Relating two standard notions of secrecy

Authors Eugen Zalinescu, Véronique Cortier, Michaël Rusinowitch

Thumbnail PDF


  • Filesize: 392 kB
  • 29 pages

Document Identifiers

Author Details

Eugen Zalinescu
Véronique Cortier
Michaël Rusinowitch

Cite AsGet BibTex

Eugen Zalinescu, Véronique Cortier, and Michaël Rusinowitch. Relating two standard notions of secrecy. In Workshop on Trustworthy Software. Open Access Series in Informatics (OASIcs), Volume 3, pp. 1-29, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2006)


Two styles of definitions are usually considered to express that a security protocol preserves the confidentiality of a data { t s}. Reach-ability-based secrecy means that { t s} should never be disclosed while equi-valence-based secrecy states that two executions of a protocol with distinct instances for { t s} should be indistinguishable to an attacker. Although the second formulation ensures a higher level of security and is closer to cryptographic notions of secrecy, decidability results and automatic tools have mainly focused on the first definition so far. This paper initiates a systematic investigation of situations where syntactic secrecy entails strong secrecy. We show that in the passive case, reachability-based secrecy actually implies equivalence-based secrecy for signatures, symmetric and asymmetric encryption provided that the primitives are probabilistic. For active adversaries in the case of symmetric encryption, we provide sufficient (and rather tight) conditions on the protocol for this implication to hold.
  • Verification
  • security protocols
  • secrecy
  • applied-pi calculus


  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    PDF Downloads