CSF'23: Distinguished Paper Award for MPI-SP researcher

Itsaka Rakotonirina successful at 36th IEEE Computer Security Foundations Symposium

Postdoctoral researcher Itsaka Rakotonirina from the Max Planck Institute for Security and Privacy (MPI-SP) and his colleague Vincent Cheval from Inria Paris won a Distinguished Paper Award at the 36th IEEE Computer Security Foundations Symposium (CSF) in Dubrovnik.

In many daily-life situations, distant persons or machines need to communicate together in a sensitive context. For example, during online payments: when authenticating the paying person to the bank, anyone may intercept the communication using an antenna to attempt to steal the secret banking data. To protect against such attacks, communications are usually protected by cryptography and organised into security protocols, which are complex programs attempting to rule out potential security violations from dishonest third parties.

Many automated tools have been designed to this day to help with the analysis of these complex protocols, and today scale up to several industrial-size examples. One example of such a tool is ProVerif, which can carry among others proofs that a protocol verifies some privacy-type properties (data secrecy, anonymity, …). However, these proofs are rather restricted in that they can only handle security notions whose definition comply to very strict structural requirements. Cheval and Rakotonirina’s contribution was to relax them to a large extent by enhancing the internal machinery of ProVerif and typically makes the tool now able to analyse many unlinkability properties such as the non-traceability of electronic passports.

About IEEE CSF
IEEE (pronounced “Eye-triple-E”) stands for the Institute of Electrical and Electronics Engineers and is the world’s largest technical professional organization. Part of its work is the sponsoring of annual conferences and other event formats, thereby providing forums for cutting-edge content for all of the technical fields of interest within the organization. One of these conferences is the IEEE Computer Security Foundations Symposium (CSF): Since 1988, CSF has been an annual forum for computer security researchers to examine current security theories, the formal models which provide a context for them, as well as techniques for verifying security.