Satis ability of General Intruder Constraints with and without a Set Constructor

Many decision problems on security protocols can be reduced to solving deduction constraints expressing whether an instance of a given message pattern can be constructed by the intruder. Most constraint solving procedures for protocol security rely on two properties of constraint systems called monotonicity and variable-origination. In this work we relax these restrictions by giving a decision procedure for solving general intruder constraints (that do not have these properties) that stays in NP. The result is also valid modulo an associative, commutative and idempotent theory. The procedure can be applied to verify security protocols in presence of multiple intruders.

[1]  Roberto M. Amadio,et al.  On the Reachability Problem in Cryptographic Protocols , 2000, CONCUR.

[2]  Yannick Chevalier,et al.  Combining Intruder Theories , 2005, ICALP.

[3]  Sergiu Bursuc Contraintes de déductibilité dans une algèbre quotient : réduction de modèles et applications à la sécurité , 2009 .

[4]  Catherine A. Meadows,et al.  Sound Approximations to Diffie-Hellman Using Rewrite Rules , 2004, ICICS.

[5]  Ramaswamy Ramanujam,et al.  A dexptime-Complete Dolev-Yao Theory with Distributive Encryption , 2010, MFCS.

[6]  Stéphanie Delaune,et al.  Associative-Commutative Deducibility Constraints , 2007, STACS.

[7]  Pascal Lafourcade,et al.  Verifiability in e-Auction protocols & Brandt's protocol revisited , 2013 .

[8]  Michaël Rusinowitch,et al.  Protocol insecurity with a finite number of sessions, composed keys is NP-complete , 2003, Theor. Comput. Sci..

[9]  Vitaly Shmatikov,et al.  Constraint solving for bounded-process cryptographic protocol analysis , 2001, CCS '01.

[10]  Yannick Chevalier,et al.  Distributed Orchestration of Web Services under Security Constraints , 2011, DPM/SETOP.

[11]  Yannick Chevalier,et al.  Symbolic protocol analysis in the union of disjoint intruder theories: Combining decision procedures , 2010, Theor. Comput. Sci..

[12]  Paul Syverson,et al.  Dolev-Yao is no better than Machiavelli , 2000 .

[13]  Flemming Nielson,et al.  Lazy Mobile Intruders , 2013, POST.

[14]  Véronique Cortier,et al.  Decidability and Combination Results for Two Notions of Knowledge in Security Protocols , 2012, Journal of Automated Reasoning.

[15]  Joshua D. Guttman How to do Things with Cryptographic Protocols , 2007, ASIAN.

[16]  Bruno Blanchet,et al.  Automatic verification of correspondences for security protocols , 2008, J. Comput. Secur..

[17]  Sebastian Mödersheim,et al.  OFMC: A symbolic model checker for security protocols , 2005, International Journal of Information Security.

[18]  Mathieu Baudet,et al.  Deciding security of protocols against off-line guessing attacks , 2005, CCS '05.

[19]  Mathieu Turuani,et al.  The CL-Atse Protocol Analyser , 2006, RTA.

[20]  Marius Minea,et al.  Bridging Dolev-Yao Adversaries and Control Systems with Time-Sensitive Channels , 2013, CRITIS.

[21]  Sebastian Mödersheim,et al.  Algebraic Intruder Deductions , 2005, LPAR.

[22]  Yannick Chevalier,et al.  Towards an Automatic Analysis of Web Service Security , 2007, FroCoS.

[23]  Yannick Chevalier,et al.  Deciding the Security of Protocols with Diffie-Hellman Exponentiation and Products in Exponents , 2003, FSTTCS.

[24]  Véronique Cortier,et al.  A survey of algebraic properties used in cryptographic protocols , 2006, J. Comput. Secur..

[25]  Cas J. F. Cremers,et al.  The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols , 2008, CAV.

[26]  Iliano Cervesato Advances in Computer Science - ASIAN 2007. Computer and Network Security, 12th Asian Computing Science Conference, Doha, Qatar, December 9-11, 2007, Proceedings , 2007, ASIAN.

[27]  Laurent Mazaré Satisfiability of Dolev-Yao Constraints , 2005, Electron. Notes Theor. Comput. Sci..

[28]  Daniel J. Dougherty,et al.  An Algebra for Symbolic Diffie-Hellman Protocol Analysis , 2012, TGC.

[29]  Vitaly Shmatikov,et al.  Intruder deductions, constraint solving and insecurity decision in presence of exclusive or , 2003, 18th Annual IEEE Symposium of Logic in Computer Science, 2003. Proceedings..

[30]  Ralf Küsters,et al.  Reducing protocol analysis with XOR to the XOR-free case in the horn theory based approach , 2008, CCS.

[31]  Maria-Camilla Fiazza,et al.  An environmental paradigm for defending security protocols , 2012, 2012 International Conference on Collaboration Technologies and Systems (CTS).

[32]  Shuvendu K. Lahiri,et al.  Predicate abstraction with indexed predicates , 2004, TOCL.

[33]  Vitaly Shmatikov,et al.  Decidable Analysis of Cryptographic Protocols with Products and Modular Exponentiation , 2004, ESOP.

[34]  Alessandro Armando,et al.  SATMC: A SAT-Based Model Checker for Security-Critical Systems , 2014, TACAS.

[35]  Tigran Avanesov,et al.  Resolution of constraint systems for automatic composition of security-aware Web Services. (Résolution de contraintes de déductibilité. Application à la composition de services Web sécurisés) , 2011 .

[36]  José Meseguer,et al.  Protocol analysis in Maude-NPA using unification modulo homomorphic encryption , 2011, PPDP.

[37]  Yannick Chevalier,et al.  An NP decision procedure for protocol insecurity with XOR , 2003, 18th Annual IEEE Symposium of Logic in Computer Science, 2003. Proceedings..

[38]  Luca Viganò,et al.  Protocol insecurity with a finite number of sessions and a cost-sensitive guessing intruder is NP-complete , 2014, Theor. Comput. Sci..

[39]  Stéphanie Delaune Vérification des protocoles cryptographiques et propriétés algébriques , 2006 .

[40]  Marie Duflot,et al.  Bounding Messages for Free in Security Protocols , 2007, FSTTCS.

[41]  Pascal Lafourcade,et al.  Symbolic Protocol Analysis for Monoidal Equational Theories Symbolic Protocol Analysis for Monoidal Equational Theories , 2006 .

[42]  Catherine A. Meadows Theorem Proving and Security , 2011, Encyclopedia of Cryptography and Security.

[43]  Luca Viganò Automated validation of trust and security of service-oriented architectures with the AVANTSSAR platform , 2012, 2012 International Conference on High Performance Computing & Simulation (HPCS).

[44]  Zhiqiang Liu,et al.  Efficient General Unification for XOR with Homomorphism , 2011, CADE.

[45]  Yannick Chevalier,et al.  Satisfiability of general intruder constraints with a set constructor , 2010, 2010 Fifth International Conference on Risks and Security of Internet and Systems (CRiSIS).

[46]  Tobias Nipkow,et al.  Term rewriting and all that , 1998 .

[47]  Yannick Chevalier,et al.  Complexity results for security protocols with Diffie-Hellman exponentiation and commuting public key encryption , 2008, TOCL.

[48]  Paliath Narendran,et al.  Unification over Distributive Exponentiation (Sub)Theories , 2011, J. Autom. Lang. Comb..

[49]  Sreekanth Malladi,et al.  Soundness of Removing Cancellation Identities in Protocol Analysis under Exclusive-OR , 2011, TOSCA.