Abstract
A realistic threat model for cryptographic protocols or for language-based security should include a dynamically growing population of principals (or security levels), some of which may be compromised, that is, come under the control of the adversary. We explore such a threat model within a pi-calculus. A new process construct records the ordering between security levels, including the possibility of compromise. Another expresses the expectation of conditional secrecy of a message—that a particular message is unknown to the adversary unless particular levels are compromised. Our main technical contribution is the first system of secrecy types for a process calculus to support multiple, dynamically-generated security levels, together with the controlled compromise or downgrading of security levels. A series of examples illustrates the effectiveness of the type system in proving secrecy of messages, including dynamically-generated messages. It also demonstrates the improvement over prior work obtained by including a security ordering in the type system. Perhaps surprisingly, the soundness proof for our type system for symbolic cryptography is via a simple translation into a core typed pi-calculus, with no need to take symbolic cryptography as primitive.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Abadi, M.: Secrecy by typing in security protocols. J. ACM 46(5), 749–786 (1999)
Abadi, M.: Security protocols and their properties. In: Foundations of Secure Computation, pp. 39–60. IOS Press, Amsterdam (2000)
Abadi, M., Blanchet, B.: Secrecy types for asymmetric communication. Theoretical Comput. Sci. 298(3), 387–415 (2003)
Abadi, M., Blanchet, B.: Analyzing Security Protocols with Secrecy Types and Logic Programs. Journal of the ACM 52(1), 102–146 (2005)
Abadi, M., Gordon, A.D.: A calculus for cryptographic protocols: The spi calculus. Information and Computation 148, 1–70 (1999)
Blanchet, B.: From secrecy to authenticity in security protocols. In: Hermenegildo, M.V., Puebla, G. (eds.) SAS 2002. LNCS, vol. 2477, pp. 242–259. Springer, Heidelberg (2002)
Boudol, G., Matos, A.: On declassification and the non-disclosure policy. In: 18th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, Los Alamitos (2005) (to appear)
Bugliesi, M., Focardi, R., Maffei, M.: Authenticity by tagging and typing. In: Formal Methods in Security Engineering (FMSE 2004), pp. 1–12 (2004)
Cardelli, L., Ghelli, G., Gordon, A.D.: Secrecy and group creation. Information and Computation 196(2), 127–155 (2005)
Fournet, C., Gordon, A.D., Maffeis, S.: A type discipline for authorization policies. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 141–156. Springer, Heidelberg (2005)
Gordon, A.D., Jeffrey, A.: Typing one-to-one and one-to-many correspondences in security protocols. In: Okada, M., Pierce, B.C., Scedrov, A., Tokuda, H., Yonezawa, A. (eds.) ISSS 2002. LNCS, vol. 2609, pp. 270–282. Springer, Heidelberg (2003)
Gordon, A.D., Jeffrey, A.: Authenticity by typing for security protocols. Journal of Computer Security 11(4), 451–521 (2003)
Gordon, A.D., Jeffrey, A.: Types and effects for asymmetric cryptographic protocols. Journal of Computer Security 12(3/4), 435–484 (2003)
Gordon, A.D., Jeffrey, A.: Typing correspondence assertions for communication protocols. Theoretical Computer Science 300, 379–409 (2003)
Gordon, A.D., Jeffrey, A.: Secrecy despite compromise: Types, cryptography, and the pi-calculus. Technical Report MSR–TR–2005–76, Microsoft Research (2005)
Hoshina, D., Sumii, E., Yonezawa, A.: A typed process calculus for fine-grained resource access control in distributed computation. In: Kobayashi, N., Pierce, B.C. (eds.) TACS 2001. LNCS, vol. 2215, pp. 64–81. Springer, Heidelberg (2001)
Milner, R.: Communicating and Mobile Systems: the π-Calculus. CUP (1999)
Myers, A.C., Liskov, B.: Protecting privacy using the decentralized label model. ACM Transactions on Software Engineering and Methodology 9(4), 410–442 (2000)
Odersky, M.: Polarized name passing. In: Thiagarajan, P.S. (ed.) FSTTCS 1995. LNCS, vol. 1026, pp. 324–335. Springer, Heidelberg (1995)
Riely, J., Hennessy, M.: Trust and partial typing in open systems of mobile agents. In: 26th ACM Symposium on Principles of Programming Languages, pp. 93–104 (1999)
Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE Journal on Selected Areas in Communications 21(1), 5–19 (2003)
Sabelfeld, A., Sands, D.: Dimensions and principles of declassification. In: 18th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, Los Alamitos (2005) (to appear)
Simonet, V.: The Flow Caml system: documentation and user’s manual. Technical Report 0282, INRIA (2003)
Tse, S., Zdancewic, S.: Run-time principals in information-flow type systems. In: IEEE Computer Society Symposium on Research in Security and Privacy (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gordon, A.D., Jeffrey, A. (2005). Secrecy Despite Compromise: Types, Cryptography, and the Pi-Calculus. In: Abadi, M., de Alfaro, L. (eds) CONCUR 2005 – Concurrency Theory. CONCUR 2005. Lecture Notes in Computer Science, vol 3653. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11539452_17
Download citation
DOI: https://doi.org/10.1007/11539452_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28309-6
Online ISBN: 978-3-540-31934-4
eBook Packages: Computer ScienceComputer Science (R0)