Mike Burmester

Royal Holloway, University of London,
Egham, Surrey,
U.K.
email: m.burmester@rhbnc.ac.uk

Statement:

Several cryptographic models provide adequate means for proving the security of protocols.

Discussion:

Cryptography is concerned with scenarios in which faults occur under the control of a malicious adversary. There are several cryptographic models which can be used to prove the security of protocols in such a scenario. These models depend on the power of the adversary. If the adversary has unlimited resources then the model is based on information theory and we have unconditional security.

If the adversary has limited resources (polynomially bounded), then the model is based, either on pseudorandomness and we have proven security, or the security is reduced to a problem which is (believed to be) intractable. The strength of the cryptographic approach lies, essentially, in its flexibility.

Depending on the security requirements and the model, we can use appropriate cryptographic attributes such as zero-knowledge or indistinguishability, as a tool to design secure protocols. We will discuss practical network protocols whose security can be proved in an appropriate cryptographic model.