Abstract
In many security protocols, such as group protocols, principals have to perform iterative or recursive computations. We call such protocols recursive protocols. Recently, first results on the decidability of the security of such protocols have been obtained. While recursive protocols often employ operators with algebraic, security relevant properties, such as the exclusive OR (XOR), the existing decision procedures, however, cannot deal with such operators and their properties. In this paper, we show that the security of recursive protocols with XOR is decidable (w.r.t. a bounded number of sessions) for a class of protocols in which recursive computations of principals are modeled by certain Horn theories. Interestingly, this result can be obtained by a reduction to the case without XOR. We also show that relaxing certain assumptions of our model lead to undecidability.
This work was partially supported by the DFG under grant KU 1434/4-1.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bull, J.A., Otway, D.J.: The authentication protocol. Technical Report DRA/CIS3/PROJ/CORBA/SC/1/CSM/436-04/03, Defence Research Agency, Malvern, UK (1997)
Chevalier, Y., et al.: An NP Decision Procedure for Protocol Insecurity with XOR. In: LICS 2003, pp. 261–270. IEEE Computer Society Press, Los Alamitos (2003)
Chevalier, Y., et al.: Deciding the Security of Protocols with Diffie-Hellman Exponentiation and Products in Exponents. In: Pandya, P.K., Radhakrishnan, J. (eds.) FSTTCS 2003. LNCS, vol. 2914, pp. 124–135. Springer, Heidelberg (2003)
Chevalier, Y., et al.: Deciding the Security of Protocols with Commuting Public Key Encryption. ENTCS 125(1), 55–66 (2005)
Comon-Lundh, H., Cortier, V.: New Decidability Results for Fragments of First-order Logic and Application to Cryptographic Protocols. In: Nieuwenhuis, R. (ed.) RTA 2003. LNCS, vol. 2706, pp. 148–164. Springer, Heidelberg (2003)
Comon-Lundh, H., Shmatikov, V.: Intruder deductions, constraint solving and insecurity decision in presence of exclusive or. In: LICS 2003, pp. 271–280. IEEE Computer Society Press, Los Alamitos (2003)
Cortier, V., Delaune, S., Lafourcade, P.: A survey of algebraic properties used in cryptographic protocols. Journal of Computer Security 14(1), 1–43 (2006)
Küsters, R.: On the Decidability of Cryptographic Protocols with Open-ended Data Structures. International Journal of Information Security 4(1–2), 49–70 (2005)
Küsters, R., Truderung, T.: On the Automatic Analysis of Recursive Security Protocols with XOR. Technial Report (2007), Available from http://people.inf.ethz.ch/kuestral/publications_html/KuestersTruderung-TR-STACS-2007.pdf
Küsters, R., Wilke, T.: Automata-based Analysis of Recursive Cryptographic Protocols. In: Diekert, V., Habib, M. (eds.) STACS 2004. LNCS, vol. 2996, pp. 382–393. Springer, Heidelberg (2004)
Paulson, L.C.: Mechanized Proofs for a Recursive Authentication Protocol. In: CSFW-10, pp. 84–95. IEEE Computer Society Press, Los Alamitos (1997)
Pereira, O., Quisquater, J.-J.: A Security Analysis of the Cliques Protocols Suites. In: CSFW-14, pp. 73–81. IEEE Computer Society Press, Los Alamitos (2001)
Ryan, P.Y.A., Schneider, S.A.: An Attack on a Recursive Authentication Protocol. Information Processing Letters 65(1), 7–10 (1998)
Shmatikov, V.: Decidable Analysis of Cryptographic Protocols with Products and Modular Exponentiation. In: Schmidt, D. (ed.) ESOP 2004. LNCS, vol. 2986, pp. 355–369. Springer, Heidelberg (2004)
Truderung, T.: Selecting theories and recursive protocols. In: Abadi, M., de Alfaro, L. (eds.) CONCUR 2005. LNCS, vol. 3653, pp. 217–232. Springer, Heidelberg (2005)
Verma, K.N., Seidl, H., Schwentick, T.: On the complexity of equational horn clauses. In: Lodaya, K., Mahajan, M. (eds.) FSTTCS 2004. LNCS, vol. 3328, pp. 337–352. Springer, Heidelberg (2004)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer Berlin Heidelberg
About this paper
Cite this paper
Küsters, R., Truderung, T. (2007). On the Automatic Analysis of Recursive Security Protocols with XOR. In: Thomas, W., Weil, P. (eds) STACS 2007. STACS 2007. Lecture Notes in Computer Science, vol 4393. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-70918-3_55
Download citation
DOI: https://doi.org/10.1007/978-3-540-70918-3_55
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-70917-6
Online ISBN: 978-3-540-70918-3
eBook Packages: Computer ScienceComputer Science (R0)