A dexptime-Complete Dolev-Yao Theory with Distributive Encryption

  • A. Baskar
  • R. Ramanujam
  • S. P. Suresh
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6281)


In the context of modelling cryptographic tools like blind signatures and homomorphic encryption, the Dolev-Yao model is typically extended with an operator over which encryption is distributive. We consider one such theory which lacks any obvious locality property and show that its derivability problem is hard: in fact, it is dexptime-complete. The result holds also when blind pairing is associative. The lower bound contrasts with ptime decidability for restricted theories of blind signatures, and the upper bound with non-elementary decidability for abelian group operators with distributive encryption.


Proof System Blind Signature Cryptographic Protocol Homomorphic Encryption Tree Automaton 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [BC06]
    Bernat, V., Comon-Lundh, H.: Normal proofs in intruder theories. In: Okada, M., Satoh, I. (eds.) ASIAN 2006. LNCS, vol. 4435, pp. 151–166. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  2. [BEM97]
    Bouajjani, A., Esparza, J., Maler, O.: Reachability analysis of pushdown automata: Application to model-checking. In: Mazurkiewicz, A., Winkowski, J. (eds.) CONCUR 1997. LNCS, vol. 1243, pp. 135–150. Springer, Heidelberg (1997)Google Scholar
  3. [BRS07]
    Baskar, A., Ramanujam, R., Suresh, S.P.: Knowledge-based modelling of voting protocols. In: Proc. of TARK XI, pp. 62–71 (2007)Google Scholar
  4. [BRS10]
    Baskar, A., Ramanujam, R., Suresh, S.P.: A dexptime-complete Dolev-Yao theory with distributive encryption. Technical report (May 2010)
  5. [CDG+07]
    Comon, H., Dauchet, M., Gilleron, R., Löding, C., Jacquemard, F., Lugiez, D., Tison, S., Tommasi, M.: Tree Automata Techniques and Applications (2007),
  6. [CS03]
    Comon-Lundh, H., Shmatikov, V.: Intruder Deductions, Constraint Solving and Insecurity Decisions in Presence of Exclusive or. In: Proc. LICS 18, June 2003, pp. 271–280 (2003)Google Scholar
  7. [CRZ05]
    Cortier, V., Rusinowitch, M., Zalinescu, E.: A resolution strategy for verifying cryptographic protocols with cbc encryption and blind signatures. In: PPDP, pp. 12–22 (2005)Google Scholar
  8. [DKR09]
    Delaune, S., Kremer, S., Ryan, M.D.: Verifying privacy-type properties of electronic voting protocols. Journal of Computer Security 17(4), 435–487 (2009)Google Scholar
  9. [DY83]
    Dolev, D., Yao, A.: On the Security of public-key protocols. IEEE Transactions on Information Theory 29, 198–208 (1983)zbMATHCrossRefMathSciNetGoogle Scholar
  10. [FOO92]
    Fujioka, A., Okamoto, T., Ohta, K.: A practical secret voting scheme for large scale elections. In: ASIACRYPT, pp. 244–251 (1992)Google Scholar
  11. [GK99]
    Genet, T., Klay, F.: Rewriting for cryptographic protocol verification. Technical report, CNET-France Telecom (1999)Google Scholar
  12. [Gou00]
    Goubault-Larrecq, J.: A method for automatic cryptographic protocol verification. In: Rolim, J.D.P. (ed.) IPDPS-WS 2000. LNCS, vol. 1800, pp. 977–984. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  13. [LLT07]
    Lafourcade, P., Lugiez, D., Treinen, R.: Intruder deduction for the equational theory of abelian groups with distributive encryption. Information and Computation 205(4), 581–623 (2007)zbMATHCrossRefMathSciNetGoogle Scholar
  14. [Mon99]
    Monniaux, D.: Abstracting cryptographic protocols with tree automata. In: Cortesi, A., Filé, G. (eds.) SAS 1999. LNCS, vol. 1694, pp. 149–163. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  15. [RT03]
    Rusinowitch, M., Turuani, M.: Protocol Insecurity with Finite Number of Sessions and Composed Keys is NP-complete. TCS 299, 451–475 (2003)zbMATHCrossRefMathSciNetGoogle Scholar
  16. [SSE06]
    Suwimonteerabuth, D., Schwoon, S., Esparza, J.: Efficient algorithms for alternating pushdown systems with an application to the computation of certificate chains. In: Graf, S., Zhang, W. (eds.) ATVA 2006. LNCS, vol. 4218, pp. 141–153. Springer, Heidelberg (2006)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • A. Baskar
    • 1
  • R. Ramanujam
    • 2
  • S. P. Suresh
    • 1
  1. 1.Chennai Mathematical InstituteChennaiIndia
  2. 2.Institute of Mathematical SciencesChennaiIndia

Personalised recommendations