University of Cambridge > > Microsoft Research Cambridge, public talks > The IITM Model and its Application to the Analysis of Real-World Security Protocol

The IITM Model and its Application to the Analysis of Real-World Security Protocol

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Microsoft Research Cambridge Talks Admins.

This event may be recorded and made available internally or externally via Microsoft will own the copyright of any recordings made. If you do not wish to have your image/voice recorded please consider this before attending

A prevalent way in cryptography to design and analyze cryptographic protocols in a modular way is the simulation-based approach. Higher-level components of a protocol are designed and analyzed based on lower-level idealized components, called ideal functionalities. Composition theorems then allow to replace the ideal functionalities by their realizations, altogether resulting in a system without idealized components.

In this talk, I first provide some background on the simulation-based approach and then briefly introduce the Inexhaustible Interactive Turing Machine (IITM) model, a model which, compared to other models for simulation-based security, is particularly simple and expressive. Although modularity is key to tame the complexity of real-world security protocol analysis, simulation-based approaches have rarely been used to analyze such protocols. In the past few years, we have developed a framework for the faithful and modular analysis of real-world security protocols based on the IITM model. I will present this framework and also discuss what has hindered the use of the simulation-based approach before.

This talk is part of the Microsoft Research Cambridge, public talks series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.


© 2006-2023, University of Cambridge. Contact Us | Help and Documentation | Privacy and Publicity