Using proverif to analyze protocols with diffie-hellman exponentiation

Proceedings - IEEE Computer Security Foundations Symposium

Volumn , Issue , 2009, Pages 157-171

  Küsters, Ralf ^a   Truderung, Tomasz ^a  

^a UNIVERSITY OF TRIER   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

ALGEBRAIC PROPERTIES; AUTOMATIC ANALYSIS; CRYPTOGRAPHIC PROTOCOLS; DIFFIE HELLMAN; EXCLUSIVE-OR; EXPONENTIATIONS; HORN THEORY; LARGE CLASS; SOUNDNESS AND COMPLETENESS;

ALGEBRA; SECURITY OF DATA; SECURITY SYSTEMS;

CRYPTOGRAPHY;

EID: 70350539549     PISSN: 19401434     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSF.2009.17     Document Type: Conference Paper

References (33)

1. M. Abadi, B. Blanchet, and C. Fournet. Just Fast Keying in the Pi Calculus. In D. Schmidt, editor, Programming Languages and Systems: Proceedings of the 13th European Symposium on Programming (ESOP'04), volume 2986 of Lecture Notes on Computer Science, pages 340-354. Springer Verlag, 2004.
2. W. Aiello, S. M. Bellovin, M. Blaze, J. Ioannidis, O. Rein-gold, R. Canetti, and A. D. Keromytis. Efficient, DoS-resistant, secure key exchange for internet protocols. In V. Atluri, editor, ACM Conference on Computer and Communications Security, pages 48-58. ACM, 2002.
3. A. Armando, D. Basin, Y. Boichut, Y. Chevalier, L. Com-pagna, J. Cuéllar, P. Drielsma, P.-C. Héam, O. Kouchnarenko, J. Mantovani, S. Mödersheim, D. von Oheimb, M. Rusinow-itch, J. Santiago, M. Turuani, L. Viganò, and L. Vigneron. The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications. In K. Etessami and S. Rajamani, editors, Computer Aided Verification, 17th International Conference (CAV 2005), volume 3576 of Lecture Notes in Computer Science, pages 281-285. Springer-Verlag, 2005.
4. The AVISPA Library of Protocols. http://avispa-project.org/library/.
5. B. Blanchet. An Efficient Cryptographic Protocol Verifier Based on Prolog Rules. In Proceedings of the 14th IEEE Computer Security Foundations Workshop (CSFW-14), pages 82-96. IEEE Computer Society, 2001.
6. B. Blanchet, M. Abadi, and C. Fournet. Automated Verification of Selected Equivalences for Security Protocols. In 20th IEEE Symposium on Logic in Computer Science (LICS 2005), pages 331-340. IEEE Computer Society, 2005.
7. B. Blanchet, M. Abadi, and C. Fournet. Automated verification of selected equivalences for security protocols. Journal of Logic and Algebraic Programming, 75(1):3-51, 2008.
8. M. Boreale and M. Buscemi. On the Symbolic Analysis of Low-Level Cryptographic Primitives: Modular Exponentiation and the Diffie-Hellman Protocol. In Proceedings of the Workshop on Foundations of Computer Security (FCS 2003), 2003.
9. M. Boreale and M. G. Buscemi. Symbolic analysis of crypto-protocols based on modular exponentiation. In B. Rovan and P. Vojtás, editors, Mathematical Foundations of Computer Science 2003, 28th International Symposium (MFCS 2003), volume 2747 of Lecture Notes in Computer Science, pages 269-278. Springer, 2003.
10. Y. Chevalier, R. Küsters, M. Rusinowitch, and M. Turuani. Deciding the Security of Protocols with Diffie-Hellman Exponentiation and Products in Exponents. In P. Pandya and J. Radhakrishnan, editors, FSTTCS 2003: Foundations of Software Technology and Theoretical Computer Science, volume 2914 of Lecture Notes in Computer Science, pages 124-135. Springer, 2003. A full version of this paper was published in ACM Transactions on Computational Logic (TOCL), 9(4), 2008.
11. Y. Chevalier and M. Rusinowitch. Hierarchical Combination of Intruder Theories. In F. Pfenning, editor, Term Rewriting and Applications, 17th International Conference, RTA 2006, Proceedings, volume 4098 of Lecture Notes in Computer Science, pages 108-122. Springer, 2006.
12. H. Comon-Lundh and V. Cortier. Security properties: two agents are sufficient. Sci. Comput. Program., 50(1-3):51-71, 2004.
13. W. Diffie, P. C. van Oorschot, and M. J. Wiener. Authentication and Authenticated Key Exchanges. Designes Codes and Cryptography, 2(2):107-125, 1992.
