Abstract :
We define a p-party ping-pong protocol and its security problem, along the lines of Dolev and Yao´s definition for twoparty ping-pong protocol. In the case of two parties, it was assumed, with no loss of generality, that there exists a single saboteur in the net and the protocol was defined to be secure iff it was secure against the active interventions of one saboteur. We show that for more than 2 parties this assumption can no longer be made and that for p parties 3(p-2) + 1 is a lower bound on the number of saboteurs which should be considered for the security problem. On the other hand we establish a 3(p-2) + 2 upper bound on the number of saboteurs which should be considered. We conclude that for a fixed p, p-party ping-pong protocols can be tested for security in 0(n3) time and 0(n2) space, when n is the length of the protocol. We show that if p, the number of participants in the protocol, is part of the input then the security problem becomes NP-Hard. Relaxing the definition of a ping-pong protocol so that operators can operate on half words (thus introducing commutativity of the operators) causes the security problem to become undecidable.
