Abstract
We consider secrecy problems for cryptographic protocols modeled using Horn clauses and present general classes of Horn clauses which can be efficiently decided. Besides simplifying the methods for the class of flat and one-variable clauses introduced for modeling of protocols with single blind copying [7,25], we also generalize this class by considering k-variable clauses instead of one-variable clauses with suitable restrictions similar to those for the class \(\mathcal{S^{+}}\). This class allows to conveniently model protocols with joint blind copying. We show that for a fixed k, our new class can be decided in DEXPTIME, as in the case of one variable.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Spore: Security protocol open repository. Available at http://www.lsv.ens-cachan.fr/spore/
Blanchet, B.: An efficient cryptographic protocol verifier based on Prolog rules. In: 14th IEEE Computer Security Foundations Workshop (CSFW’01), Cape Breton, Nouvelle-Écosse, Canada, pp. 82–96. IEEE Computer Society Press, Los Alamitos (2001)
Blanchet, B.: Security protocols: From linear to classical logic by abstract interpretation. Information Processing Letters 95(5), 473–479 (2005)
Blanchet, B., Podelski, A.: Verification of cryptographic protocols: Tagging enforces termination. Theoretical Computer Science 333(1-2), 67–90 (2005)
Comon, H., Cortier, V.: Tree automata with one memory, set constraints and cryptographic protocols. Theoretical Computer Science 331(1), 143–214 (2005)
Comon, H., et al.: Tree automata techniques and applications (1997), http://www.grappa.univ-lille3.fr/tata
Comon-Lundh, H., Cortier, V.: New decidability results for fragments of first-order logic and application to cryptographic protocols. In: Nieuwenhuis, R. (ed.) RTA 2003. LNCS, vol. 2706, pp. 148–164. Springer, Heidelberg (2003)
Comon-Lundh, H., Cortier, V.: Security properties: Two agents are sufficient. In: Degano, P. (ed.) ESOP 2003 and ETAPS 2003. LNCS, vol. 2618, pp. 99–113. Springer, Heidelberg (2003)
Cortier, V.: Vérification Automatique des Protocoles Cryptographiques. PhD thesis, ENS Cachan, France (2003)
Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Transactions on Information Theory 29(2), 198–208 (1983)
Fermüller, C., et al.: Resolution Decision Procedures. In: Robinson, J.A., Voronkov, A. (eds.) Handbook of Automated Reasoning, pp. 1791–1849. North-Holland, Amsterdam (2001)
Frühwirth, T., et al.: Logic programs as types for logic programs. In: 6th Annual IEEE Symposium on Logic in Computer Science (LICS’91), Amsterdam, The Netherlands, July 1991, IEEE Computer Society Press, Los Alamitos (1991)
Goubault-Larrecq, J.: Une fois qu’on n’a pas trouvé de preuve, comment le faire comprendre à un assistant de preuve? In: Ménissier-Morain, V. (ed.) Actes des 12èmes Journées Francophones des Langages Applicatifs (JFLA’04). INRIA, collection didactique (2004)
Goubault-Larrecq, J.: Deciding \(\mathcal{H}_1\) by resolution. Information Processing Letters 95(3), 401–408 (2005)
Goubault-Larrecq, J., Parrennes, F.: Cryptographic protocol analysis on real C code. In: Cousot, R. (ed.) VMCAI 2005. LNCS, vol. 3385, pp. 363–379. Springer, Heidelberg (2005)
Goubault-Larrecq, J., Roger, M., Verma, K.N.: Abstraction and resolution modulo AC: How to verify Diffie-Hellman-like protocols automatically. Journal of Logic and Algebraic Programming 64(2), 219–251 (2005)
Lowe, G.: An attack on the Needham-Schroeder public-key protocol. Information Processing Letters 56(3), 131–133 (1995)
Monniaux, D.: Abstracting cryptographic protocols with tree automata. In: Cortesi, A., Filé, G. (eds.) SAS 1999. LNCS, vol. 1694, pp. 149–163. Springer, Heidelberg (1999)
Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Communications of the ACM 21(12), 993–999 (1978)
Nielson, F., Nielson, H.R., Seidl, H.: Normalizable Horn clauses, strongly recognizable relations and Spi. In: Hermenegildo, M.V., Puebla, G. (eds.) SAS 2002. LNCS, vol. 2477, pp. 20–35. Springer, Heidelberg (2002)
Ramanujam, R., Suresh, S.P.: A decidable subclass of unbounded security protocols. In: Workshop on Issues in the Theory of Security (WITS’03) (2003)
Ramanujam, R., Suresh, S.P.: Tagging makes secrecy decidable with unbounded nonces as well. In: Pandya, P.K., Radhakrishnan, J. (eds.) FSTTCS 2003. LNCS, vol. 2914, pp. 363–374. Springer, Heidelberg (2003)
Robinson, J.A., Voronkov, A. (eds.): Handbook of Automated Reasoning. North-Holland, Amsterdam (2001)
Rusinowitch, M., Turuani, M.: Protocol insecurity with finite number of sessions is NP-complete. In: Pandya, P., Radhakrishnan, J. (eds.) 14th IEEE Computer Security Foundations Workshop (CSFW’01), Nova-Scotia, Canada, June 2001, IEEE Computer Society Press, Cape Breton (2001)
Seidl, H., Verma, K.N.: Flat and one-variable clauses: Complexity of verifying cryptographic protocols with single blind copying. In: Baader, F., Voronkov, A. (eds.) LPAR 2004. LNCS (LNAI), vol. 3452, pp. 79–94. Springer, Heidelberg (2005)
Weidenbach, C.: Towards an automatic analysis of security protocols. In: Ganzinger, H. (ed.) CADE 1999. LNCS (LNAI), vol. 1632, pp. 378–382. Springer, Heidelberg (1999)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer Berlin Heidelberg
About this chapter
Cite this chapter
Seidl, H., Verma, K.N. (2007). Cryptographic Protocol Verification Using Tractable Classes of Horn Clauses. In: Reps, T., Sagiv, M., Bauer, J. (eds) Program Analysis and Compilation, Theory and Practice. Lecture Notes in Computer Science, vol 4444. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71322-7_5
Download citation
DOI: https://doi.org/10.1007/978-3-540-71322-7_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-71315-9
Online ISBN: 978-3-540-71322-7
eBook Packages: Computer ScienceComputer Science (R0)