Strand spaces: proving security protocols correct
Journal of Computer Security
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Constraint solving for bounded-process cryptographic protocol analysis
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
On the symbolic reduction of processes with cryptographic functions
Theoretical Computer Science
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
An Improved Constraint-Based System for the Verification of Security Protocols
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
Protocol insecurity with a finite number of sessions and composed keys is NP-complete
Theoretical Computer Science
Multiset rewriting and the complexity of bounded security protocols
Journal of Computer Security
An NP decision procedure for protocol insecurity with XOR
Theoretical Computer Science
The Insecurity Problem: Tackling Unbounded Data
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
ACM Transactions on Computational Logic (TOCL)
Complexity of Checking Freshness of Cryptographic Protocols
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Deciding the Security of Protocols with Commuting Public Key Encryption
Electronic Notes in Theoretical Computer Science (ENTCS)
Hi-index | 0.00 |
We improve the NP proof for the insecurity problem, partly motivated by an error in the NP proof of the influential paper "Protocol insecurity with a finite number of sessions and composed keys is NP-complete" by Rusinowitch and Turuani [1]. We enhance several different aspects of the proofs with a complete presentation, and we prove stronger results that fix the non-trivial error. Besides fixing the error, our proof framework has reusable structure and proves several results that are neither covered nor proved in [1] and its sequels, including the important fact that the attacker does not need to generate nonces in an attack, which the proof of [1] relies on. We show a sharper result that the complexity of the derivation problem is in square time. Furthermore, we extend the scope of the NP complexity to cover the scenarios where a fixed number of role instances are assumed, and delayed decryption is allowed. These are new results since the NP result of assuming a fixed number of role instances does not seem to be obtainable by a reduction from the NP result of assuming a fixed number of sessions, and [1] and its sequels cannot handle delayed decryption.