Skip to main content
SpringerLink
Log in

Complexity Problems in the Analysis of Information Systems Security

  • Conference paper
Computer Network Security (MMM-ACNS 2003)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2776))

  • 760 Accesses

Abstract

The talk is a survey of complexity problems that concern the analysis of information systems security; the latter means here mainly proving the requirements properties. Though the complexity aspects of cryptology is not a topic of the talk, some concepts and questions of this field will be discussed, as they may be useful for the development security concepts of general interest. We discuss the decidability and complexity of the analysis of cryptographic protocols, of the analysis of the problem of access to information systems and the complexity of detection of some types of attacks. We argue that many negative results like undecidability or high lower bounds, though of a theoretical importance, are not quite relevant to the analysis of practical systems. Some properties of realistic systems, that could be taken into account in order to try to obtain more adequate complexity results, will be discussed. Conceptual problems, like the notion of reducibility that preserves security, will be touched.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Amadio, R., Charatonik, W.: On name generation and set-based analysis in the Dolev-Yao model. In: Brim, L., Jančar, P., Křetínský, M., Kucera, A. (eds.) CONCUR 2002. LNCS, vol. 2421, pp. 499–514. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  2. Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among notions of security for public-key encryption schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 26–45. Springer, Heidelberg (1998)

    Google Scholar 

  3. Bellare, M.: Practice-oriented provable security. In: Damgård, I.B. (ed.) EEF School 1998. LNCS, vol. 1561, pp. 1–15. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  4. Bosworth, S., Kabay, M.E. (eds.): Computer Security Handbook, vol. 4. John Wiley, Chichester (2002)

    Google Scholar 

  5. Bauer, L., Ligatti, J., Walker, D.: More enforceable security policies. In: Cervesato, I. (ed): Foundations of Computer Security, volume 02-12 of DIKU technical reports (July 25–26, 95–104 (2002)

    Google Scholar 

  6. Beauquier, D., Slissenko, A.: A first order logic for specification of timed algorithms: Basic properties and a decidable class. Annals of Pure and Applied Logic 113(1–3), 13–52 (2002)

    MATH  MathSciNet  Google Scholar 

  7. Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: IEEE (ed.) 42nd IEEE Symposium on Foundations of Computer Science: proceedings, Las Vegas, Nevada, USA, 1109 Spring Street, Suite 300, Silver Spring, MD 20910, USA, October 14–17, pp. 136–145. IEEE Computer Society Press, Los Alamitos (October 2001);

    Google Scholar 

  8. Comon, H., Cortier, V.: Tree automata with one memory, set constraints and cryptographic protocols. Theoretical Computer Science (2003) (to appear)

    Google Scholar 

  9. Comon, H., Cortier, V., Mitchell, J.: Tree automata with one memory, set constraints, and ping-pong protocols. In: Orejas, F., Spirakis, P.G., van Leeuwen, J. (eds.) ICALP 2001. LNCS, vol. 2076, pp. 682–693. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  10. Comon, H., Shmatikov, V.: Is it possible to decide whether a cryptographic protocol is secure or not? (2002), Draft. 10 pages, Available at http://www.lsv.ens-cachan.fr/

  11. Dolev, D., Even, S., Karp, R.: On the security of ping-pong protocols. Information and Control 55, 57–68 (1982)

    Article  MATH  MathSciNet  Google Scholar 

  12. Durgin, N., Lincoln, P., Mitchell, J.C., Scedrov, A.: Undecidability of bounded security protocols. In: Proc. of the Workshop on Formal Methods and Security Protocols, Trento, Italy (1999)

    Google Scholar 

  13. Fournet, C., Gordon, A.D.: Stack inspection: Theory and variants. ACM Transactions on Programming Languages and Systems 25(3), 360–399 (2003)

