An NP decision procedure for protocol insecurity with XOR

Theoretical Computer Science

Volumn 338, Issue 1-3, 2005, Pages 247-274

  Chevalier, Yannick ^a   Küsters, Ralf ^b   Rusinowitch, Michaël ^a   Turuani, Mathieu ^a  

^a UNIVERSITÉ DE LORRAINE   (France)

^b UNIVERSITY OF KIEL   (Germany)

Author keywords

Complexity; Protocols; Security; Verification; XOR

Indexed keywords

ALGEBRA; BOUNDARY CONDITIONS; COMPUTATIONAL COMPLEXITY; CRYPTOGRAPHY; DECISION MAKING; PROBLEM SOLVING; TEXT PROCESSING;

PROTOCOL INSECURITY; SECURITY; VERIFICATION; XOR;

NETWORK PROTOCOLS;

EID: 18544380224     PISSN: 03043975     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.tcs.2005.01.015     Document Type: Article

References (30)

1. R.M. Amadio, W. Charatonik, On name generation and set-based analysis in the Dolev-Yao Model, in: L. Brim, P. Jancar, M. Kretinsky, A. Kucera (Eds.), 13th Internat. Conf. on Concurrency Theory (CONCUR 2002), Lecture Notes in Computer Science, Vol. 2421, Springer, Berlin, 2002, pp. 499-514.
2. R. Amadio, D. Lugiez, On the reachability problem in cryptographic protocols, in: C. Palamidessi (Ed.), Proc. CONCUR 2000 - Concurrency Theory, 11th Internat. Conf., Lecture Notes in Computer Science, Vol. 1877, Springer, Berlin, 2000, pp. 380-394.
3. A. Armando, L. Compagna, P. Ganty, SAT-based model-checking of security protocols using planning graph analysis, in: Proc. 12th Internat. FME Symp. (FME 2003), Lecture Notes in Computer Science, Vol. 2885, Springer, Berlin, 2003, pp. 875-893.
4. D. Basin, S. Mödersheim, L. Viganò, An on-the-fly model-checker for security protocol analysis, in: E. Snekkenes, D. Gollmann (Eds.), Proc. Eighth European Symp. on Research in Computer Security (ESORICS 2003), Lecture Notes in Computer Science, Vol. 2808, Springer, Berlin, 2003, pp. 253-270.
5. M. Boreale, Symbolic trace analysis of cryptographic protocols, in: Automata, Languages and Programming, 28th Internat. Colloq. (ICALP 2001), Lecture Notes in Computer Science, Vol. 2076, Springer, Berlin, 2001, pp. 667-681.
6. Y. Chevalier, R. Küsters, M. Rusinowitch, M. Turuani, An NP decision procedure for protocol insecurity with XOR, in: Proc. 18th Ann. IEEE Symp. on Logic in Computer Science, Lecture Notes in Computer Science 2003, IEEE, Computer Society Press, 2003, pp. 261-270.
7. Y. Chevalier, R. Küsters, M. Rusinowitch, M. Turuani, Deciding the security of protocols with Diffie-Hellman exponentiation and products in exponents, in: P.K. Pandya, J. Radhakrishnan (Eds.), FSTTCS 2003: Foundations of Software Technology and Theoretical Computer Science, Lecture Notes in Computer Science, Vol. 2914, Springer, Berlin, 2003, pp. 124-135.
8. Y. Chevalier, R. Küsters, M. Rusinowitch, M. Turuani, Deciding the security of protocols with commuting public key encryption, in: IJCAR 2004 Workshop W6 ARSPA Automated Reasoning for Security Protocol Analysis, 2004, ENTCS.
9. Y. Chevalier, L. Vigneron, Automated unbounded verification of security protocols, in: Proc. 14th Internat. Conf. on Computer Aided Verification (CAV 2002), Lecture Notes in Computer Science, Vol. 2404, Springer, Berlin, 2002, pp. 324-337.
10. J. Clark, J. Jacob, A Survey of Authentication Protocol Literature, 1997. Web Draft Version 1.0 available from http://citeseer.nj.nec.com/.
11. H. Comon, V. Cortier, J. Mitchell, Tree automata with one memory, set constraints, and ping-pong protocols, in: Automata, Languages and Programming, 28th Internat. Colloq. (ICALP 2001), Lecture Notes in Computer Science, Vol. 2076, 2001, pp. 682-693.
