Using Probabilistic I/O Automata to Analyze an Oblivious Transfer Protocol
We demonstrate how to carry out cryptographic security analysis ofdistributed protocols within the Probabilistic I/O Automataframework of Lynch, Segala, and Vaandrager. This framework providestools for arguing rigorously about the concurrency and schedulingaspects of protocols, and about protocols p...
| Main Authors: | , , , , , , |
|---|---|
| Other Authors: | |
| Language: | en_US |
| Published: |
2006
|
| Online Access: | http://hdl.handle.net/1721.1/33154 |
| _version_ | 1826196935162200064 |
|---|---|
| author | Canetti, Ran Cheung, Ling Kaynar, Dilsun Liskov, Moses Lynch, Nancy Pereira, Olivier Segala, Roberto |
| author2 | Nancy Lynch |
| author_facet | Nancy Lynch Canetti, Ran Cheung, Ling Kaynar, Dilsun Liskov, Moses Lynch, Nancy Pereira, Olivier Segala, Roberto |
| author_sort | Canetti, Ran |
| collection | MIT |
| description | We demonstrate how to carry out cryptographic security analysis ofdistributed protocols within the Probabilistic I/O Automataframework of Lynch, Segala, and Vaandrager. This framework providestools for arguing rigorously about the concurrency and schedulingaspects of protocols, and about protocols presented at differentlevels of abstraction. Consequently, it can help in makingcryptographic analysis more precise and less susceptible to errors.We concentrate on a relatively simple two-party Oblivious Transferprotocol, in the presence of a semi-honest adversary (essentially,an eavesdropper). For the underlying cryptographic notion ofsecurity, we use a version of Canetti's Universally Composablesecurity.In spite of the relative simplicity of the example, the exercise isquite nontrivial. It requires taking many fundamental issues intoaccount, including nondeterministic behavior, scheduling,resource-bounded computation, and computational hardness assumptionsfor cryptographic primitives. |
| first_indexed | 2024-09-23T10:40:18Z |
| id | mit-1721.1/33154 |
| institution | Massachusetts Institute of Technology |
| language | en_US |
| last_indexed | 2024-09-23T10:40:18Z |
| publishDate | 2006 |
| record_format | dspace |
| spelling | mit-1721.1/331542019-04-12T08:35:56Z Using Probabilistic I/O Automata to Analyze an Oblivious Transfer Protocol Canetti, Ran Cheung, Ling Kaynar, Dilsun Liskov, Moses Lynch, Nancy Pereira, Olivier Segala, Roberto Nancy Lynch Theory of Computation We demonstrate how to carry out cryptographic security analysis ofdistributed protocols within the Probabilistic I/O Automataframework of Lynch, Segala, and Vaandrager. This framework providestools for arguing rigorously about the concurrency and schedulingaspects of protocols, and about protocols presented at differentlevels of abstraction. Consequently, it can help in makingcryptographic analysis more precise and less susceptible to errors.We concentrate on a relatively simple two-party Oblivious Transferprotocol, in the presence of a semi-honest adversary (essentially,an eavesdropper). For the underlying cryptographic notion ofsecurity, we use a version of Canetti's Universally Composablesecurity.In spite of the relative simplicity of the example, the exercise isquite nontrivial. It requires taking many fundamental issues intoaccount, including nondeterministic behavior, scheduling,resource-bounded computation, and computational hardness assumptionsfor cryptographic primitives. 2006-06-19T18:52:04Z 2006-06-19T18:52:04Z 2006-06-19 MIT-CSAIL-TR-2006-046 http://hdl.handle.net/1721.1/33154 January 10, 2006 en_US Massachusetts Institute of Technology Computer Science and Artificial Intelligence Laboratory http://hdl.handle.net/1721.1/30566 http://hdl.handle.net/1721.1/30566 129 p. 1111678 bytes 7337435 bytes application/pdf application/postscript application/pdf application/postscript |
| spellingShingle | Canetti, Ran Cheung, Ling Kaynar, Dilsun Liskov, Moses Lynch, Nancy Pereira, Olivier Segala, Roberto Using Probabilistic I/O Automata to Analyze an Oblivious Transfer Protocol |
| title | Using Probabilistic I/O Automata to Analyze an Oblivious Transfer Protocol |
| title_full | Using Probabilistic I/O Automata to Analyze an Oblivious Transfer Protocol |
| title_fullStr | Using Probabilistic I/O Automata to Analyze an Oblivious Transfer Protocol |
| title_full_unstemmed | Using Probabilistic I/O Automata to Analyze an Oblivious Transfer Protocol |
| title_short | Using Probabilistic I/O Automata to Analyze an Oblivious Transfer Protocol |
| title_sort | using probabilistic i o automata to analyze an oblivious transfer protocol |
| url | http://hdl.handle.net/1721.1/33154 |
| work_keys_str_mv | AT canettiran usingprobabilisticioautomatatoanalyzeanoblivioustransferprotocol AT cheungling usingprobabilisticioautomatatoanalyzeanoblivioustransferprotocol AT kaynardilsun usingprobabilisticioautomatatoanalyzeanoblivioustransferprotocol AT liskovmoses usingprobabilisticioautomatatoanalyzeanoblivioustransferprotocol AT lynchnancy usingprobabilisticioautomatatoanalyzeanoblivioustransferprotocol AT pereiraolivier usingprobabilisticioautomatatoanalyzeanoblivioustransferprotocol AT segalaroberto usingprobabilisticioautomatatoanalyzeanoblivioustransferprotocol |