    Article  Google Scholar 

  14. Gorodetski, V., Kotenko, I.: Attacks against computer network: Formal grammar-based framework and simulation tool. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol. 2516, pp. 219–238. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  15. Goldreich, O.: Foundations of Cryptography: Basic Tools. Cambridge University Press, Cambridge, UK, Parts of volumes 2 and 3 (drafts of Chapers 5–7) can be found oded/ (2001), at http://www.wisdom.weizman.ac.il/

  16. Hunter, J.: An information security handbook. Springer, Heidelberg (2001)

    MATH  Google Scholar 

  17. Katz, J., Yung, M.: Complete characterization of security notions for probabilistic private-key encryption. In: Proceedings of the ACM Symposium on Theory of Computing, pp. 245–254. ACM Press, New York (2000)

    Google Scholar 

  18. Lincoln, P., Mitchell, J., Mitchell, M., Scedrov, V.: A probabilistic poly-time framework for protocol analysis. In: Proceedings of the 5th ACM Conference on Computer and Communications Security, San Francisco, California, pp. 112–121. ACM Press, New York (1998)

    Chapter  Google Scholar 

  19. Necula, G.C.: Proof-carrying code. In: Proceedings of the 24th ACM Symposium on Principles of Programming Languages, Paris, France (January 1997)

    Google Scholar 

  20. Paulson, L.C.: The inductive approach to verifying cryptographic protocols. Journal of Computer Security 6(1), 85–128 (1998)

    Google Scholar 

  21. Rusinovich, M., Turuani, M.: Protocol insecurity with finite number of sessions is NP-complete. In: Proc. of the 14th Computer Security Foundations Workshop (CSFW 2001), pp. 174–190. IEEE Computer Society Press, Los Alamitos (2001)

    Chapter  Google Scholar 

  22. Schneider, F.B.: Enforceable security policies. ACM Transactions on Information and System Security 3(1), 30–50 (2000)

    Article  Google Scholar 

  23. Schneier, B.: Secrets & Lies — Digital Security in a Networked World. John Wiley & Sons, Chichester (2000)

    Google Scholar 

  24. Sheyner, O., Jha, S., Wing, J., Lippmann, R., Haines, J.: Automated generation and analysis of attack graphs. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA. IEEE Computer Society, Technical Committee on Security and Privacy, pp. 273–284. IEEE Computer Society Press, Los Alamitos (2002)

    Google Scholar 

  25. Slissenko, A.: Minimizing entropy of knowledge representation. In: Proc. of the 2nd International Conf. on Computer Science and Information Technologies, Yerevan, Armenia, National Academy of Sciences of Armenia, August 17–22, pp. 2–6 (1999)

    Google Scholar 

  26. Tel, G. (ed.): Introduction to Distributed Algorithms, 2nd edn. Cambridge University Press, Cambridge (2000)

    MATH  Google Scholar 

  27. Wagner, D., Foster, J.S., Brewer, E.A., Aiken, A.: A first step towards automated detection of buffer overrun vulnerabilities. In: Proceedings of the Symposium on Network and Distributed Systems Security (NDSS 2000), San Diego, pp. 3–17. Internet Society, San Diego (2000)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Laboratory for Algorithmics, Complexity and Logic, University Paris-1, France

    A. Slissenko

Authors
  1. A. Slissenko
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. St. Petersburg Intitute for Informaticsand Automation, 39, 14-th Liniya, 199178, St. Petersburg, Russia

    Vladimir Gorodetsky

  2. AFRL/IF, 525 Brooks Rd., 13441-4505, Rome, NY, USA

    Leonard Popyack

  3. US Air Force, Binghamton University (SUNYI), 13902, Binghamton, NY, USA

    Victor Skormin

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Slissenko, A. (2003). Complexity Problems in the Analysis of Information Systems Security. In: Gorodetsky, V., Popyack, L., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2003. Lecture Notes in Computer Science, vol 2776. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45215-7_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-45215-7_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-40797-3

  • Online ISBN: 978-3-540-45215-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation