Efficient representation of the attacker’s knowledge in cryptographic protocols analysis

This paper addresses the problem of representing the intruder’s knowledge in the formal verification of cryptographic protocols, whose main challenges are to represent the intruder’s knowledge efficiently and without artificial limitations on the structure and size of messages. The new knowledge representation strategy proposed in this paper achieves both goals and leads to practical implementation because it is incrementally computable and is easily amenable to work with various term representation languages. In addition, it handles associative and commutative term composition operators, thus going beyond the free term algebra framework. An extensive computational complexity analysis of the proposed representation strategy is included in the paper.

[1]  Adriano Valenzano,et al.  Introducing Commutative and Associative Operators in Cryptographic Protocol Analysis , 2003, FORTE.

[2]  Gavin Lowe Casper: a compiler for the analysis of security protocols , 1998 .

[3]  David Monniaux Abstracting cryptographic protocols with tree automata , 2003, Sci. Comput. Program..

[4]  Somesh Jha,et al.  Using state space exploration and a natural deduction style message derivation engine to verify security protocols , 1998, PROCOMET.

[5]  Robin Milner,et al.  A Calculus of Mobile Processes, II , 1992, Inf. Comput..

[6]  Martín Abadi,et al.  Computing symbolic models for verifying cryptographic protocols , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[7]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[8]  David A. McAllester Automatic recognition of tractability in inference relations , 1993, JACM.

[9]  Roberto M. Amadio,et al.  On the Reachability Problem in Cryptographic Protocols , 2000, CONCUR.

[10]  Vitaly Shmatikov,et al.  Symbolic protocol analysis with products and Diffie-Hellman exponentiation , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[11]  Somesh Jha,et al.  Verifying security protocols with Brutus , 2000, TSEM.

[12]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[13]  Robin Milner,et al.  A Calculus of Mobile Processes, II , 1992, Inf. Comput..

[14]  Maria Grazia Buscemi,et al.  A Framework for the Analysis of Security Protocols , 2002, CONCUR.

[15]  Michaël Rusinowitch,et al.  Protocol insecurity with finite number of sessions is NP-complete , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[16]  Sebastian Mödersheim,et al.  OFMC: A Symbolic Model-Checker for Security Protocols , 2004 .

[17]  Gavin Lowe Towards a Completeness Result for Model Checking of Security Protocols (Extended Abstract) , 1998 .

[18]  Martín Abadi,et al.  A Calculus for Cryptographic Protocols: The spi Calculus , 1999, Inf. Comput..

[19]  D. Prawitz Natural Deduction: A Proof-Theoretical Study , 1965 .

[20]  Lawrence C. Paulson,et al.  The Inductive Approach to Verifying Cryptographic Protocols , 2021, J. Comput. Secur..

[21]  Vitaly Shmatikov,et al.  Constraint solving for bounded-process cryptographic protocol analysis , 2001, CCS '01.

[22]  Somesh Jha,et al.  A model checker for authentication protocols , 1997 .

[23]  Yannick Chevalier,et al.  An NP decision procedure for protocol insecurity with XOR , 2005, Theor. Comput. Sci..

[24]  Michele Boreale,et al.  Symbolic Trace Analysis of Cryptographic Protocols , 2001, ICALP.

[25]  Steve A. Schneider Verifying Authentication Protocols in CSP , 1998, IEEE Trans. Software Eng..

[26]  Adriano Valenzano,et al.  Automatic testing equivalence verification of spi calculus specifications , 2003, TSEM.

[27]  Rocco De Nicola,et al.  Proof techniques for cryptographic processes , 1999, Proceedings. 14th Symposium on Logic in Computer Science (Cat. No. PR00158).

[28]  Vitaly Shmatikov,et al.  Intruder deductions, constraint solving and insecurity decision in presence of exclusive or , 2003, 18th Annual IEEE Symposium of Logic in Computer Science, 2003. Proceedings..

[29]  Gavin Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[30]  Adriano Valenzano,et al.  A New Knowledge Representation Strategy for Cryptographic Protocol Analysis , 2003, TACAS.

[31]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[32]  Gavin Lowe,et al.  Towards a completeness result for model checking of security protocols , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).

[33]  Bruno Blanchet,et al.  An efficient cryptographic protocol verifier based on prolog rules , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..