Scopul nostru este sprijinirea şi promovarea cercetării ştiinţifice şi facilitarea comunicării între cercetătorii români din întreaga lume.
Autori: Michael Backes, Martin Grochulla, Catalin Hritcu, and Matteo Maffei
Editorial: IEEE Computer Society Press, 22th IEEE Symposium on Computer Security Foundations (CSF 2009), p.308-323, 2009.
One of the important challenges when designing and analyzing
cryptographic protocols is the enforcement of security properties in the
presence of compromised participants. This paper presents
a general technique for strengthening cryptographic protocols in order to
satisfy authorization policies despite participant compromise.
The central idea is to automatically transform the original cryptographic
protocols by adding non-interactive zero-knowledge proofs.
Each participant proves that the messages sent to the other
participants are generated in accordance to the protocol.
The zero-knowledge proofs are forwarded to ensure the correct behavior of all
participants involved in the protocol, without revealing any secret data.
We use an enhanced type system for zero-knowledge to verify that the
transformed protocols conform to their authorization policy even if
some participants are compromised.
Finally, we developed a tool that automatically generates ML implementations of
protocols based on zero-knowledge proofs.
The protocol transformation, the verification, and the generation of
protocol implementations are fully automated.
Cuvinte cheie: security types transformation zero-knowledge