S. Even, O. Goldreich, and A. Shamir. On the security of ping-pong protocols when implemented using the rsa. In H.C. Williams, editor, Advances in Cryptology: Proceedings of Crypto'85, pages 58--72, Santa Barbara, USA, 1986. Springer-Verlag - LNCS Vol. 218. Home/Search Document Not in Database Summary Related Articles Check |
This paper is cited in the following contexts:
Strand Spaces: Proving Security Protocols Correct - Fabrega, Herzog, Guttman (1999) (41 citations) (Correct)
....in more detail how this behavior could be achieved. 2. 4 Freeness Assumptions The proofs in this paper use an assumption we will call the assumption of free encryption; many other authors (e.g. 14, 18, 24] have made similar assumptions, dating back to Dolev and Yao [7] although not all have [8]. It stipulates that a ciphertext can be regarded as a ciphertext in just one way: Axiom 1 For m;m 0 2 A and K;K 0 2 K, fmgK = fm 0 gK 0 = m = m 0 K = K 0 For clarity of exposition we make a stronger assumption in this paper, namely that A is the algebra freely generated from T ....
Shimon Even, Oded Goldreich, and Adi Shamir. On the security of ping-pong protocols when implemented using the RSA. In Advances in Cryptology|crypto '85, LNCS, pages 58-72. Springer Verlag, 1985.
Cryptographic Security of Reactive Systems (Extended Abstract) - Pfitzmann, al. (2000) (Correct)
....support in this area, in contrast to Section 1.1. Yet another approach is to add details like homomorphic properties of low level cryptographic primitives (pure RSA is not at all a secure encryption system in the cryptographic sense) to the abstract data types from Section 1. 1, as initiated in [13]. However, there is then still an initial algebra semantics for the properties one has not added, which so far has no cryptographic justification. 2 Reactive Simulatability Definition As mentioned above, a main hindrance for making abstract security proofs that are faithful with respect to real ....
S. Even, O. Goldreich, A. Shamir, On the Security of Ping-Pong Protocols when Implemented using the RSA, Crypto '85, LNCS 218, Springer-Verlag, Berlin 1986, 58--72
Formal Verification of Cryptographic Protocols: A Survey - Meadows (1995) (52 citations) (Correct)
....system cancel each other out, are also modeled. However, properties of cryptosystems that may affect the security of a protocol, such as the commutative associative property of exclusive or, or the homomorphic properties of RSA, are usually not modeled (with a few exceptions: see for example [14]) Cryptographic integrity mechanisms are also usually not explicitly modeled. It is assumed that secrecy and integrity mechanisms do their job, but it is not asked exactly how the job is done. It is possible to construct useful models at a lower level of granularity than this. For example, In ....
Shimon Even, Oded Goldreich, and Adi Shamir. On the Security of Ping-Pong Protocols When Implemented Using the RSA. In Hugh C. Williams, editor, Advances in Cryptology -- CRYPTO '85, pages 58--72. Springer-Verlag, 1985.
Applying Formal Methods to the Analysis of a Key Management.. - Meadows (1992) (55 citations) (Correct)
....general results that give classes of protocols such that, if a protocol belongs to a certain class and is vulnerable to an attack involving a certain penetrator action, then it is vulnerable to an attack not involving that action. This is the kind of result proved by Even, Goldreich, and Shamir in [9]. They define a class of public key protocols and show that, if a protocol belonging to this class is vulnerable to an attack involving certain algebraic properties of the RSA, then it is vulnerable to an attack not involving these properties. The result of Even et al. was obtained for a ....
S. Even, O. Goldreich, and A. Shamir. On the security of ping-pong protocols when implemented using the RSA. In Advances in Cryptology - CRYPTO '85, pages 58--72, Santa Barbara, CA, 1985. Springer-Verlag.
Modelling and Security Analysis of Authenticated Group Key.. - Pereira (2003) (4 citations) (Correct)
No context found.
S. Even, O. Goldreich, and A. Shamir. On the security of ping-pong protocols when implemented using the rsa. In H.C. Williams, editor, Advances in Cryptology: Proceedings of Crypto'85, pages 58--72, Santa Barbara, USA, 1986. Springer-Verlag - LNCS Vol. 218.
A formal model of Diffie-Hellman using CSP and rank functions - Delicata, Schneider (2003) (1 citation) (Correct)
No context found.
S. EVEN, O. GOLDREICH, AND A. SHAMIR, On the security of ping-pong protocols when implemented using the RSA, in Advances in Cryptology: Proceedings of CRYPTO '85, H. C. Williams, ed., vol. 0218 of Lecture Notes in Computer Science, Springer-Verlag, Berlin Germany, 1985, pp. 58--72.
Modeling Adversaries in a Logic for Security Protocol Analysis - Halpern, Pucella (2002) (4 citations) (Correct)
No context found.
S. Even, O. Goldreich, and A. Shamir. On the security of ping-pong protocols when implemented using the RSA. In Proceedings of Crypto'85, volume 218 of Lecture Notes in Computer Science, pages 58--72. Springer-Verlag, 1985.
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC