Deciding security properties for cryptographic protocols. Application to key cycles

ACM Transactions on Computational Logic

Volumn 11, Issue 2, 2010, Pages

  Comon Lundh, Hubert ^a   Cortier, Véronique ^b   Zǎlinescu, Eugen ^c  

^a UNIVERSITÉ PARIS SACLAY   (France)

^b LORIA   (France)

^c MSR INRIA Joint Centre   (France)

Author keywords

Formal proofs; Security protocols; Symbolic constraints; Verification

Indexed keywords

CRYPTOGRAPHIC PROTOCOLS; DECISION PROCEDURE; FORMAL PROOFS; FORMAL VERIFICATION OF SECURITY; NP COMPLETE; SECURITY PROPERTIES; SECURITY PROTOCOLS; SIMPLIFICATION RULES; SYMBOLIC MODEL; TIME STAMPS;

COMMUNICATION CHANNELS (INFORMATION THEORY); COMPUTABILITY AND DECIDABILITY; CRYPTOGRAPHY; NETWORK PROTOCOLS;

NETWORK SECURITY;

EID: 76249100283     PISSN: 15293785     EISSN: 1557945X     Source Type: Journal    
DOI: 10.1145/1656242.1656244     Document Type: Article

References (44)

1. ABADI,M. AND ROGAWAY, P. 2002. Reconciling two views of cryptography (the computational soundness of formal encryption). J. Cryptol. 2, 103-127.
2. ADÃO, P., BANA, G., HERZOG, J., AND SCEDROV, A. 2005. Soundness of formal encryption in the presence of key-cycles. In Proceedings of the 10th European Symposium on Research in Computer Security (ESORICS'05). Lecture Notes in Computer Science, vol.3679. Springer Verlag, 374-396.
3. AMADIO, R. AND LUGIEZ, D. 2000. On the reachability problem in cryptographic protocols. In Proceedings of the 11th International Conference on Concurrency Theory (CONCUR'00). Lecture Notes in Computer Science, vol.1877. Springer Verlag, 380-394.
4. ARMANDO, A., BASIN,D., BOICHUT, Y., CHEVALIER, Y., COMPAGNA, L., CUELLAR, J.,DRIELSMA, P. H.,H́EAM, P., KOUCHNARENKO, O., MANTOVANI, J., MÖDERSHEIM, S., VON OHEIMB, D., RUSINOWITCH, M., SANTIAGO, J., TURUANI, M., VIGAǸO, L., AND VIGNERON, L. 2005. The AVISPA tool for the automated validation of internet security protocols and applications. In Proceedings of the International Conference on Computer Aided Verification (CAV'05). Lecture Notes in Computer Science, vol.3576. Springer Verlag.
5. BACKES, M. AND PFITZMANN, B. 2004. Symmetric encryption in a simulatable Dolev-Yao style cryptographic library. In Proceedings of the 17th IEEE Computer Security Foundations Workshop (CSFW'04). IEEE Computer Society Press, 204-218.
6. BACKES, M., PFITZMANN, B., AND SCEDROV, A. 2007. Key-dependent message security under active attacks-BRSIM/UC-soundness of symbolic encryption with key cycles. In Proceedings of the 20th IEEE Computer Security Foundations Symposium (CSF'07). IEEE Computer Society Press. (Preprint on IACR ePrint 2005/421.)
7. BAUDET, M. 2005. Deciding security of protocols against off-line guessing attacks. In Proceedings of the 12th ACMConference on Computer and Communication Security (CCS'05).ACMPress, 16-25.
8. BELLARE, M. AND ROGAWAY, P. 1993. Entity authentication and key distribution. In Proceedings of the 13th Annual International Conference on Advances in Cryptology (CRYPTO'93). Lecture Notes in Computer Science, vol.773. Springer Verlag, 232-249.
9. BLANCHET, B. 2001. An efficient cryptographic protocol verifier based on Prolog rules. In Proceedings of the 14th IEEE Computer Security Foundations Workshop (CSFW'01). IEEE Computer Society Press, 82-96.
10. BLANCHET, B. AND PODELSKI, A. 2003. Verification of cryptographic protocols: Tagging enforces termination.
11. In Proceedings of the 6th International Conference on Foundations of Software Science and Computation Structures (FoSSaCS'03), A. Gordon, Ed. Lecture Notes in Computer Science, vol.2620. Springer Verlag, 136-152.
