Common use of Formal Security Analysis Clause in Contracts

Formal Security Analysis. We now show that our key agreement scheme offers session key security under the CK adversary model [3,21] and in the random oracle model, following the method of [10,11,22]. The participants U in our scheme are the SM, SP, TTP or a random oracle O, i.e., U = {SM, SP, TTP, O}. Taking into account the CK adversary model, we assume that the attacker can run the following queries. • Hash queries Hi(m) with i ∈ {0, 1, 2, 3, 4, 5}. If m already exists in the list LHi , the value Hi(m) will be returned. Otherwise, a random value will be generated, added to the list LHi , and returned. • Send queries. These queries simulate active attacks, in which the adversary is able to modify the transmitted messages. As a result, a corresponding reply will be generated. Since there are three communication passes, four different Send queries need to be defined. – Send(0,SP). A random value r2 is chosen to compute R2 = r2P. The output of the query is M0 = {R2}. – Send(M0,SM). A random value r1 is chosen to compute R1 = (r1 + dA)P. Next, K = H1((r1 + dA)PB) is determined, together with C = EK(IDAǁcertA). Then, h1 = H2(IDAǁIDBǁR1 ǁR2ǁPAǁPB) and h2 = H2(IDBǁIDAǁR2ǁR1ǁPBǁPA) are computed to derive SK = H3((( r1 + dA)h1 + dA)(h2R2 +PB)). Finally, S1 = H4(R1ǁ CǁPAǁSK) is computed. The message M1 = {R1, C, S1} is returned. – Send(M1,SP). First, K = H1(dB R1) is determined, leading to IDAǁcertA = DK(C). Then, PA = H0(certAǁIDA)certA + PTTP is derived. Next, h1 = H2(IDAǁIDBǁR1ǁR2ǁPAǁPB) and h2 = H2(IDBǁIDAǁR2ǁR1ǁPBǁPA) are computed, to find SK = H3((r2h2 + dB)(h1R1 + PA)) and check H4(R1ǁCǁPAǁSK) against S1. If the verification is unsuccessful, the session can stop, otherwise S2 = H5(IDAǁIDBǁR1ǁR2ǁPAǁPBǁSK) is computed and M2 = {S2} is the output of the query. – Send(M2,SP). If S2 = H5(IDAǁIDBǁR1ǁR2ǁPAǁPBǁSK) is not valid, then the session is terminated. Otherwise, both SP and SM have successfully negotiated a common secret key SK. • Execute queries. These queries simulate the passive attacks, in which the adversary can only eavesdrop onto the channel and is able to collect the transmitted messages. We can distinguish three different execute queries resulting from the first three Send queries, as defined above. • Session specific state reveal queries (SSReveal). According to the CK adversary model, the attacker is able to retrieve session specific state information, derived by the SM and the SP, respectively. Note that no long-term private keys are revealed in this query. – SSReveal(SM). The output of this query results in r1 + dA, h1, h2, R1, C, S1. – SSReveal(SP). The output of this query results in x0, X0, x0, x0, X0. • Corrupt queries. These queries give the private key of the entity as result. Note that only Corrupt(SM) and Corrupt(SP) exist and no corrupt queries with regards to the TTP, which is considered a completely trusted entity. They are included to prove the perfect forward security of the scheme. • Session key reveal query (SKReveal). In this query, the established symmetric SK between SP and SM is returned in case it has been successfully generated. • Test query. In this query, either the established SK or a random value is returned, dependent on the output c = 1 or c = 0, respectively of a flipped coin c. Note that the test query cannot be issued when the SKReveal query, the SSReveal(SM) and Corrupt(SM), or SSReveal(SP) and Corrupt(SP), have been executed. In order to prove the semantic security of the scheme, we consider the following two definitions. • The SP and SM are partners if they are exchanging messages directly and are the only entities able to successfully derive an authenticated common shared SK. • The established shared secret key is said to be fresh if the SK has been established without SKReveal query by the adversary or Corrupt query of SM and SP. The final goal of the adversary A is to distinguish the difference between a real secret session key or a random value, i.e., to successfully predict the output of the test query. If Pr(succ) denotes the probability that the adversary succeeds in its mission, the advantage of the adversary in breaking the semantic security of the proposed scheme equals to Adv(A) = |2Pr[succ] − 1|. Consequently, our scheme offers semantic security under the CK adversary and random oracle model if the advantage for A winning the game satisfies Adv(A) ≤ g, for any sufficiently small g >0. The difference lemma [23] is used to prove the statement.

Formal Security Analysis. We now show that our key agreement scheme offers session key security under the CK adversary model [3,21] and in the random oracle model, following the method of [10,11,22]. The participants U in our scheme are the SM, SP, TTP or a random oracle O, i.e., U = {SM, SP, TTP, O}. Taking into account the CK adversary model, we assume that the attacker can run the following queries. • Hash queries Hi(m) with i ∈ {0, 1, 2, 3, 4, 5}. If m already exists in the list LHi , the value Hi(m) will be returned. Otherwise, a random value will be generated, added to the list LHi , and returned. • Send queries. These queries simulate active attacks, in which the adversary is able to modify the transmitted messages. As a result, a corresponding reply will be generated. Since there are three communication passes, four different Send queries need to be defined. – Send(0,SP). A random value r2 is chosen to compute R2 = r2P. The output of the query is M0 = {R2}. – Send(M0,SM). A random value r1 is chosen to compute R1 = (r1 + dA)P. Next, K = H1((r1 + dA)PB) is determined, together with C = EK(IDAǁcertAEK(XXX xxxxX). Then, h1 = H2(IDAǁIDBǁR1 ǁR2ǁPAǁPBX0(XXX XXX R1 R2 PA PB) and h2 = H2(IDBǁIDAǁR2ǁR1ǁPBǁPAX0(XXX XXX X0 R1 PB PA) are computed to derive SK = H3((( r1 + dA)h1 + dA)(h2R2 +PB)). Finally, S1 = H4(R1ǁ CǁPAǁSKH4(R1 C PA SK) is computed. The message M1 = {R1, C, S1} is returned. – Send(M1,SP). First, K = H1(dB R1) is determined, leading to IDAǁcertA XXX xxxxX = DK(C). Then, PA = H0(certAǁIDA)certA H0(xxxxX XXX)certA + PTTP is derived. Next, h1 = H2(IDAǁIDBǁR1ǁR2ǁPAǁPBX0(XXX XXX R1 R2 PA PB) and h2 = H2(IDBǁIDAǁR2ǁR1ǁPBǁPAX0(XXX XXX X0 R1 PB PA) are computed, to find SK = H3((r2h2 + dB)(h1R1 + PA)) and check H4(R1ǁCǁPAǁSKH4(R1 C PA SK) against S1. If the verification is unsuccessful, the session can stop, otherwise S2 = H5(IDAǁIDBǁR1ǁR2ǁPAǁPBǁSKH5(XXX IDB R1 R2 PA PB SK) is computed and M2 = {S2} is the output of the query. – Send(M2,SP). If S2 = H5(IDAǁIDBǁR1ǁR2ǁPAǁPBǁSKX0(XXX XXX R1 R2 PA PB SK) is not valid, then the session is terminated. Otherwise, both SP and SM have successfully negotiated a common secret key SK. • Execute queries. These queries simulate the passive attacks, in which the adversary can only eavesdrop onto the channel and is able to collect the transmitted messages. We can distinguish three different execute queries resulting from the first three Send queries, as defined above. • Session specific state reveal queries (SSReveal). According to the CK adversary model, the attacker is able to retrieve session specific state information, derived by the SM and the SP, respectively. Note that no long-term private keys are revealed in this query. – SSReveal(SM). The output of this query results in r1 + dA, h1, h2, R1, C, S1. – SSReveal(SP). The output of this query results in x0, X0, x0, x0, X0. • Corrupt queries. These queries give the private key of the entity as result. Note that only Corrupt(SM) and Corrupt(SP) exist and no corrupt queries with regards to the TTP, which is considered a completely trusted entity. They are included to prove the perfect forward security of the scheme. • Session key reveal query (SKReveal). In this query, the established symmetric SK between SP and SM is returned in case it has been successfully generated. • Test query. In this query, either the established SK or a random value is returned, dependent on the output c = 1 or c = 0, respectively of a flipped coin c. Note that the test query cannot be issued when the SKReveal query, the SSReveal(SM) and Corrupt(SM), or SSReveal(SP) and Corrupt(SP), have been executed. In order to prove the semantic security of the scheme, we consider the following two definitions. • The SP and SM are partners if they are exchanging messages directly and are the only entities able to successfully derive an authenticated common shared SK. • The established shared secret key is said to be fresh if the SK has been established without SKReveal query by the adversary or Corrupt query of SM and SP. The final goal of the adversary A is to distinguish the difference between a real secret session key or a random value, i.e., to successfully predict the output of the test query. If Pr(succ) denotes the probability that the adversary succeeds in its mission, the advantage of the adversary in breaking the semantic security of the proposed scheme equals to Adv(A) = |2Pr[succ] − 1|. Consequently, our scheme offers semantic security under the CK adversary and random oracle model if the advantage for A winning the game satisfies Adv(A) ≤ g, for any sufficiently small g >0. The difference lemma [23] is used to prove the statement.

