On the Automatic Analysis of Recursive Security Protocols with XOR

Küsters, Ralf; Truderung, Tomasz

doi:10.1007/978-3-540-70918-3_55

Ralf Küsters¹ &
Tomasz Truderung²

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 4393))

Included in the following conference series:

Annual Symposium on Theoretical Aspects of Computer Science

1121 Accesses
8 Citations

Abstract

In many security protocols, such as group protocols, principals have to perform iterative or recursive computations. We call such protocols recursive protocols. Recently, first results on the decidability of the security of such protocols have been obtained. While recursive protocols often employ operators with algebraic, security relevant properties, such as the exclusive OR (XOR), the existing decision procedures, however, cannot deal with such operators and their properties. In this paper, we show that the security of recursive protocols with XOR is decidable (w.r.t. a bounded number of sessions) for a class of protocols in which recursive computations of principals are modeled by certain Horn theories. Interestingly, this result can be obtained by a reduction to the case without XOR. We also show that relaxing certain assumptions of our model lead to undecidability.

This work was partially supported by the DFG under grant KU 1434/4-1.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Bull, J.A., Otway, D.J.: The authentication protocol. Technical Report DRA/CIS3/PROJ/CORBA/SC/1/CSM/436-04/03, Defence Research Agency, Malvern, UK (1997)
Google Scholar
Chevalier, Y., et al.: An NP Decision Procedure for Protocol Insecurity with XOR. In: LICS 2003, pp. 261–270. IEEE Computer Society Press, Los Alamitos (2003)
Google Scholar
Chevalier, Y., et al.: Deciding the Security of Protocols with Diffie-Hellman Exponentiation and Products in Exponents. In: Pandya, P.K., Radhakrishnan, J. (eds.) FSTTCS 2003. LNCS, vol. 2914, pp. 124–135. Springer, Heidelberg (2003)
Google Scholar
Chevalier, Y., et al.: Deciding the Security of Protocols with Commuting Public Key Encryption. ENTCS 125(1), 55–66 (2005)
Google Scholar
Comon-Lundh, H., Cortier, V.: New Decidability Results for Fragments of First-order Logic and Application to Cryptographic Protocols. In: Nieuwenhuis, R. (ed.) RTA 2003. LNCS, vol. 2706, pp. 148–164. Springer, Heidelberg (2003)
Chapter Google Scholar
Comon-Lundh, H., Shmatikov, V.: Intruder deductions, constraint solving and insecurity decision in presence of exclusive or. In: LICS 2003, pp. 271–280. IEEE Computer Society Press, Los Alamitos (2003)
Google Scholar
Cortier, V., Delaune, S., Lafourcade, P.: A survey of algebraic properties used in cryptographic protocols. Journal of Computer Security 14(1), 1–43 (2006)
Google Scholar
Küsters, R.: On the Decidability of Cryptographic Protocols with Open-ended Data Structures. International Journal of Information Security 4(1–2), 49–70 (2005)
Article Google Scholar
Küsters, R., Truderung, T.: On the Automatic Analysis of Recursive Security Protocols with XOR. Technial Report (2007), Available from http://people.inf.ethz.ch/kuestral/publications_html/KuestersTruderung-TR-STACS-2007.pdf
Küsters, R., Wilke, T.: Automata-based Analysis of Recursive Cryptographic Protocols. In: Diekert, V., Habib, M. (eds.) STACS 2004. LNCS, vol. 2996, pp. 382–393. Springer, Heidelberg (2004)
Google Scholar
Paulson, L.C.: Mechanized Proofs for a Recursive Authentication Protocol. In: CSFW-10, pp. 84–95. IEEE Computer Society Press, Los Alamitos (1997)
Google Scholar
Pereira, O., Quisquater, J.-J.: A Security Analysis of the Cliques Protocols Suites. In: CSFW-14, pp. 73–81. IEEE Computer Society Press, Los Alamitos (2001)
Google Scholar
Ryan, P.Y.A., Schneider, S.A.: An Attack on a Recursive Authentication Protocol. Information Processing Letters 65(1), 7–10 (1998)
Article Google Scholar
Shmatikov, V.: Decidable Analysis of Cryptographic Protocols with Products and Modular Exponentiation. In: Schmidt, D. (ed.) ESOP 2004. LNCS, vol. 2986, pp. 355–369. Springer, Heidelberg (2004)
Google Scholar
Truderung, T.: Selecting theories and recursive protocols. In: Abadi, M., de Alfaro, L. (eds.) CONCUR 2005. LNCS, vol. 3653, pp. 217–232. Springer, Heidelberg (2005)
Chapter Google Scholar
Verma, K.N., Seidl, H., Schwentick, T.: On the complexity of equational horn clauses. In: Lodaya, K., Mahajan, M. (eds.) FSTTCS 2004. LNCS, vol. 3328, pp. 337–352. Springer, Heidelberg (2004)
Google Scholar

Download references

Author information

Authors and Affiliations

ETH Zurich,
Ralf Küsters
University of Kiel and Wrocław University,
Tomasz Truderung

Authors

Ralf Küsters
View author publications
You can also search for this author in PubMed Google Scholar
Tomasz Truderung
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Wolfgang Thomas Pascal Weil

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Küsters, R., Truderung, T. (2007). On the Automatic Analysis of Recursive Security Protocols with XOR. In: Thomas, W., Weil, P. (eds) STACS 2007. STACS 2007. Lecture Notes in Computer Science, vol 4393. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-70918-3_55

Download citation

DOI: https://doi.org/10.1007/978-3-540-70918-3_55
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-70917-6
Online ISBN: 978-3-540-70918-3
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics