symposium (CSF)

自引率

0.00%

发文量