Symbolic protocol analysis with an abelian group operator or DiffieHellman exponentiation

Symbolic protocol analysis with an abelian group operator or DiffieHellman exponentiation (2005)

Cached

Download Links

by Jonathan Millen , Vitaly Shmatikov

Venue:	Journal of Computer Security
Citations:	13 - 0 self

BibTeX

@ARTICLE{Millen05symbolicprotocol,
    author = {Jonathan Millen and Vitaly Shmatikov},
    title = {Symbolic protocol analysis with an abelian group operator or DiffieHellman exponentiation},
    journal = {Journal of Computer Security},
    year = {2005},
    pages = {515--564}
}

Years of Citing Articles

Bookmark

OpenURL

Abstract

We demonstrate that for any well-defined cryptographic protocol, the symbolic trace reachability problem in the presence of an Abelian group operator (e.g., multiplication) can be reduced to solvability of a decidable system of quadratic Diophantine equations. This result enables complete, fully automated formal analysis of protocols that employ primitives such as Diffie-Hellman exponentiation, multiplication, and xor, with a bounded number of role instances, but without imposing any bounds on the size of terms created by the attacker. 1

Citations

872	On the security of public key protocols - Dolev, Yao - 1983
181	Unification theory - Baader, Snyder - 2001
155	Diffie-Hellman Key Distribution Extended to Group Communication - Steiner, Tsudik, et al. - 1996
123	Protocol Insecurity with Finite Number of Sessions and Composed Keys is NP-complete - Rusinowitch, Turuani
111	Undecidability of bounded security protocols - Durgin, Lincoln, et al. - 1999
78	An np decision procedure for protocol insecurity with xor. Theor - Chevalier, Küsters, et al.
78	Symbolic trace analysis of cryptographic protocols - Boreale - 2001
66	Intruder deductions, constraint solving and insecurity decision in presence of exclusive or - Comon-Lundh, Shmatikov - 2003
65	Tree automata with one memory, set constraints and cryptographic protocols - Comon, Cortier - 2005
58	Mechanized proofs for a recursive authentication protocol - Paulson - 1997
54	Computing symbolic models for verifying cryptographic protocols, in: 14th Computer Security Foundations Workshop (CSFW-14 - Fiore, Abadi
54	A Security Analysis of the Cliques Protocols Suites - Pereira, Quisquater - 2001
47	An improved constraint-based system for the verification of security protocols - Corin, Etalle - 2002
46	Deciding the Security of Protocols with Diffie-Hellman Exponentiation and Products in Exponents - Chevalier, Küsters, et al. - 2003
31	An Attack on a Recursive Authentication Protocol. A Cautionary Tale - Ryan, Schneider - 1998
22	A unification algorithm for the group DiffieHellman protocol - Meadows, Narendran
17	Reconciling two views of cryptography - Abadi, Rogaway - 2000
17	An E-unification algorithm for analyzing protocols that use modular exponentiation - Kapur, Narendran, et al. - 2003
12	Decidable analysis of cryptographic protocols with products and modular exponentiation - Shmatikov - 2004
10	Unification in a combination of arbitrary disjoint equational theories - Schmidt-Schauss - 1989
8	On the freedom of decryption - Millen - 2003
8	Constraint solving for bounded process cryptographic protocol analysis - Millen, Shmatikov - 2001
5	An efficient algorithm for solving systems of Diophantine equations - Contejean, Devie - 1994
3	A unification algorithm for analysis of protocols with blinded signatures - Kapur, Narendran, et al. - 2002
2	Introducing commutative and associative operators in cryptographic protocol analysis - Bertolotti, Durante, et al. - 2003
2	Adventures in associative-communtative unification - Lincoln, Christian - 1989
1	23rd International Conference on Formal Techniques for Networked and Distributed Systems (FORTE ’03), volume 2767 - Basin, Mödersheim, et al. - 2003
1	40 [MN02] [MS01] [Pau97 - Computation - 1989
1	PQ01] [RS98] [RT01] [Shm04] [Son99] [SS89] [STW96] [THG99 - Security - 1998