Tagging Makes Secrecy Decidable with Unbounded Nonces as Well

Tagging schemes have been used in security protocols to ensure that the analysis of such protocols can work with messages of bounded length. When the set of nonces is bounded, this leads to decidability of secrecy. In this paper, we show that tagging schemes can be used to obtain decidability of secrecy even in the presence of unboundedly many nonces.

[1]  Michaël Rusinowitch,et al.  Protocol insecurity with finite number of sessions is NP-complete , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[2]  John Mitchell,et al.  Tree Automata with One Memory, Set Constraints, and Ping-Pong Protocols , 2001, ICALP.

[3]  John A. Clark,et al.  A survey of authentication protocol literature: Version 1.0 , 1997 .

[4]  Gavin Lowe,et al.  Towards a completeness result for model checking of security protocols , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).

[5]  Véronique Cortier,et al.  New Decidability Results for Fragments of First-Order Logic and Application to Cryptographic Protocols , 2003, RTA.

[6]  Robin Milner,et al.  On Observing Nondeterminism and Concurrency , 1980, ICALP.

[7]  Andreas Podelski,et al.  Verification of cryptographic protocols: tagging enforces termination , 2003, Theor. Comput. Sci..

[8]  J. Doug Tygar,et al.  A model for secure protocols and their compositions , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[9]  Roberto M. Amadio,et al.  On the symbolic reduction of processes with cryptographic functions , 2001, LACPV@CAV.

[10]  John C. Mitchell,et al.  Undecidability of bounded security protocols , 1999 .

[11]  Lawrence C. Paulson,et al.  The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..

[12]  Vitaly Shmatikov,et al.  Constraint solving for bounded-process cryptographic protocol analysis , 2001, CCS '01.

[13]  Gavin Lowe,et al.  How to prevent type flaw attacks on security protocols , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[14]  Richard M. Karp,et al.  On the Security of Ping-Pong Protocols , 1982, Information and Control.