Hide and New in the Pi-Calculus

TL;DR

This paper introduces a 'hide' operator to the pi-calculus, enhancing its ability to model confidentiality by restricting access to communication objects with static scope, and analyzes its security properties against side-channel attacks.

Contribution

It extends the pi-calculus with a new 'hide' operator for confidentiality, providing formal security reasoning and contrasting it with the existing 'new' operator.

Findings

The 'hide' operator enforces static scope, preventing name extrusion.

A spy context demonstrates security differences between 'hide' and 'new'.

Stronger equivalences are established through bisimulation semantics.

Abstract

In this paper, we enrich the pi-calculus with an operator for confidentiality (hide), whose main effect is to restrict the access to the object of the communication, thus representing confidentiality in a natural way. The hide operator is meant for local communication, and it differs from new in that it forbids the extrusion of the name and hence has a static scope. Consequently, a communication channel in the scope of a hide can be implemented as a dedicated channel, and it is more secure than one in the scope of a new. To emphasize the difference, we introduce a spy context that represents a side-channel attack and breaks some of the standard security equations for new. To formally reason on the security guarantees provided by the hide construct, we introduce an observational theory and establish stronger equivalences by relying on a proof technique based on bisimulation semantics.