Cryptographically sound security proofs for basic and public-key Kerberos
We present a computational analysis of basic Kerberos with and without its public-key extension PKINIT in which we consider
authentication and key secrecy properties. Our proofs rely on the Dolev–Yao style model of Backes, Pfitzmann, and Waidner,
which allows for mapping results obtained symbolically within this model to cryptographically sound proofs if certain assumptions
are met. This work was the first verification at the computational level of such a complex fragment of an industrial protocol.
By considering a recently fixed version of PKINIT, we extend symbolic correctness results we previously attained in the Dolev–Yao
model to cryptographically sound results in the computational model.