12. BOZGA, L., ENE, C., AND LAKHNECH, Y. 2004. A symbolic decision procedure for cryptographic protocols with time stamps. In Proceedings of the 15th International Conference on Concurrency Theory (CONCUR'04). Lecture Notes in Computer Science, vol.3170. Springer Verlag, 177-192.
13. BURSUC, S., COMON-LUNDH, H., AND DELAUNE, S. 2007. Associative- commutative deducibility constraints.
14. In Proceedings of the 24th Annual Symposium on Theoretical Aspects of Computer Science (STACS'07). Lecture Notes in Computer Science, vol.4393. Springer Verlag, 634-645.
15. CLARK, J. AND JACOB, J. 1997. A survey of authentication protocol literature. http://www.cs.york.ac.uk/∼jac/papers/drareviewps.ps.
16. COLMERAUER, A. 1984. Equations and inequations on finite and infinite trees. In Proceedings of the International Conference on Fifth Generation Computer Systems (FGCS'84). 85-99.
17. COMON-LUNDH, H. AND CORTIER, V. 2003. New decidability results for fragments of first-order logic and application to cryptographic protocols. In Proceedings of the 14th International Conference on Rewriting Techniques and Applications (RTA'03). Lecture Notes in Computer Science, vol.2706. Springer Verlag, 148-164.
18. COMON-LUNDH, H. AND SHMATIKOV, V. 2003. Intruder deductions, constraint solving and insecurity decision in presence of exclusive or. In Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science (LICS'03). IEEE Computer Society Press, 271-280.
19. CORIN, R. 2006. Analysis models for security protocols. Ph.D. thesis, University of Twente, The Netherlands.
20. CORIN, R. AND ETALLE, S. 2002. An improved constraint-based system for the verification of security protocols. In Proceedings of the 9th International Symposium on Static Analysis (SAS'02). Lecture Notes in Computer Science, vol.2477. Springer Verlag, 326-341.
21. CORIN, R. J., SAPTAWIJAYA, A., AND ETALLE, S. 2005. PS-LTL for constraint-based security protocol analysis. In Proceedings of the 21st International Conference on (ICLP'05). Lecture Notes in Computer Science, vol.3668. Springer Verlag, 439-440.
22. CORTIER, V., DELAITRE, J., AND DELAUNE, S. 2007. Safely composing security protocols. In Proceedings of the 27th International Conference on Foundations of Software Technology and Theoretical Computer Science (FSTTCS'07). Lecture Notes in Computer Science, vol.4855. Springer Verlag, 352-363.
23. CORTIER, V., KREMER, S., KÜSTERS, R., AND WARINSCHI, B. 2006. Computationally sound symbolic secrecy in the presence of hash functions. In Proceedings of the 26th International Conference on Foundations of Software Technology and Theoretical Computer Science (FSTTCS'06). Lecture Notes in Computer Science, vol.4337. Springer Verlag, 176-187.
24. CORTIER, V. AND Z?ALINESCU,E. 2006. Deciding key cycles for security protocols. In Proceedings of the 13th International Conference on Logic for Programming, Artificial Intelligence, and Reasoning (LPAR'06). Lecture Notes in Artificial Intelligence, vol.4246. Springer Verlag, 317-331.
25. CREMERS, C. 2008. The Scyther Tool: Verification, falsification, and analysis of security protocols. In Proceedings of the 20th International Conference on Computer Aided Verification (CAV'08). Lecture Notes in Computer Science, vol.5123. Springer Verlag, 414-418.
26. DURGIN, N., LINCOLN, P., ANDMITCHELL, J. 2004. Multiset rewriting and the complexity of bounded security protocols. J. Comput. Secur. 12, 2, 247-311.
