Bounded Memory Dolev-Yao Adversaries in Collaborative Systems

  • Max Kanovich
  • Tajana Ban Kirigin
  • Vivek Nigam
  • Andre Scedrov
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6561)


This paper extends existing models for collaborative systems. We investigate how much damage can be done by insiders alone, without collusion with an outside adversary. In contrast to traditional intruder models, such as in protocol security, all the players inside our system, including potential adversaries, have similar capabilities. They have bounded storage capacity, that is, they can only remember at any moment a bounded number of facts. This is technically imposed by only allowing balanced actions, that is, actions that have the same number of facts in their pre and post conditions. On the other hand, the adversaries inside our system have many capabilities of the standard Dolev-Yao intruder, namely, they are able, within their bounded storage capacity, to compose, decompose, overhear, and intercept messages as well as update values with fresh ones. We investigate the complexity of the decision problem of whether or not an adversary is able to discover secret data. We show that this problem is PSPACE-complete when all actions are balanced and can update values with fresh ones. As an application we turn to security protocol analysis and demonstrate that many protocol anomalies, such as the Lowe anomaly in the Needham-Schroeder public key exchange protocol, can also occur when the intruder is one of the insiders with bounded memory.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Amadio, R.M., Lugiez, D.: On the reachability problem in cryptographic protocols. In: Palamidessi, C. (ed.) CONCUR 2000. LNCS, vol. 1877, pp. 380–394. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  2. 2.
    Amadio, R.M., Lugiez, D., Vanackère, V.: On the symbolic reduction of processes with cryptographic functions. Theor. Comput. Sci. 290(1), 695–740 (2003)MathSciNetCrossRefMATHGoogle Scholar
  3. 3.
    Barth, A., Datta, A., Mitchell, J.C., Nissenbaum, H.: Privacy and contextual integrity: Framework and applications. In: IEEE Symposium on Security and Privacy (2006)Google Scholar
  4. 4.
    Barth, A., Mitchell, J.C., Datta, A., Sundaram, S.: Privacy and utility in business processes. In: CSF, pp. 279–294 (2007)Google Scholar
  5. 5.
    Butler, F., Cervesato, I., Jaggard, A.D., Scedrov, A., Walstad, C.: Formal analysis of Kerberos 5. Theor. Comput. Sci. 367(1-2), 57–87 (2006)MathSciNetCrossRefMATHGoogle Scholar
  6. 6.
    Cervesato, I., Jaggard, A.D., Scedrov, A., Tsay, J.-K., Walstad, C.: Breaking and fixing public-key Kerberos. Inf. Comput. 206(2-4), 402–424 (2008)MathSciNetCrossRefMATHGoogle Scholar
  7. 7.
    Chevalier, Y., Küsters, R., Rusinowitch, M., Turuani, M.: An NP decision procedure for protocol insecurity with XOR. Theor. Comput. Sci. 338(1-3), 247–274 (2005)MathSciNetCrossRefMATHGoogle Scholar
  8. 8.
    Church, A.: A formulation of the simple theory of types. J. Symbolic Logic 5, 56–68 (1940)MathSciNetCrossRefMATHGoogle Scholar
  9. 9.
    Clark, J., Jacob, J.: A survey of authentication protocol literature: Version 1.0 (1997),
  10. 10.
    Comon-Lundh, H., Shmatikov, V.: Intruder deductions, constraint solving and insecurity decision in presence of exclusive or. In: LICS 2003, p. 271. IEEE Computer Society, Los Alamitos (2003)Google Scholar
  11. 11.
    Dolev, D., Yao, A.: On the security of public key protocols. IEEE Transactions on Information Theory 29(2), 198–208 (1983)MathSciNetCrossRefMATHGoogle Scholar
  12. 12.
    Durgin, N.A., Lincoln, P., Mitchell, J.C., Scedrov, A.: Multiset rewriting and the complexity of bounded security protocols. Journal of Computer Security 12(2), 247–311 (2004)CrossRefGoogle Scholar
  13. 13.
    Esparza, J., Nielsen, M.: Decidability issues for Petri nets - a survey. Bulletin of the EATCS 52, 244–262 (1994)MATHGoogle Scholar
  14. 14.
    Harrison, M.A., Ruzzo, W.L., Ullman, J.D.: On protection in operating systems. In: SOSP 1975, pp. 14–24. ACM, New York (1975)Google Scholar
  15. 15.
    Kanovich, M., Kirigin, T.B., Nigam, V., Scedrov, A.: Bounded memory Dolev-Yao adversaries in collaborative systems (2010),
  16. 16.
    Kanovich, M., Kirigin, T.B., Nigam, V., Scedrov, A.: Progressing collaborative systems. In: FCS-PrivMod (2010)Google Scholar
  17. 17.
    Kanovich, M., Rowe, P., Scedrov, A.: Policy compliance in collaborative systems. In: CSF 2009, pp. 218–233. IEEE Computer Society, Los Alamitos (2009)Google Scholar
  18. 18.
    Kanovich, M., Rowe, P., Scedrov, A.: Collaborative planning with confidentiality. Journal of Automated Reasoning (2010) (to appear); This is an extended version of a previous paper which appeared in CSF 2007Google Scholar
  19. 19.
    Lowe, G.: Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  20. 20.
    Milner, R.: Communicating and Mobile Systems: The π-calculus. Cambridge University Press, New York (1999)MATHGoogle Scholar
  21. 21.
    Jones, Y.L.N.D., Landweber, L.H.: Complexity of some problems in Petri nets. Theoretical Computer Science 4, 277–299 (1977)MathSciNetCrossRefMATHGoogle Scholar
  22. 22.
    Roscoe, A.W.: Proving security protocols with model checkers by data independence techniques. In: CSFW, pp. 84–95 (1998)Google Scholar
  23. 23.
    Rusinowitch, M., Turuani, M.: Protocol insecurity with a finite number of sessions and composed keys is NP-complete. Theor. Comput. Sci. 299(1-3), 451–475 (2003)MathSciNetCrossRefMATHGoogle Scholar
  24. 24.
    Wang, G., Qing, S.: Two new attacks against Otway-Reese protocol. In: IFIP/SEC 2000, Information Security, pp. 137–139 (2000)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Max Kanovich
    • 1
  • Tajana Ban Kirigin
    • 2
  • Vivek Nigam
    • 3
  • Andre Scedrov
    • 3
  1. 1.Queen MaryUniversity of LondonUK
  2. 2.University of RijekaCroatia
  3. 3.University of PennsylvaniaPhiladelphiaUSA

Personalised recommendations