Flat and One-Variable Clauses for Single Blind Copying Protocols: The XOR Case

Authors:
Helmut Seidl;Kumar Neeraj Verma
Affiliations:
Institut für Informatik, Technische Universität München, Garching, Germany 85748;Institut für Informatik, Technische Universität München, Garching, Germany 85748
Venue:
RTA '09 Proceedings of the 20th International Conference on Rewriting Techniques and Applications
Year:
2009

Citing 13
Cited 2

Intruder Deductions, Constraint Solving and Insecurity Decision in Presence of Exclusive or

LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
An NP Decision Procedure for Protocol Insecurity with XOR

LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules

CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Protocol Insecurity with Finite Number of Sessions is NP-Complete

CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A survey of algebraic properties used in cryptographic protocols

Journal of Computer Security
Flat and one-variable clauses: Complexity of verifying cryptographic protocols with single blind copying

ACM Transactions on Computational Logic (TOCL)
Reducing protocol analysis with XOR to the XOR-free case in the horn theory based approach

Proceedings of the 15th ACM conference on Computer and communications security
New decidability results for fragments of first-order logic and application to cryptographic protocols

RTA'03 Proceedings of the 14th international conference on Rewriting techniques and applications
Two-way equational tree automata for AC-like theories: decidability and closure properties

RTA'03 Proceedings of the 14th international conference on Rewriting techniques and applications
Automatic analysis of the security of XOR-based key management schemes

TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
Security properties: two agents are sufficient

ESOP'03 Proceedings of the 12th European conference on Programming
On the complexity of equational horn clauses

CADE' 20 Proceedings of the 20th international conference on Automated Deduction
Alternation in equational tree automata modulo XOR

FSTTCS'04 Proceedings of the 24th international conference on Foundations of Software Technology and Theoretical Computer Science

Reducing Protocol Analysis with XOR to the XOR-Free Case in the Horn Theory Based Approach

Journal of Automated Reasoning
YAPA: A Generic Tool for Computing Intruder Knowledge

ACM Transactions on Computational Logic (TOCL)

Quantified Score

Hi-index	0.00

Visualization

Abstract

In cryptographic protocols with the single blind copying restriction, at most one piece of unknown data is allowed to be copied in each step of the protocol. The secrecy problem for such protocols can be modeled as the satisfiability problem for the class of first-order Horn clauses called flat and one-variable Horn clauses, and is known to be DEXPTIME-complete. We show that when an XOR operator is additionally present, then the secrecy problem is decidable in 3-EXPTIME. We also note that replacing XOR by the theory of associativity-commutativity or by the theory of Abelian groups, or removing some of the syntactic restrictions on the clauses, leads to undecidability.