Using Probabilistic I/O Automata to Analyze an Oblivious Transfer Protocol
We demonstrate how to carry out cryptographic security analysis ofdistributed protocols within the Probabilistic I/O Automata frameworkof Lynch, Segala, and Vaandrager.This framework provides tools for arguing rigorously about theconcurrency and scheduling aspects of protocols, and about protocolspr...
| Main Authors: | , , , , , , |
|---|---|
| Other Authors: | |
| Language: | en_US |
| Published: |
2005
|
| Online Access: | http://hdl.handle.net/1721.1/30566 |
| _version_ | 1811087466831020032 |
|---|---|
| author | Canetti, Ran Cheung, Ling Kaynar, Dilsun Liskov, Moses Lynch, Nancy Olivier Segala, Roberto |
| author2 | Theory of Distributed Systems |
| author_facet | Theory of Distributed Systems Canetti, Ran Cheung, Ling Kaynar, Dilsun Liskov, Moses Lynch, Nancy Olivier Segala, Roberto |
| author_sort | Canetti, Ran |
| collection | MIT |
| description | We demonstrate how to carry out cryptographic security analysis ofdistributed protocols within the Probabilistic I/O Automata frameworkof Lynch, Segala, and Vaandrager.This framework provides tools for arguing rigorously about theconcurrency and scheduling aspects of protocols, and about protocolspresented at different levels of abstraction.Consequently, it can help in making cryptographic analysis moreprecise and less susceptible to errors.We concentrate on a relatively simple two-party Oblivious Transferprotocol, in the presence of a semi-honest adversary (essentially, aneavesdropper).For the underlying cryptographic notion of security, we use a versionof Canetti's Universally Composable security.In spite of the relative simplicity of the example, the exercise isquite nontrivial.It requires taking many fundamental issues into account,including nondeterministic behavior, scheduling, resource-boundedcomputation, and computational hardness assumptions for cryptographicprimitives. |
| first_indexed | 2024-09-23T13:46:32Z |
| id | mit-1721.1/30566 |
| institution | Massachusetts Institute of Technology |
| language | en_US |
| last_indexed | 2024-09-23T13:46:32Z |
| publishDate | 2005 |
| record_format | dspace |
| spelling | mit-1721.1/305662019-04-12T08:35:56Z Using Probabilistic I/O Automata to Analyze an Oblivious Transfer Protocol Canetti, Ran Cheung, Ling Kaynar, Dilsun Liskov, Moses Lynch, Nancy Olivier Segala, Roberto Theory of Distributed Systems We demonstrate how to carry out cryptographic security analysis ofdistributed protocols within the Probabilistic I/O Automata frameworkof Lynch, Segala, and Vaandrager.This framework provides tools for arguing rigorously about theconcurrency and scheduling aspects of protocols, and about protocolspresented at different levels of abstraction.Consequently, it can help in making cryptographic analysis moreprecise and less susceptible to errors.We concentrate on a relatively simple two-party Oblivious Transferprotocol, in the presence of a semi-honest adversary (essentially, aneavesdropper).For the underlying cryptographic notion of security, we use a versionof Canetti's Universally Composable security.In spite of the relative simplicity of the example, the exercise isquite nontrivial.It requires taking many fundamental issues into account,including nondeterministic behavior, scheduling, resource-boundedcomputation, and computational hardness assumptions for cryptographicprimitives. 2005-12-22T02:36:36Z 2005-12-22T02:36:36Z 2005-08-19 MIT-CSAIL-TR-2005-055 MIT-LCS-TR-1001 http://hdl.handle.net/1721.1/30566 en_US Massachusetts Institute of Technology Computer Science and Artificial Intelligence Laboratory http://hdl.handle.net/1721.1/33154 http://hdl.handle.net/1721.1/33154 123 p. 130601890 bytes 5801647 bytes application/postscript application/pdf application/postscript application/pdf |
| spellingShingle | Canetti, Ran Cheung, Ling Kaynar, Dilsun Liskov, Moses Lynch, Nancy Olivier Segala, Roberto Using Probabilistic I/O Automata to Analyze an Oblivious Transfer Protocol |
| title | Using Probabilistic I/O Automata to Analyze an Oblivious Transfer Protocol |
| title_full | Using Probabilistic I/O Automata to Analyze an Oblivious Transfer Protocol |
| title_fullStr | Using Probabilistic I/O Automata to Analyze an Oblivious Transfer Protocol |
| title_full_unstemmed | Using Probabilistic I/O Automata to Analyze an Oblivious Transfer Protocol |
| title_short | Using Probabilistic I/O Automata to Analyze an Oblivious Transfer Protocol |
| title_sort | using probabilistic i o automata to analyze an oblivious transfer protocol |
| url | http://hdl.handle.net/1721.1/30566 |
| work_keys_str_mv | AT canettiran usingprobabilisticioautomatatoanalyzeanoblivioustransferprotocol AT cheungling usingprobabilisticioautomatatoanalyzeanoblivioustransferprotocol AT kaynardilsun usingprobabilisticioautomatatoanalyzeanoblivioustransferprotocol AT liskovmoses usingprobabilisticioautomatatoanalyzeanoblivioustransferprotocol AT lynchnancy usingprobabilisticioautomatatoanalyzeanoblivioustransferprotocol AT olivier usingprobabilisticioautomatatoanalyzeanoblivioustransferprotocol AT segalaroberto usingprobabilisticioautomatatoanalyzeanoblivioustransferprotocol |