Combining algorithms for deciding knowledge in security protocols
Combining algorithms for deciding knowledge in security protocols. Mathilde Arnaud, Véronique Cortier, and Stéphanie Delaune. Rapport de recherche RR-6118, INRIA, 2007.
Download
Abstract
In formal approaches, messages sent over a network are usually modeled by terms together with an equational theory, axiomatizing the properties of the cryptographic functions (encryption, exclusive or, ...). The analysis of cryptographic protocols requires a precise understanding of the attacker knowledge. Two standard notions are usually used: deducibility and indistinguishability. Those notions are well-studied and a lot of decidability results already exist to deal with a variety of equational theories. We show that decidability results can be easily combined for any disjoint equational theories: if the deducibility and indistinguishability relations are decidable for two disjoint theories, they are also decidable for their union. As an application, new decidability results can be obtained using this combination theorem.
BibTeX
@techreport{ARNAUD:2007:INRIA-00129418:2, hal_id = {inria-00129418}, title = {{Combining algorithms for deciding knowledge in security protocols}}, author = {Arnaud, Mathilde and Cortier, V{\'e}ronique and Delaune, St{\'e}phanie}, abstract = {{In formal approaches, messages sent over a network are usually modeled by terms together with an equational theory, axiomatizing the properties of the cryptographic functions (encryption, exclusive or, ...). The analysis of cryptographic protocols requires a precise understanding of the attacker knowledge. Two standard notions are usually used: deducibility and indistinguishability. Those notions are well-studied and a lot of decidability results already exist to deal with a variety of equational theories. We show that decidability results can be easily combined for any disjoint equational theories: if the deducibility and indistinguishability relations are decidable for two disjoint theories, they are also decidable for their union. As an application, new decidability results can be obtained using this combination theorem.}}, keywords = {equational theories; security protocols; deduction; static equivalence; combination of decision procedures}, language = {Anglais}, affiliation = {CASSIS - INRIA Lorraine - LORIA / LIFC}, type = {Rapport de recherche}, institution = {INRIA}, number = {RR-6118}, year = {2007}, }