Abstract
Anonymity, as an instance of information hiding, is one of the security properties intensively studied nowadays due to its applications to various fields such as e-voting, e-commerce, e-mail, e -cash, and so on. In this paper we study the decidability and complexity status of the anonymity property in security protocols. We show that anonymity is undecidable for unrestricted security protocols, is NEXPTIME-complete for bounded security protocols, and it is NP-complete for 1-session bounded security protocols. In order to reach these objectives, an epistemic language and logic to reason about anonymity properties for security protocols under an active intruder, are provided. Agent states are endowed with facts derived from actions performed by agents in protocol executions, and an inference system is provided. To define anonymity, an observational equivalence is used, which is shown to be decidable in deterministic polynomial time.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Dolev, D., Yao, A.: On the Security of Public-Key Protocols. IEEE Transactions on Information Theory 29, 198–208 (1983)
Fagin, R., Halpern, J.Y., Moses, Y., Vardi, M.Y.: Reasoning About Knowledge. The MIT Press, Cambridge (2003)
Feigenbaum, J., Johnson, A., Syverson, P.: A model of onion routing with provable anonymity. In: Proceedings of the 11th International Conference on Financial Cryptography and 1st International Conference on Usable Security, Scarborough, Trinidad and Tobago, February 12-16 (2007)
Fischer, P.C., Meyer, A.R., Rosenberg, A.L.: Counter Machines and Counter Languages. Mathematical System Theory 2, 265–283 (1968)
Garcia, F.D., Hasuo, I., Pieters, W., van Rossum, P.: Provable Anonymity. In: Proceedings of the 3rd ACM Workshop on Formal Methods in Security Engineering: From Specifications to Code, FMSE 2005, Alexandria, USA (2005)
Greibach, S.A.: Remarks on Blind and Partially Blind One-way Multicounter Machines. Theoretical Computer Science 7, 311–324 (1978)
Halpern, J.Y., O’Neill, K.R.: Anonymity and Information Hiding in Multi-agent Systems. Journal of Computer Security 13(3), 483–514 (2005)
Hughes, D., Shmatikov, V.: Information Hiding, Anonymity and Privacy: A Modular Approach. Journal of Computer Security 12(1), 3–36 (2004)
Kramer, S.: Cryptographic Protocol Logic: Satisfaction for (Timed) Dolev-Yao Cryptography. The Journal of Logic and Algebraic Programming 77, 60–91 (2008)
Mano, K., Kawabe, Y., Sakurada, H., Tsukada, Y.: Role Interchangibility and Verification of Electronic Voting. In: The 2006 Symposium on Cryptography and Information Security, Hiroshima, Japan (2006)
Minsky, M.L.: “Recursvive” Unsolvability of Post’s Problem of “Tag” and other Topics in Theory of Turing Machines. Annals of Mathematics 74(3) (1961)
Pfitzmann, A., Hansen, M.: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management – A Consolidated Proposal for Terminology. Technical Report, Technische Universität Dresden (2008)
Ramanujam, R., Suresh, S.P.: A Decidable Subclass of Unbounded Security Protocols. In: Proceedings of Workshop on Issues in the Theory of Security (WITS 2001), pp. 11–20 (2003)
Ramanujam, R., Suresh, S.P.: Undecidability of Secrecy for Security Protocols. Manuscript (2003) http://www.imsc.res.in/~jam/
Schneider, P., Sidiropoulos, A.: CSP and Anonymity. In: Martella, G., Kurth, H., Montolivo, E., Bertino, E. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 198–218. Springer, Heidelberg (1996)
Syverson, P.F., Stubblebine, S.G.: Group Principals and the Formalization of Anonymity. In: Wing, J.M., Woodcock, J.C.P., Davies, J. (eds.) FM 1999, vol. 1708, pp. 314–333. Springer, Heidelberg (1999)
Tsukada, Y., Mano, K., Sakurada, H., Kawabe, Y.: Anonymity, Privacy, Onymity, and Identity: A Modal Logic Approach. In: Proceedings of the 2009 IEEE International Conference on Privacy, Security, Risk and Trust (PASSAT 2009), pp. 42–51 (2009)
Ţiplea, F.L., Bîrjoveanu, C.V., Enea, C.: Complexity of the Secrecy for Bounded Security Protocols. In: Proceedings of the NATO Advanced Research Workshop on Information Security in Wireless Networks, Suceava, România (2006)
Ţiplea, F.L., Bîrjoveanu, C.V., Enea, C., Boureanu, I.: Secrecy for Bounded Protocols with Freshness Check is NEXPTIME-complete. Journal of Computer Security 16(6), 689–712 (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ţiplea, F.L., Vamanu, L., Vârlan, C. (2010). Complexity of Anonymity for Security Protocols. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds) Computer Security – ESORICS 2010. ESORICS 2010. Lecture Notes in Computer Science, vol 6345. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15497-3_34
Download citation
DOI: https://doi.org/10.1007/978-3-642-15497-3_34
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-15496-6
Online ISBN: 978-3-642-15497-3
eBook Packages: Computer ScienceComputer Science (R0)