27. DURGIN, N., LINCOLN, P., MITCHELL, J., AND SCEDROV, A. 1999. Undecidability of bounded security protocols. In Proceedings of the Workshop on Formal Methods and Security Protocols.
28. GOLDWASSER, S. AND MICALI, S. 1984. Probabilistic encryption. J. Comput. Syst. Sc. 28, 270-299.
29. HOFHEINZ, D. AND UNRUH, D. 2008. Towards key-dependent message security in the standard model. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT). Lecture Notes in Computer Science, vol.4965. Springer Verlag, 108-126. (Preprint on IACR ePrint 2007/333).
30. JANVIER, R. 2006. Lien entre mod̀eles symboliques et computationnels pour le protocoles cryptographiques utilisant des hachage. Ph.D. thesis, Universit́e Joseph Fourier, Grenoble.
31. JANVIER, R., LAKHNECH, Y., AND MAZARE, L. 2005. (De)Compositions of cryptographic schemes and their applications to protocols. Cryptology ePrint Archive, Report 2005/020.
32. LAUD, P. 2002. Encryption cycles and two views of cryptography. In Proceedings of the Nordic Workshop on Secure IT Systems (NORDSEC'02).
33. LOWE, G. 1996. Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In Proceedings of the 2nd International Workshop on Tools and Algorithms for the Construction and Analysis of Systems (TACAS'96). Lecture Notes in Computer Science, vol.1055. Springer Verlag, 147-166. (Pubitemid 126050413)
34. LOWE, G. 1998. Towards a completeness result for model checking of security protocols. In Proceedings of the 11th IEEE Computer Security FoundationsWorkshop (CSFW'98). IEEE Computer Society Press.
35. MICCIANCIO, D. AND WARINSCHI, B. 2004a. Completeness theorems for the Abadi-Rogaway logic of encrypted expressions. J. Comput. Sec. 12, 1, 99-129.
36. MICCIANCIO, D. ANDWARINSCHI, B. 2004b. Soundness of formal encryption in the presence of active adversaries. In Proceedings of the 1st Theory of Cryptography Conference (TCC'04). Lecture Notes in Computer Science, vol.2951. Springer Verlag, 133-151.
37. MILLEN, J. AND SHMATIKOV, V. 2001. Constraint solving for bounded-process cryptographic protocol analysis. In Proceedings of the 8th ACM Conference on Computer and Communication Security (CCS'01). ACM Press, 166-175.
38. NEEDHAM, R. M. AND SCHROEDER, M. D. 1978. Using encryption for authentication in large networks of computers. Comm. ACM 21, 12, 993-999.
39. RAMANUJAM, R. AND SURESH, S. P. 2003. Tagging makes secrecy decidable for unbounded nonces as well. In Proceedings of the 23rd Conference on Foundations of Software Technology and Theoretical Computer Science (FSTTCS'03). Lecture Notes in Computer Science, vol.2914. Springer Verlag, 363-374.
40. RAMANUJAM, R. AND SURESH, S. P. 2005. Decidability of context-explicit security protocols. J. Comput. Sec. 13, 1, 135-165.
41. RUSINOWITCH, M. AND TURUANI, M. 2001. Protocol insecurity with finite number of sessions is NPcomplete. In Proceedings of the 14th IEEE Computer Security FoundationsWorkshop (CSFW'01). IEEE Computer Society Press, 174-190.
42. RUSINOWITCH, M. AND TURUANI, M. 2003. Protocol insecurity with finite number of sessions and composed keys is NP-complete. Theor. Comput. Scie. 299, 451-475.
43. SYVERSON, P. AND MEADOWS, C. 1996. A formal language for cryptographic protocol requirements. Des. Codes Cryptog. 7, 1-2, 27-59.
44. VERMA, K. N., SEIDL, H., AND SCHWENTICK, T. 2005. On the complexity of equational Horn clauses. In Proceedings of the 22th International Conference on Automated Deduction (CADE'05). Lecture Notes in Computer Science. Springer Verlag, 337-352.