14. S. Escobar, C. Meadows, and J. Meseguer. State Space Reduction in the Maude-NRL Protocol Analyzer. In S. Jajodia and J. López, editors, Computer Security - ESORICS 2008, 13th European Symposium on Research in Computer Security, Proceedings, volume 5283 of Lecture Notes in Computer Science, pages 548-562. Springer, 2008.
15. J. Goubault-Larrecq, M. Roger, and K. Verma. Abstraction and Resolution Modulo AC: How to Verify Diffie-Hellman-like Protocols Automatically. Journal of Logic and Algebraic Programming, 64(2):219-251, 2005.
16. ISO/IEC IS 9798-3, Entity authentication mechanisms-Part 3: Entity authentication using assymetric techniques, 1993.
17. D. Kapur, P. Narendran, and L. Wang. Analyzing protocols that use modular exponentiation: Semantic unification techniques. In R. Nieuwenhuis, editor, Proceedings of the 14th International Conference on Rewriting Techniques and Applications (RTA 2003), volume 2706 of Lecture Notes in Computer Science, pages 165-179. Springer, 2003.
18. C. Kaufman (Editor). Internet Key Exchange (IKEv2) Protocol. draft-ietf-ipsec-ikev2-17.txt, 2004. http://tools.ietf.org/html/draft-ietf- ipsec-ikev2-17.
19. H. Krawczyk. SIGMA: The 'SIGn-and-MAc' Approach to Authenticated Diffie-Hellman and Its Use in the IKE-Protocols. In D. Boneh, editor, Advances in Cryptology - CRYPTO 2003, 23rd Annual International Cryptology Conference, volume 2729 of Lecture Notes in Computer Science, pages 400-425. Springer, 2003.
20. R. Küsters and T. Truderung. DH-ProVerif Implementation. Available at http://www.infsec.uni-trier.de/tools.html.
21. R. Küsters and T. Truderung. Reducing Protocol Analysis with XOR to the XOR-free Case in the Horn Theory Based Approach. In P. Syverson, S. Jha, and X. Zhang, editors, Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS 2008), pages 129-138. ACM Press, 2008.
22. C. Lynch and C. Meadows. Sound Approximations to Diffie-Hellman Using Rewrite Rules. In J. Lopez, S. Qing, and E. Okamoto, editors, Information and Communications Security, 6th International Conference (ICICS 2004), volume 3269 of Lecture Notes in Computer Science, pages 262-277. Springer, 2004.
23. C. Meadows. Extending formal cryptographic protocol analysis techniques for group protocols and low-level cryptographic primitives. In P. Degano, editor, Proceedings of the First Workshop on Issues in the Theory of Security (WITS'00), pages 87-92, 2000.
24. C. Meadows and P. Narendran. A Unification Algorithm for the Group Diffie-Hellman Protocol. In Workshop on Issues in the Theory of Security (WITS 2002), 2002.
25. J. Millen and V. Shmatikov. Symbolic Protocol Analysis with Products and Diffie-Hellman Exponentiation. In Proceedings of the 16th IEEE Computer Security Foundations Workshop (CSFW 16), pages 47-61. IEEE Computer Society, 2003.
26. B. C. Neuman and T. Ts'o. Kerberos: An Authentication Service for Computer Networks. IEEE Communications, 32(9):33-38, 1994.
27. C. Neuman, T. Yu, S. Hartman, and K. Raeburn. The Kerberos Network Authenitcation Service (V5). RFC 4120, 2005.
28. A. Roy, A. Datta, and J. C. Mitchell. Formal Proofs of Cryptographic Security of Diffie-Hellman-Based Protocols. In G. Barthe and C. Fournet, editors, Trustworthy Global Computing, volume 4912 of Lecture Notes in Computer Science, pages 312-329. Springer, 2007.
29. V. Shmatikov. Decidable Analysis of Cryptographic Protocols with Products and Modular Exponentiation. In D. Schmidt, editor, 13th European Symposium on Programming (ESOP 2004), volume 2986 of Lecture Notes in Computer Science, pages 355-369. Springer, 2004.
30. M. Turuani. The CL-Atse Protocol Analyser. In F. Pfenning, editor, Term Rewriting and Applications, 17th International Conference, RTA 2006, Proceedings, volume 4098 of Lecture Notes in Computer Science, pages 277-286. Springer, 2006.
31. K. Verma, H. Seidl, and T. Schwentick. On the complexity of equational horn clauses. In Proceedings of the 20th International Conference on Automated Deduction (CADE 2005), volume 3328 of Lecture Notes in Computer Science, pages 337-352. Springer-Verlag, 2005.
32. T. Ylonen. The Secure Shell (SSH) Transport Layer Protocol. RFC 4253, 2006.
33. L. Zhu and B. Tung. Public key cryptography for initial authentication in kerberos (PKINIT). RFC 4556, 2006.