Equational cryptographic reasoning in the Maude-NRL Protocol Analyzer (2006)
| Venue: | In Proc. of the First International Workshop on Security and Rewriting Techniques (SecReT 2006), Electronic Notes in Theoretical Computer Science. Elsevier Sciences Publisher |
| Citations: | 3 - 1 self |
BibTeX
@INPROCEEDINGS{Escobar06equationalcryptographic,
author = {Santiago Escobar and Joe Hendrix and Catherine Meadows and José Meseguer},
title = {Equational cryptographic reasoning in the Maude-NRL Protocol Analyzer},
booktitle = {In Proc. of the First International Workshop on Security and Rewriting Techniques (SecReT 2006), Electronic Notes in Theoretical Computer Science. Elsevier Sciences Publisher},
year = {2006}
}
Bookmark
 |
 |
 |
 |
 |
 |
OpenURL
Abstract
Abstract. The Maude-NRL Protocol Analyzer (Maude-NPA) is a tool and inference system for reasoning about the security of cryptographic protocols in which the cryptosystems satisfy different equational properties. It both extends and provides a formal framework for the original NRL Protocol Analyzer, which limited itself to an equational theory ∆ of convergent rewrite rules. In this paper we extend our framework to include theories of the form ∆ ⊎ B, where B is the theory of associativity and commutativity and ∆ is convergent modulo B. Order-sorted B-unification plays a crucial role; to obtain this functionality we describe a sort propagation algorithm that filters out unsorted B-unifiers provided by the CiME unification tool. We show how extensions of some of the state reduction techniques of the original NRL Protocol Analyzer can be applied in this context. We illustrate the ideas and capabilities of the Maude-NPA with an example involving the Diffie-Hellman key agreement protocol. 1
