Abstract
Modular multiplication and exponentiation are common operations in modern cryptography. Unification problems with respect to some equational theories that these operations satisfy are investigated. Two different but related equational theories are analyzed. A unification algorithm is given for one of the theories which relies on solving syzygies over multivariate integral polynomials with noncommuting indeterminates. For the other theory, in which the distributivity property of exponentiation over multiplication is assumed, the unifiability problem is shown to be undecidable by adapting a construction developed by one of the authors to reduce Hilbert’s 10th problem to the solvability problem for linear equations over semi-rings. A new algorithm for computing strong Gröbner bases of right ideals over the polynomial ring Z<X 1, . . . , X n> is proposed; unlike earlier algorithms proposed by Baader as well as by Madlener and Reinert which work only for right admissible term orderings with the boundedness property, this algorithm works for any right admissible term ordering. The algorithms for some of these unification problems are expected to be integrated into Naval Research Lab.’s Protocol Analyzer (NPA), a tool developed by Catherine Meadows, which has been successfully used to analyze cryptographic protocols, particularly emerging standards such as the Internet Engineering Task Force’s (IETF) Internet Key Exchange [11] and Group Domain of Interpretation [12] protocols. Techniques from several different fields — particularly symbolic computation (ideal theory and Gröebner basis algorithms) and unification theory — are thus used to address problems arising in state-based cryptographic protocol analysis.
Research supported in part by the NSF grant nos. CCR-0098114 and CDA-9503064, the ONR grant no. N00014-01-1-0429, and a grant from the Computer Science Research Institute at Sandia National Labs.
Research supported in part by NSF grant no. CCR-0098095 and ONR grant no. N00014-01-1-0430.
Research supported in part by NSF grant no. CCR-0098095
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
F. Baader. Unification in Commutative Theories, Hilbert’s Basis Theorem, and Gröbner Bases. J. ACM, 40(3), 1993, 477–503.
F. Baader and W. Nutt. Adding Homomorphisms to Commutative/Monoidal Theories, or: How Algebra Can Help in Equational Unification. Proc. 4th Intl. Conf. on Rewriting Techniques and Applications (RTA 91), LNCS 488, 1991, 124–135.
F. Baader and K.U. Schultz. Unification in the Union of Disjoint Equational Theories: Combining Decision Procedures. Proc. 11th Conference on Automated Deduction (CADE-11), Saratoga Springs, NY, Springer LNAI 607, 1992, 50–65.
J. Clark and J. Jacob. A Survey of Authentication Protocol Literature: Version 1.0. Unpublished Technical Report, Department of Computer Science, University of York, UK, Nov 1997. Available at the URL: http://www-users.cs.york.ac.uk/~jac/papers/drareviewps.ps.
M. Davis. Computability and Unsolvability. Dover Publications, 1982.
A. Kandri-Rody and D. Kapur. Computing the Gröbner Basis of a Polynomial Ideal over Integers. Proc. Third MACSYMA Users’ Conference, Schenectady, NY, July 1984, 436–451. See also A. Kandri-Rody and D. Kapur. An Algorithm for Computing the Gröbner Basis of a Polynomial Ideal over an Euclidean Ring. Journal of Symbolic Computation, 6 (1), August 1988, 37–57.
D. Kapur, P. Narendran, and L. Wang. A Unification Algorithm for Analysis of Protocols with Blinded Signatures. TR 02-5, Department of Computer Science, SUNY, Albany, NY. To appear in the Festschrift for Jörg Siekmann (Dieter Hutter, Werner Stephan, eds.), Lecture Notes in Artificial Intelligence 2605, Springer.
D. Kapur, P. Narendran, and L. Wang. Analyzing Protocols that use Modular Exponentiation: Semantic Unification Techniques Technical Report, Department of Computer Science, SUNY, Albany, NY. An expanded version of this paper.
K. Madlener and B. Reinert. On Gröbner bases in Monoid and Group Rings. SEKI Report SR-93-08, Universität Kaiserslautern, Germany.
C. Meadows. The NRL Protocol Analyzer: An Overview. J. Logic Programming, 26(2), 1996, 113–131.
C. Meadows. Analysis of the Internet Key Exchange protocol using the NRL Protocol Analyzer. In: Proc. the 1999 Symp. on Security and Privacy, IEEE.
C. Meadows, P. Syverson and I. Cervesato. Formal Specification and Analysis of the Group Domain of Interpretation Protocol using NPATROL and the NRL Protocol Analyzer. To appear in the Journal of Computer Security.
C. Meadows and P. Narendran. A Unification Algorithm for the Group Diffie-Hellman Protocol. Workshop on Issues in the Theory of Security (WITS 2002), Portland, OR, Jan 2002.
P. Narendran. On solving linear equations over polynomial semirings. In: Proc. 11th Annual Symp. on Logic in Computer Science (LICS), NJ, July 96, 466–472.
P. Narendran, F. Pfenning, and R. Statman. On the Unification Problem for Cartesian Closed Categories. Journal of Symbolic Logic, 62(2), June 97, 636–647.
O. Pereira and J.-J. Quisquater. A Security Analysis of the Cliques Protocols Suites. Proc. 14th IEEE Computer Security Foundations Workshop, June 2001.
R.L. Rivest, A. Shamir, and L. Adleman. A Method for Obtaining Digital Signatures and Public Key Cryptosystems. CACM 21(2), 1978, 120–126.
G. Simmons and C. Meadows. The Role of Trust in Information Integrity Protocols. Journal of Computer Security 3(2), 1994.
S.G. Stubblebine and C. Meadows. On Searching for Known and Chosen Cipher Pairs using the NRL Protocol Analyzer. Presented at the DIMACS Workshop on Design and Formal Verification of Security Protocols, September 1997.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kapur, D., Narendran, P., Wang, L. (2003). An E-unification Algorithm for Analyzing Protocols That Use Modular Exponentiation. In: Nieuwenhuis, R. (eds) Rewriting Techniques and Applications. RTA 2003. Lecture Notes in Computer Science, vol 2706. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44881-0_13
Download citation
DOI: https://doi.org/10.1007/3-540-44881-0_13
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40254-1
Online ISBN: 978-3-540-44881-5
eBook Packages: Springer Book Archive