Collusion analysis of cryptographic protocols

As network applications such as electronic commerce proliferate, complex communications protocols that employ cryptographic building blocks, such as encryption and authentication, will become more common. We view a cryptographic protocol as a process by which information is transferred among some users and hidden from others. The collusion problem determines whether a subset of users can discover, through collusion, the information that is designed to be hidden from them after a protocol is executed. Earlier we introduced a model for cryptographic protocols and its collusion analysis, and solved a special case of the collusion problem. In this paper we present an algorithm that solves the general case.

[1]  Catherine A. Meadows,et al.  A system for the specification and analysis of key management protocols , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[2]  Sanjoy Paul,et al.  Anonymous credit cards , 1994, CCS '94.

[3]  Giovanni Maria Sacco,et al.  Timestamps in key distribution protocols , 1981, CACM.

[4]  Roger M. Needham,et al.  Authentication revisited , 1987, OPSR.

[5]  Li Gong,et al.  Reasoning about belief in cryptographic protocols , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[6]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[7]  Jonathan K. Millen,et al.  The Interrogator A Tool for Cryptographic Protocol Security , 1984, 1984 IEEE Symposium on Security and Privacy.

[8]  Richard M. Karp,et al.  On the Security of Ping-Pong Protocols , 1982, Inf. Control..

[9]  Richard A. Kemmerer,et al.  Analyzing encryption protocols using formal verification techniques , 1989, IEEE J. Sel. Areas Commun..

[10]  J. H. Moore Protocol failures in cryptosystems , 1988, Proc. IEEE.

[11]  Steven H. Low,et al.  The use of communications networks to increase personal privacy , 1995, Proceedings of INFOCOM'95.

[12]  Steven H. Low,et al.  Modeling Cryptographic Protocols and Their Collusion Analysis , 1996, Information Hiding.

[13]  Natsume Matsuzaki,et al.  Key Distribution Protocol for Digital Mobile Communication Systems , 1989, CRYPTO.

[14]  Semyon Dukach SNPP: A simple network payment protocol , 1992, [1992] Proceedings Eighth Annual Computer Security Application Conference.

[15]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[16]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[17]  Gustavus J. Simmons,et al.  How to (Selectively) Broadcast A Secret , 1985, 1985 IEEE Symposium on Security and Privacy.