Verification of Security Protocols with a Bounded Number of Sessions Based on Resolution for Rigid Variables

  • Authors:
  • Reynald Af Feldt;Hubert Comon-Lundh

  • Affiliations:
  • Research Center for Information Security (RCIS), National Institute of Advanced Industrial Science and Technology (AIST),;Research Center for Information Security (RCIS), National Institute of Advanced Industrial Science and Technology (AIST),

  • Venue:
  • Formal to Practical Security
  • Year:
  • 2009

Quantified Score

Hi-index 0.00

Visualization

Abstract

First-order logic resolution is a standard way to automate the verification of security protocols. However, it sometimes fails to produce security proofs for secure protocols because of the detection of false attacks. For the verification of a bounded number of sessions, false attacks can be avoided by introducing rigid variables. Unfortunately, this yields complicated resolution procedures. We show here that there is a simple translation of the security problem for a bounded number of sessions into first-order logic, that does not introduce false attacks. This is shown by translating clauses involving rigid variables into classical first-order clauses, while preserving satisfiability. We illustrate this approach by giving a complete and terminating strategy for a first-order logic fragment resulting from the above translation, that yields a decision procedure for a bounded number of sessions.