Title :
A meta-notation for protocol analysis
Author :
Cervesato, I. ; Durgin, N.A. ; Lincoln, P.D. ; Mitchell, J.C. ; Scedrov, A.
Author_Institution :
SRI Int., Menlo Park, CA, USA
Abstract :
Most formal approaches to security protocol analysis are based on a set of assumptions commonly referred to as the “Dolev-Yao model”. In this paper, we use a multiset rewriting formalism, based on linear logic, to state the basic assumptions of this model. A characteristic of our formalism is the way that existential quantification provides a succinct way of choosing new values, such as new keys or nonces. We define a class of theories in this formalism that correspond to finite-length protocols, with a bounded initialization phase but allowing unboundedly many instances of each protocol role (e.g., client, sewer; initiator or responder). Undecidability is proved for a restricted class of these protocols, and PSPACE-completeness is claimed for a class further restricted to have no new data (nonces). Since it is a fragment of linear logic, we can use our notation directly as input to linear logic tools, allowing us to do proof search for attacks with relatively little programming effort, and to formally verify protocol transformations and optimizations
Keywords :
computational complexity; cryptography; protocols; rewriting systems; Dolev-Yao model; PSPACE-completeness; bounded initialization phase; formal approaches; linear logic; meta-notation; multiset rewriting formalism; optimizations; protocol analysis; security protocol analysis; undecidability; Computer science; Cryptography; Ear; Linear programming; Mathematics; Protocols; Security;
Conference_Titel :
Computer Security Foundations Workshop, 1999. Proceedings of the 12th IEEE
Conference_Location :
Mordano
Print_ISBN :
0-7695-0201-6
DOI :
10.1109/CSFW.1999.779762
