Verification of Security Protocols with a Bounded Number of Sessions Based on Resolution for Rigid Variables

Authors:
Reynald Af Feldt;Hubert Comon-Lundh
Affiliations:
Research Center for Information Security (RCIS), National Institute of Advanced Industrial Science and Technology (AIST),;Research Center for Information Security (RCIS), National Institute of Advanced Industrial Science and Technology (AIST),
Venue:
Formal to Practical Security
Year:
2009

Citing 13
Cited 0

Rewrite systems

Handbook of theoretical computer science (vol. B)
Theorem Proving via General Matings

Journal of the ACM (JACM)
Towards an Automatic Analysis of Security Protocols in First-Order Logic

CADE-16 Proceedings of the 16th International Conference on Automated Deduction: Automated Deduction
Resolution decision procedures

Handbook of automated reasoning
Protocol insecurity with a finite number of sessions and composed keys is NP-complete

Theoretical Computer Science
Intruder Deductions, Constraint Solving and Insecurity Decision in Presence of Exclusive or

LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
An NP Decision Procedure for Protocol Insecurity with XOR

LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
A Meta-Notation for Protocol Analysis

CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules

CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Security properties: two agents are sufficient

Science of Computer Programming - Special issue on 12th European symposium on programming (ESOP 2003)
Reconstruction of Attacks against Cryptographic Protocols

CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Deciding security properties for cryptographic protocols. application to key cycles

ACM Transactions on Computational Logic (TOCL)
Protocol verification via rigid/flexible resolution

LPAR'07 Proceedings of the 14th international conference on Logic for programming, artificial intelligence and reasoning

Quantified Score

Hi-index	0.00

Visualization

Abstract

First-order logic resolution is a standard way to automate the verification of security protocols. However, it sometimes fails to produce security proofs for secure protocols because of the detection of false attacks. For the verification of a bounded number of sessions, false attacks can be avoided by introducing rigid variables. Unfortunately, this yields complicated resolution procedures. We show here that there is a simple translation of the security problem for a bounded number of sessions into first-order logic, that does not introduce false attacks. This is shown by translating clauses involving rigid variables into classical first-order clauses, while preserving satisfiability. We illustrate this approach by giving a complete and terminating strategy for a first-order logic fragment resulting from the above translation, that yields a decision procedure for a bounded number of sessions.