Formal Methods and Cryptography: The Next Generation of Abstractions (CryptoForma)

形式化方法和密码学：下一代抽象 (CryptoForma)

基本信息

批准号：
EP/G069875/1
负责人：
Eerke Boiten
金额：
$ 9.41万
依托单位：
University of Kent
依托单位国家：
英国
项目类别：
Research Grant
财政年份：
2009
资助国家：
英国
起止时间：
2009 至无数据
项目状态：
已结题

来源：
https://gtr.ukri.org/projects?ref=EP%2FG069875%2F1
关键词：
Formal Methods Cryptography Next Generation

项目摘要

The purpose of CryptoForma is to build an expanding network in computer science and mathematics to support the development of formal notations, methods and techniques for modelling and analysing modern cryptographic protocols. This work increases security and confidence in such protocols and their applications (e.g. in e-commerce and voting), to the benefit of protocol designers, businesses, governments, and application users.The United Kingdom has traditionally been a world leader in research into, and applications of, formal methods. Work in the UK on the foundations of languages and notations such as CSP, pi-calculus, and Z have led to their widespread use in critical systems development in industry.The UK is also well known to contain leading experts in cryptography. In the last two decades we have done important work in stream cipher design, symmetric ciphers (differential and algebraic cryptanalysis), elliptic curve cryptography, identity based cryptography and in protocols (e.g. in the mobile phone industry).In the 1990s in the UK, formal methods were successfully applied to the modelling and verification of security protocols at a high level of abstraction. However, modern cryptographic protocols contain probabilistic and complexity theoretic aspects which require a different set of abstractions. Several approaches for dealing with this have appeared since, including: automated proof-checking; compositional techniques; higher level proof structures; abstractions of computational models; and specialised logics.The network aims to bring together research groups working in the UK in these areas, starting with 7 sites and expanding rapidly from that.It will allow a systematic and effective cross-fertilisation between the differing strands of work. The consortium contains mathematicians and computer scientists, experts on cryptography, on formal methods, and on their interconnection, and developers of practical cryptographic protocols both from academia and from industry. A group with such a very broad spectrum of expertise will enable both(a) informing/strengthening practical developments by solid mathematical analysis, and (b) motivating foundational analysis by practice-based needs and requirements.To do so the network will organise meetings around both fundamental and more directly applicable issues, such as:- adequate abstractions of cryptographic primitives;- specialised specification notations with notions of probability, timing, and complexity;- abstract concepts and logics that allow the expression of security properties and reasoning about them;- practical protocols, e.g. e-voting, trust management, and those involving zero-knowledge proofs and commitments which formal methods cannot currently deal with.With these interests and questions in mind, the overall aims of CryptoForma are to:- bring together academics and industrialists interested in the application of formal methods to the specification, development and verification of cryptographic protocols;- stimulate collaboration between individuals and groups in order to tackle the questions highlighted above;- disseminate problems and results to researchers and practitioners in the field and to the wider communities in cryptography and formal methods.To achieve this research meetings and workshops are planned which will foster collaboration and disseminate key results.This proposal is timely and important because- society has recently experienced a reduced confidence in protection of electronic data, and in applications such ase-commerce and e-voting;- a critical mass of researchers in this area exists in the UK but this is not being exploited;- the subject is high on the agenda of research institutions, industries and academics world-wide. This is evidenced by the letters of support and the enthusiasm for the preliminary meeting of the network in January 2009 where all partners and 10 others will meet.

隐型型的目的是建立一个扩展的计算机科学和数学网络，以支持建模和分析现代密码协议的形式符号，方法和技术的开发。这项工作增加了对此类协议及其应用的安全性和信心（例如，在电子商务和投票中），对协议设计师，企业，政府和应用程序用户的利益。在英国为CSP，PI-Calculus和Z等语言和符号的基础工作，导致了它们在行业关键系统开发中的广泛使用。在过去的二十年中，我们在流程密码设计，对称密码（差速器和代数密码分析），椭圆曲线密码学，基于身份的密码和协议（例如，在英国的1990年代）中，正式方法已成功地应用了较高的级别的验证，在1990年代，正式方法已成功地应用了验证级别的验证。但是，现代的加密协议包含概率和复杂性理论方面，需要不同的抽象集。此后出现了几种处理此问题的方法，包括：自动验证检查；组成技术；更高级别的证明结构；计算模型的抽象；该网络旨在将在英国工作的研究小组汇集在一起，从7个站点开始，并从该领域迅速扩展。该财团包含数学家和计算机科学家，密码学专家，有关正式方法及其互连的专家，以及来自学术界和行业的实用加密协议的开发商。具有如此广泛专业知识的团队将通过稳定的数学分析来告知/加强实际发展，以及（b）通过基于实践的需求和要求来激励基础分析。这样做这样的网络将组织会议围绕基本和更直接适用的问题，例如： - 以下方面的问题；允许表达安全属性及其推理的逻辑； - 实际协议，例如电子投票，信托管理以及涉及零知识证明和承诺的人，正式方法目前无法处理这些兴趣和问题。考虑到这些兴趣和问题，隐型型的总体目的是： - 将有兴趣的学者和工业家汇集在一起，将正式方法应用于应用程序和验证的规定和验证的问题；刺激序列； - 刺激了序列；该领域的研究人员和从业人员和对密码学和形式方法的更广泛社区的计划。要实现这次研究会议和研讨会，这将促进协作并分散关键结果。这项建议是及时的，因为社会最近经历了对电子数据的保护的信心，并在诸如范围的研究中; explien Is contist of this Is expist of the Is expist of the Is exters of the Is ext in ext ext of the Is exist of Presist;该主题在全球研究机构，行业和学术界的议程上很高。 2009年1月，所有合作伙伴和其他10个会面的网络初步会议的支持信和热情证明了这一点。