Handbook of theoretical computer science (vol. B)
Automatic recognition of tractability in inference relations
Journal of the ACM (JACM)
Term rewriting and all that
Intruder Deductions, Constraint Solving and Insecurity Decision in Presence of Exclusive or
LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
An NP Decision Procedure for Protocol Insecurity with XOR
LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
Protocol Insecurity with Finite Number of Sessions is NP-Complete
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Easy intruder deduction problems with homomorphisms
Information Processing Letters
A survey of algebraic properties used in cryptographic protocols
Journal of Computer Security
Symbolic protocol analysis in presence of a homomorphism operator and exclusive or
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Intruder deduction for AC-like equational theories with homomorphisms
RTA'05 Proceedings of the 16th international conference on Term Rewriting and Applications
Efficient decision procedures for message deducibility and static equivalence
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Hi-index | 0.00 |
The first step in the verification of cryptographic protocols is to decide the intruder deduction problem, that is the vulnerability to a so-called passive attacker. We extend the Dolev-Yao model in order to model this problem in presence of the equational theory of a commutative encryption operator which distributes over the exclusive-or operator. The interaction between the commutative distributive law of the encryption and exclusive-or offers more possibilities to decrypt an encrypted message than in the non-commutative case, which imply a more careful analysis of the proof system. We prove decidability of the intruder deduction problem for a commutative encryption which distributes over exclusive-or with a DOUBLE-EXP-TIME procedure. And we obtain that this problem is EXPSPACE-hard in the binary case.