Security Properties: Two Agents Are Sufficient

  • Hubert Comon-Lundh
  • Véronique Cortier
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2618)


We consider arbitrary cryptographic protocols and security properties. We show that it is always sufficient to consider a bounded number of agents b (actually b = 2 in most of the cases): if there is an attack involving n agents, then there is an attack involving at most b agents.


IEEE Computer Society Authentication Protocol Security Protocol Security Property Horn Clause 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    D. M. Allester. Automatic recognition of tractability in inference relations. In Journal of the ACM 40(2), pages 284–303, April 1993.CrossRefGoogle Scholar
  2. 2.
    R. Amadio and W. Charatonik. On name generation and set-based analysis in the dolev-yao model. In Proc. CONCUR 02. Springer-Verlag, 2002.Google Scholar
  3. 3.
    R. Amadio and D. Lugiez. On the reachability problem in cryptographic protocols. In Proc. CONCUR, vol. 1877 ofLecture Notes in Computer Science, pages 380–394, 2000.Google Scholar
  4. 4.
    R. Barbuti, P. Mancarella, D. Pedreshi, and F. Turini. A transformation approach to negation in logic programming. Journal of Logic Programming, 8:201–228, 1990.CrossRefMathSciNetzbMATHGoogle Scholar
  5. 5.
    B. Blanchet. An efficient cryptographic protocol verifier based on prolog rules. In CSFW: Proceedings of 14th Computer Security Foundations Workshop. IEEE Computer Society Press, 2001.Google Scholar
  6. 6.
    L. Bozga, Y. Lakhnech, and M. Périn. Pattern-based abstraction for verifying secrecy in protocols. In Tools and Agorithms for the Construction and Analysis of Sytems (TACAS’03), to appear, 2003.Google Scholar
  7. 7.
    J. Clark and J. Jacob. A survey of authentication protocol literature: Version, 1997.Google Scholar
  8. 8.
    H. Comon. Disunification: a survey. In J.-L. Lassez and G. Plotkin, editors, Computational Logic: Essays in Honor of Alan Robinson. MIT Press, 1991.Google Scholar
  9. 9.
    H. Comon and V. Cortier. Tree automata with one memory, set constraints and cryptographic protocols. Technical Report LSV-01-13, LSV, 2001.Google Scholar
  10. 10.
    H. Comon, V. Cortier, and J. Mitchell. Tree automata with memory, set constraints and ping pong protocols. In Proc. ICALP 2001, 2001.Google Scholar
  11. 11.
    H. Comon-Lundh and V. Cortier. Security properties: two agents are sufficient. In Research Report LSV-02-10, Lab. Specification and Verification, ENS de Cachan, Cachan, France, August 2002.Google Scholar
  12. 12.
    V. Cortier, J. Millen, and H. Rueß. Proving secrecy is easy enough. In 14th IEEE Computer Security Foundations Workshop, pages 97–108. IEEE Computer Society, 2001.Google Scholar
  13. 13.
    G. Denker, J. Millen, and H. Rueß. The capsl integrated protocol environment. Technical Report SRI-CSL-2000-02, SRI International, Oct. 2000.Google Scholar
  14. 14.
    N. Durgin, P. Lincoln, J. Mitchell, and A. Scedrov. Undecidability of bounded security protocols. In Proc. of Workshop on Formal Methods and Security Protocols, Trento, 1999., 1999.Google Scholar
  15. 15.
    S. Even and O. Goldreich. On the security of multi-party ping-pong protocols. In Proc. IEEE Symp. on Foundations of Computer Science, 1983.Google Scholar
  16. 16.
    M. Fiore and M. Abadi. Computing symbolic models for verifying cryptographic protocols. In Proc.14th IEEE Computer Security Foundations Workshop, Cape Breton, Nova Scotia, June 2001.Google Scholar
  17. 17.
    J. Heather, G. Lowe, and S. Schneider. How to prevent type flaw attacks on security protocols. In CSFW: Proc. 13th IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, 2000.Google Scholar
  18. 18.
    J. Heather and S. Schneider. Towards automatic verification of authentication protocols on an unbounded network. In Proceedings of the 13th Computer Security Foundations Workshop (CSFW’00), pages 132–143, Cambridge, England, 2000. IEEE Computer Society Press.Google Scholar
  19. 19.
    F. Jacquemard, M. Rusinowitch, and L. Vigneron. Compiling and verifying cryptographic protocols. In Proc. Logic Programming and Automated Reasoning, volume 1955 of Lecture Notes in Computer Science, 2000. See also the CASRUL page Scholar
  20. 20.
    G. Lowe. Towards a completeness result for model checking of security protocols. Journal of Computer Security, 7(2–3):89–146, 1999.Google Scholar
  21. 21.
    J. Millen and H. Rueß. Protocol-independent secrecy. In RSP: 21th IEEE Computer Society Symposium on Research in Security and Privacy, 2000.Google Scholar
  22. 22.
    J. Millen and V. Shmatikov. Constraint solving for bounded-process cryptographic protocol analysis. In Proc. 8th ACM Conference on Computer and Communications Security, 2001.Google Scholar
  23. 23.
    L. Paulson. Mechanized proofs for a recursive authentication protocol. In Proceedings of the 10th Computer Security Foundations Workshop, pages 84–95. IEEE Computer Society Press, 1997.Google Scholar
  24. 24.
    L. Paulson. The inductive approach to verifying cryptographic protocols. Journal of Computer Security, 6(1):85–128, 1998.Google Scholar
  25. 25.
    M. Rusinowitch and M. Turuani. Protocol insecurity with finite number of sessions is NP-complete. In 14th IEEE Computer Security Foundations Workshop, 2001.Google Scholar
  26. 26.
    P. Ryan, S. Schneider, M. Goldsmith, G. Lowe, and A. Roscoe. The modelling and analysis of security protocols: the CSP approach. Addison-Wesley, 2000.Google Scholar
  27. 27.
    S. D. Stoller. A bound on attacks on payment protocols. In Proc. 16th Annual IEEE Symposium on Logic in Computer Science (LICS), pages 61–70. IEEE Computer Society Press, June 2001.Google Scholar
  28. 28.
    J. Thayer, J. Herzog, and J. Guttman. Strand spaces: proving security protocols correct. In Journal of Computer Security, Vol. 7, pages 191–230. IEEE Computer Society, 1999.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Hubert Comon-Lundh
    • 1
  • Véronique Cortier
    • 1
  1. 1.Laboratoire Spécification et Vérification, CNRS, INRIAEcole Normale Supérieure de CachanUSA

Personalised recommendations