Formal Security Analysis. We now show that our key agreement scheme offers session key security under the CK adversary model [3,21] and in the random oracle model, following the method of [10,11,22]. The participants U in our scheme are the SM, SP, TTP or a random oracle O, i.e., U = {SM, SP, TTP, O}. Taking into account the CK adversary model, we assume that the attacker can run the following queries. • Hash queries Hi(m) with i ∈ {0, 1, 2, 3, 4, 5}. If m already exists in the list LHi , the value Hi(m) will be returned. Otherwise, a random value will be generated, added to the list LHi , and returned. • Send queries. These queries simulate active attacks, in which the adversary is able to modify the transmitted messages. As a result, a corresponding reply will be generated. Since there are three communication passes, four different Send queries need to be defined. – Send(0,SP). A random value r2 is chosen to compute R2 = r2P. The output of the query is M0 = {R2}. – Send(M0,SM). A random value r1 is chosen to compute R1 = (r1 + dA)P. Next, K = H1((r1 + dA)PB) is determined, together with C = EK(IDAǁcertAEK(XXX xxxxX). Then, h1 = H2(IDAǁIDBǁR1 ǁR2ǁPAǁPBH2(XXX IDB R1 R2 PA PB) and h2 = H2(IDBǁIDAǁR2ǁR1ǁPBǁPAH2(IDB XXX R2 R1 PB PA) are computed to derive SK = H3((( r1 + dA)h1 + dA)(h2R2 +PB)). Finally, S1 = H4(R1ǁ CǁPAǁSKH4(R1 C PA SK) is computed. The message M1 = {R1, C, S1} is returned. – Send(M1,SP). First, K = H1(dB R1) is determined, leading to IDAǁcertA XXX xxxxX = DK(C). Then, PA = H0(certAǁIDA)certA H0(xxxxX XXX)xxxxX + PTTP is derived. Next, h1 = H2(IDAǁIDBǁR1ǁR2ǁPAǁPBH2(XXX IDB R1 R2 PA PB) and h2 = H2(IDBǁIDAǁR2ǁR1ǁPBǁPAH2(IDB XXX R2 R1 PB PA) are computed, to find SK = H3((r2h2 + dB)(h1R1 + PA)) and check H4(R1ǁCǁPAǁSKH4(R1 C PA SK) against S1. If the verification is unsuccessful, the session can stop, otherwise S2 = H5(IDAǁIDBǁR1ǁR2ǁPAǁPBǁSKH5(XXX IDB R1 R2 PA PB SK) is computed and M2 = {S2} is the output of the query. – Send(M2,SP). If S2 = H5(IDAǁIDBǁR1ǁR2ǁPAǁPBǁSKH5(XXX IDB R1 R2 PA PB SK) is not valid, then the session is terminated. Otherwise, both SP and SM have successfully negotiated a common secret key SK. • Execute queries. These queries simulate the passive attacks, in which the adversary can only eavesdrop onto the channel and is able to collect the transmitted messages. We can distinguish three different execute queries resulting from the first three Send queries, as defined above. • Session specific state reveal queries (SSReveal). According to the CK adversary model, the attacker is able to retrieve session specific state information, derived by the SM and the SP, respectively. Note that no long-term private keys are revealed in this query. – SSReveal(SM). The output of this query results in r1 + dA, h1, h2, R1, C, S1. – SSReveal(SP). The output of this query results in x0r2, X0R2, x0h1, x0h2, X0S2. • Corrupt queries. These queries give the private key of the entity as result. Note that only Corrupt(SM) and Corrupt(SP) exist and no corrupt queries with regards to the TTP, which is considered a completely trusted entity. They are included to prove the perfect forward security of the scheme. • Session key reveal query (SKReveal). In this query, the established symmetric SK between SP and SM is returned in case it has been successfully generated. • Test query. In this query, either the established SK or a random value is returned, dependent on the output c = 1 or c = 0, respectively of a flipped coin c. Note that the test query cannot be issued when the SKReveal query, the SSReveal(SM) and Corrupt(SM), or SSReveal(SP) and Corrupt(SP), have been executed. In order to prove the semantic security of the scheme, we consider the following two definitions. • The SP and SM are partners if they are exchanging messages directly and are the only entities able to successfully derive an authenticated common shared SK. • The established shared secret key is said to be fresh if the SK has been established without SKReveal query by the adversary or Corrupt query of SM and SP. The final goal of the adversary A is to distinguish the difference between a real secret session key or a random value, i.e., to successfully predict the output of the test query. If Pr(succ) denotes the probability that the adversary succeeds in its mission, the advantage of the adversary in breaking the semantic security of the proposed scheme equals to Adv(A) = |2Pr[succ] − 1|. Consequently, our scheme offers semantic security under the CK adversary and random oracle model if the advantage for A winning the game satisfies Adv(A) ≤ ge, for any sufficiently small g e >0. The difference lemma [23] is used to prove the statement.