Decidability of the purely existential fragment of the theory of term algebras
Journal of the ACM (JACM)
Handbook of theoretical computer science (vol. B)
Unification in the union of disjoint equational theories: combining decision procedures
Journal of Symbolic Computation
Constraint solving for bounded-process cryptographic protocol analysis
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
On the symbolic reduction of processes with cryptographic functions
Theoretical Computer Science
Automatic SAT-Compilation of Protocol Insecurity Problems via Reduction to Planning
FORTE '02 Proceedings of the 22nd IFIP WG 6.1 International Conference Houston on Formal Techniques for Networked and Distributed Systems
A Meta-Notation for Protocol Analysis
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
A Tool for Lazy Verification of Security Protocols
Proceedings of the 16th IEEE international conference on Automated software engineering
Protocol Insecurity with Finite Number of Sessions is NP-Complete
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A decision procedure for the verification of security protocols with explicit destructors
Proceedings of the 11th ACM conference on Computer and communications security
On the Relationship Between Web Services Security and Traditional Protocols
Electronic Notes in Theoretical Computer Science (ENTCS)
Deciding key cycles for security protocols
LPAR'06 Proceedings of the 13th international conference on Logic for Programming, Artificial Intelligence, and Reasoning
LPAR'05 Proceedings of the 12th international conference on Logic for Programming, Artificial Intelligence, and Reasoning
Protocol analysis in Maude-NPA using unification modulo homomorphic encryption
Proceedings of the 13th international ACM SIGPLAN symposium on Principles and practices of declarative programming
Hi-index | 0.00 |
Many analysis techniques and decidability results have been obtained for cryptographic protocols. However all of them consider protocols with limited procedures for the processing of messages by agents or intruders: Information expected in a protocol message has to be located at a fixed position. However this is too restrictive for instance to model web-service protocols where messages are XML semi-structured documents and where significant information (name, signature, ...) has to be extracted from some nodes occurring at flexible positions. Therefore we extend the standard Dolev Yao intruder model by a subterm predicate that allows one to express a larger class of protocols that employs data extraction by subterm matching. This also allows one to detect socalled rewriting attacks that are specific to web-services. In particular we show that protocol insecurity is decidable with complexity NP for finite sessions in this new model. The proof is not a consequence of the standard finite sessions case; on the contrary, it provides also a new short proof for this case.