Overall Objectives
Scientific Foundations
Application Domains
New Results
Other Grants and Activities

Section: Scientific Foundations

Logic as a tool for assessing computer security

The various efforts of the SECSI team are united by the reliance on logic and rigorous methods. As already said in Section  3.1 , SECSI does not do any cryptology per se.

As far as cryptographic protocol verification is concerned, one popular kind of model is that of Dolev and Yao (after [82] , see [68] for a survey), where: the intruder can read and write on every communication channel, and in effect has full control over the network; the intruder may encrypt, decrypt, build and destruct pairs, as many times as it wishes; and, finally, cryptographic means are assumed to be perfect . The latter in particular means that the only way to compute the plaintext M from the ciphertext {M}K is to decrypt the latter using the inverse key K-1 . It also means that no ciphertext can be confused with any message that is not a ciphertext, and that {M}K = {M'}K' implies M = M' and K = K' . Thus, messages can be simply encoded as first-order terms, a fact which has been used by many authors. This “perfect cryptgraphy” model has been extended to algebraic properties of primitives (see  [75] for a survey) which was one of the main themes of the RNTL project PROUVÉ.

As soon as cryptography has been abstracted using a term algebra, first-order logic is relevant to security proofs: security proofs can be tackled from the automata-theoretic point of view or using automated deduction. In SECSI we contributed (and continue to contribute) to this line of research designing strategies and decision methods, e.g.  [86] , [69] .

The thrust here is on more automation .


Logo Inria