Skip to main content
SpringerLink
Log in

Bounding Messages for Free in Security Protocols

  • Conference paper
FSTTCS 2007: Foundations of Software Technology and Theoretical Computer Science (FSTTCS 2007)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 4855))

Abstract

The verification of security protocols has been proven to be undecidable in general. Different approaches use simplifying hypotheses in order to obtain decidability for interesting subclasses. Amongst the most common is type abstraction, i.e. considering only well-typed runs, therefore bounding message length. In this paper, we show how to get message boundedness “for free” under a reasonable (syntactic) assumption on protocols, which we call well-formedness. This enables us to improve existing decidability results.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Arapinis, M., Duflot, M.: Bounding messages for free in security protocols (extended version) (2007), http://www.arapinis.org/publications/fsttcs07ext.pdf

  2. Blanchet, B., Podelski, A.: Verification of cryptographic protocols: Tagging enforces termination. TCS: Theoretical Computer Science 333 (2005)

    Google Scholar 

  3. Comon, H., Cortier, V.: Tree automata with one memory, set constraints and cryptographic protocols. Research Report LSV-01-13, Laboratoire Spécification et Vérification, ENS Cachan, France, p. 98 (2001)

    Google Scholar 

  4. Cortier, V., Delaître, J., Delaune, S.: Safely composing security protocols. In: Arvind, V., Prasad, S. (eds.) FSTTCS 2007. LNCS, vol. 4855, Springer, Heidelberg (2007)

    Google Scholar 

  5. Clark, J.A., Jacob, J.L.: A survey of authentication protocol literature (1997)

    Google Scholar 

  6. Chevalier, Y., Küsters, R., Rusinowitch, M., Turuani, M., Vigneron, L.: Extending the Dolev-Yao intruder for analyzing an unbounded number of sessions. In: Baaz, M., Makowsky, J.A. (eds.) CSL 2003. LNCS, vol. 2803, pp. 128–141. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  7. Cortier, V., Zalinescu, E.: Deciding key cycles for security protocols. In: Hermann, M., Voronkov, A. (eds.) LPAR 2006. LNCS (LNAI), vol. 4246, pp. 317–331. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  8. Durgin, N., Lincoln, P., Mitchell, J., Scedrov, A.: Undecidability of bounded security protocols. In: Proc. Work. on Formal Methods and Security Protocols (FMSP) (1999)

    Google Scholar 

  9. Heather, J., Lowe, G., Schneider, S.: How to prevent type flaw attacks on security protocols. Journal of Computer Security 11(2), 217–244 (2003)

    Google Scholar 

  10. Lowe, G.: Towards a completeness result for model checking of security protocols. Journal of Computer Security 7(1) (1999)

    Google Scholar 

  11. Li, Y., Yang, W., Huang, C.-W.: Preventing type flaw attacks on security protocols with a simplified tagging scheme. In: ISICT 2004. Proc. Int. symp. on Information and communication technologies, Trinity College Dublin, pp. 244–249 (2004)

    Google Scholar 

  12. Millen, J.K., Shmatikov, V.: Constraint solving for bounded-process cryptographic protocol analysis. In: Proc. 8th ACM Conf. on Computer and Communications Security, pp. 166–175. ACM Press, New York (2001)

    Google Scholar 

  13. Ramanujam, R., Suresh, S.P.: A decidable subclass of unbounded security protocols. In: Proc. Work. on Issues in the Theory of Security (WITS 2003) (2003)

    Google Scholar 

  14. Ramanujam, R., Suresh, S.P.: Tagging makes secrecy decidable with unbounded nonces as well. In: Pandya, P.K., Radhakrishnan, J. (eds.) FST TCS 2003. LNCS, vol. 2914, Springer, Heidelberg (2003)

    Google Scholar 

  15. Rusinowitch, M., Turuani, M.: Protocol insecurity with finite number of sessions is NP-complete. In: CSFW 2001. Proc. 14th IEEE work. on Computer Security Foundations, p. 174. IEEE Computer Society Press, Los Alamitos (2001)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LACL - University Paris 12, France

    Myrto Arapinis & Marie Duflot

Authors
  1. Myrto Arapinis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marie Duflot
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

V. Arvind Sanjiva Prasad

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Arapinis, M., Duflot, M. (2007). Bounding Messages for Free in Security Protocols. In: Arvind, V., Prasad, S. (eds) FSTTCS 2007: Foundations of Software Technology and Theoretical Computer Science. FSTTCS 2007. Lecture Notes in Computer Science, vol 4855. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77050-3_31

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-77050-3_31

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-77049-7

  • Online ISBN: 978-3-540-77050-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation