Abstract
Security protocols are small programs designed to ensure properties such as secrecy of messages or authentication of parties in a hostile environment. In this paper we investigate automated verification of a particular type of security protocols, called group protocols, in the presence of an eavesdropper, i.e., a passive attacker. The specificity of group protocols is that the number of participants is not bounded. Our approach consists in representing an infinite set of messages exchanged during an unbounded number of sessions, one session for each possible number of participants, as well as the infinite set of associated secrets. We use so-called visibly tree automata with memory and structural constraints (introduced recently by Comon-Lundh et al.) to represent over-approximations of these two sets. We identify restrictions on the specification of protocols which allow us to reduce the attacker capabilities guaranteeing that the above mentioned class of automata is closed under the application of the remaining attacker rules. The class of protocols respecting these restrictions is large enough to cover several existing protocols, such as the GDH family, GKE, and others.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Boyd, C., González Nieto, J.-M.: Round-optimal ciontributory conference key agreement. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 161–174. Springer, Heidelberg (2002)
Bresson, E., Chevassut, O., Essiari, A., Pointcheval, D.: Mutual authentication and group key agreement for low-power mobile devices. Computer Communications 27(17), 1730–1737 (2004)
Comon-Lundh, H., Jacquemard, F., Perrin, N.: Tree automata with memory, visibility and structural constraints. In: Seidl, H. (ed.) FOSSACS 2007. LNCS, vol. 4423, pp. 168–182. Springer, Heidelberg (2007)
Comon-Lundh, H., Jacquemard, F., Perrin, N.: Visibly tree automata with memory and constraints. Research Report LSV-07-30, Laboratoire Spécification et Vérification, ENS Cachan, France, Logical Methods in Computer Science (September 2007) (to appear)
Comon-Lundh, H., Shmatikov, V.: Intruder deductions, constraint solving and insecurity decision in presence of exclusive or. In: Proceedings of the 18th IEEE Symposium on Logic in Computer Science (LICS 2003), vol. 171, pp. 271–280. IEEE Computer Society Press, Los Alamitos (2003)
Contejean, E., Marché, C., Monate, B., Urbain, X.: The CiME Rewrite Tool (2000), http://cime.lri.fr
Dershowitz, N.: Termination of rewriting. J. Symb. Comput. 3(1-2), 69–116 (1987)
Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Transactions on Information Theory 29(2), 198–208 (1983)
Goubault-Larrecq, J.: A method for automatic cryptographic protocol verification (extended abstract). In: IPDPS-WS 2000. LNCS, vol. 1800, pp. 977–984. Springer, Heidelberg (2000)
Katz, J., Yung, M.: Scalable protocols for authenticated group key exchange. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 110–125. Springer, Heidelberg (2003)
Kremer, S., Mercier, A., Treinen, R.: Proving group protocols secure against eavesdroppers. Research Report LSV, Laboratoire Spécification et Vérification, ENS Cachan, France (May 2008), http://www.lsv.ens-cachan.fr/Publis/RAPPORTS_LSV/rapports.php?filename=lsv-2008
Küsters, R., Truderung, T.: On the Automatic Analysis of Recursive Security Protocols with XOR. In: Thomas, W., Weil, P. (eds.) STACS 2007. LNCS, vol. 4393. Springer, Heidelberg (2007)
Pereira, O., Quisquater, J.-J.: Some attacks upon authenticated group key agreement protocols. Journal of Computer Security 11(4), 555–580 (2003)
Pereira, O., Quisquater, J.-J.: On the impossibility of building secure cliques-type authenticated group key agreement protocols. Journal of Computer Security 14(2), 197–246 (2006)
Steel, G., Bundy, A.: Attacking group protocols by refuting incorrect inductive conjectures. Journal of Automated Reasoning 36(1-2), 149–176 (2006)
Steiner, M., Tsudik, G., Waidner, M.: Diffie-Hellman key distribution extended to group communication. In: ACM Conference on Computer and Communications Security, pp. 31–37 (1996)
Truderung, T.: Selecting theories and recursive protocols. In: Abadi, M., de Alfaro, L. (eds.) CONCUR 2005. LNCS, vol. 3653, pp. 217–232. Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kremer, S., Mercier, A., Treinen, R. (2008). Proving Group Protocols Secure Against Eavesdroppers. In: Armando, A., Baumgartner, P., Dowek, G. (eds) Automated Reasoning. IJCAR 2008. Lecture Notes in Computer Science(), vol 5195. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71070-7_9
Download citation
DOI: https://doi.org/10.1007/978-3-540-71070-7_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-71069-1
Online ISBN: 978-3-540-71070-7
eBook Packages: Computer ScienceComputer Science (R0)