Deciding knowledge in security protocols under some e-voting theories

Deciding knowledge in security protocols under some e-voting theories. Mouhebeddine Berrima, Narjes Ben Rajeb, and Véronique Cortier. Rapport de recherche RR-6903, INRIA, 2009.

Download

[PDF] [HTML] 

Abstract

In the last decade, formal methods have proved their interest when analyzing security protocols. Security protocols require in particular to reason about the attacker knowledge. Two standard notions are often considered in formal approaches: deducibility and indistinguishability relations. The first notion states whether an attacker can learn the value of a secret, while the latter states whether an attacker can notice some difference between protocol runs with different values of the secret. Several decision procedures have been developed so far for both notions but none of them can be applied in the context of e-voting protocols, which require dedicated cryptographic primitives. In this work, we show that both deduction and indistinguishability are decidable in polynomial time for two theories modeling the primitives of e-voting protocols.

BibTeX

@techreport{BERRIMA:2009:INRIA-00375784:1,
    hal_id = {inria-00375784},
    title = {{Deciding knowledge in security protocols under some e-voting theories}},
    author = {Berrima, Mouhebeddine and Ben Rajeb, Narjes and Cortier, V{\'e}ronique},
    abstract = {{In the last decade, formal methods have proved their interest when analyzing security protocols. Security protocols require in particular to reason about the attacker knowledge. Two standard notions are often considered in formal approaches: deducibility and indistinguishability relations. The first notion states whether an attacker can learn the value of a secret, while the latter states whether an attacker can notice some difference between protocol runs with different values of the secret. Several decision procedures have been developed so far for both notions but none of them can be applied in the context of e-voting protocols, which require dedicated cryptographic primitives. In this work, we show that both deduction and indistinguishability are decidable in polynomial time for two theories modeling the primitives of e-voting protocols.}},
    keywords = {security protocoles, formal methods, decidability, e-voting, equational theory, knowledge, deduction, static equivalence},
    language = {Anglais},
    affiliation = {LIP2 , CASSIS - INRIA Lorraine - LORIA / LIFC},
    pages = {29},
    type = {Rapport de recherche},
    institution = {INRIA},
    number = {RR-6903},
    year = {2009},
}