The layered games framework for specifications and analysis of security protocols

The layered games framework provides a solid foundation to the accepted methodology of building complex distributed systems, as a 'stack' of independently-developed protocols. Each protocol in the stack, realizes a corresponding 'layer' model, over the 'lower layer'. We define layers, protocols and related concepts. We then prove the fundamental lemma of layering. The lemma shows that given a stack of protocols {pi(i)}(i=1)(u) s.t. for every i is an element of {1,...u}, protocol pi(i) realizes layer L-i over layer Li-1, then the entire stack can be composed to a single protocol pi(u parallel to...parallel to 1), which realizes layer L-u over layer L-0. The fundamental lemma of layering allows precise specification, design and analysis of each layer independently, and combining the results to ensure properties of the complete system. This is especially useful when considering (computationally-bounded) adversarial environments, as for security and cryptographic protocols. Our specifications are based on games, following many works in applied cryptography. This differs from existing frameworks allowing compositions of cryptographic protocols, which are based on simulatability of ideal functionality.