12. H. Comon-Lundh, V. Shmatikov, Intruder deductions, constraint solving and insecurity decision in presence of exclusive or, in: Proc. 18th Ann. IEEE Symp. on Logic in Computer Science, Lecture Notes in Computer Science 2003, IEEE, Computer Society Press, 2003, pp. 271-280.
13. D. Dolev, and A.C. Yao On the security of public-key protocols IEEE Trans. Inform. Theory 29 2 1983 198 208
14. N.A. Durgin, P.D. Lincoln, J.C. Mitchell, A. Scedrov, Undecidability of bounded security protocols, in: Workshop on Formal Methods and Security Protocols (FMSP'99), 1999.
15. M.P. Fiore, and M. Abadi Computing symbolic models for verifying cryptographic protocols 14th Computer Security Foundations Workshop (CSFW-14) 2001 IEEE, Computer Society Press 160 173
16. D. Kapur, P. Narendran, L. Wang, An E-unification Algorithm for Analysing Protocols that Use Modular Exponentiation, in: R. Nieuwenhuis (Ed.), Proc. 14th Internat. Conf. on Rewriting Techniques and Applications (RTA 2003), Lecture Notes in Computer Science, Vol. 2706, Springer, 2003, pp. 165-179.
17. R. Küsters, On the decidability of cryptographic protocols with open-ended data structures, in: L. Brim, P. Jancar, M. Kretinsky, A. Kucera (Eds.), 13th Internat. Conf. on Concurrency Theory (CONCUR 2002), Lecture Notes in Computer Science, Vol. 2421, Springer, Berlin, 2002, pp. 515-530.
18. G. Lowe An attack on the Needham-Schroeder public-key authentication protocol Inform. Process. Lett. 56 1995 131 133
19. G. Lowe, Breaking and fixing the Needham-Schroeder public-key protocol using FDR, in: Tools and Algorithms for the Construction and Analysis of Systems (TACAS 1996), Lecture Notes in Computer Science, Vol. 1055, Springer, Berlin, 1996, pp. 147-166.
20. G. Lowe Towards a completeness result for model checking of security protocols J. Comput. Security 7 2-3 1999 89 146
21. C. Meadows, P. Narendran, A unification algorithm for the group Diffie-Hellman protocol, in: Workshop on Issues in the Theory of Security (WITS 2002), 2002.
22. J.K. Millen, and V. Shmatikov Constraint solving for bounded-process cryptographic protocol analysis Proc. Eighth ACM Conf. on Computer and Communications Security 2001 ACM Press New York 166 175
23. J.C. Mitchell, V. Shmatikov, U. Stern, Finite-state analysis of ssl 3.0, in: Seventh USENIX Security Symposium, 1998, pp. 201-216.
24. R. Needham, and M. Schroeder Using encryption for authentication in large networks of computers Commun. ACM 21 12 1978 993 999
25. L.C. Paulson Mechanized proofs for a recursive authentication protocol 10th IEEE Computer Security Foundations Workshop (CSFW-10) 1997 IEEE Computer Society Press 84 95
26. O. Pereira, J.-J. Quisquater, On the perfect encryption assumption, in: Workshop on Issues in the Theory of Security (WITS 2000), 2000, pp. 42-45.
27. M. Rusinowitch, and M. Turuani Protocol insecurity with finite number of sessions is NP-complete 14th IEEE Computer Security Foundations Workshop (CSFW-14) 2001 IEEE Computer Society 174 190
28. P.Y.A. Ryan, and S.A. Schneider An attack on a recursive authentication protocol Inform. Process. Lett. 65 1 1998 7 10
29. D.X. Song, S. Berezin, and A. Perrig Athena a novel approach to efficient automatic security protocol analysis J. Comput. Security 9 1/2 2001 47 74
30. S.D. Stoller A bound on attacks on authentication protocols R. Baeza-Yates U. Montanari N. Santoro Proc. Second IFIP Internat. Conf. on Theoretical Computer Science: Foundations of Information Technology in the Era of Network and Mobile Computing 2002 Kluwer 588 600