Associative-commutative deducibility constraints

Associative-commutative deducibility constraints (0)

by Sergiu Bursuc, Hubert Comon-Lundh, Stéphanie Delaune

Venue:

Proceedings of the 24th Annual Symposium on Theoretical Aspects of Computer Science (STACS’07), volume 4393 of Lecture Notes in Computer Science

Add To MetaCart

Results 1 - 7 of 7

Deciding security properties of cryptographic protocols. application to key cycles

by Hubert Comon-lundh, Université Henri Poincaré - Transaction on Computational Logic

"... Application to key cycles ..."

Abstract - Cited by 3 (3 self) - Add to MetaCart

Application to key cycles

Equational cryptographic reasoning in the Maude-NRL Protocol Analyzer

by Santiago Escobar, Joe Hendrix, Catherine Meadows, José Meseguer - In Proc. of the First International Workshop on Security and Rewriting Techniques (SecReT 2006), Electronic Notes in Theoretical Computer Science. Elsevier Sciences Publisher , 2006

"... Abstract. The Maude-NRL Protocol Analyzer (Maude-NPA) is a tool and inference system for reasoning about the security of cryptographic protocols in which the cryptosystems satisfy different equational properties. It both extends and provides a formal framework for the original NRL Protocol Analyzer, ..."

Abstract - Cited by 3 (1 self) - Add to MetaCart

Abstract. The Maude-NRL Protocol Analyzer (Maude-NPA) is a tool and inference system for reasoning about the security of cryptographic protocols in which the cryptosystems satisfy different equational properties. It both extends and provides a formal framework for the original NRL Protocol Analyzer, which limited itself to an equational theory ∆ of convergent rewrite rules. In this paper we extend our framework to include theories of the form ∆ ⊎ B, where B is the theory of associativity and commutativity and ∆ is convergent modulo B. Order-sorted B-unification plays a crucial role; to obtain this functionality we describe a sort propagation algorithm that filters out unsorted B-unifiers provided by the CiME unification tool. We show how extensions of some of the state reduction techniques of the original NRL Protocol Analyzer can be applied in this context. We illustrate the ideas and capabilities of the Maude-NPA with an example involving the Diffie-Hellman key agreement protocol. 1

Towards an automatic analysis of web services security

by Yannick Chevalier, Denis Lugiez, Michaël Rusinowitch - IN: PROCEEDINGS OF THE 6TH INTERNATIONAL SYMPOSIUM ON THE FRONTIERS OF COMBINING SYSTEMS (FROCOS’07). LNAI , 2007

"... Web services send and receive messages in XML syntax with some parts hashed, encrypted or signed, according to the WS-Security standard. In this paper we introduce a model to formally describe the protocols that underly these services, their security properties and the rewriting attacks they might ..."

Abstract - Cited by 3 (3 self) - Add to MetaCart

Web services send and receive messages in XML syntax with some parts hashed, encrypted or signed, according to the WS-Security standard. In this paper we introduce a model to formally describe the protocols that underly these services, their security properties and the rewriting attacks they might be subject to. Unlike other protocol models (in symbolic analysis) ours can handle non-deterministic receive/send actions and unordered sequence of XML nodes. Then to detect the attacks we have to consider the services as combining multiset operators and cryptographic ones and we have to solve specific satisfiability problems in the combined theory. By non-trivial extension of the combination techniques of [3] we obtain a decision procedure for insecurity of Web services with messages built using encryption, signature, and other cryptographic primitives. This combination technique allows one to decide insecurity in a modular way by reducing the associated constraint solving problems to problems in simpler theories.