Automatic proof of strong secrecy for security protocols

Author

Blanchet, Bruno

Author_Institution

CNRS, Ecole Normale Superieure, Paris, France

fYear

2004

fDate

9-12 May 2004

Firstpage

86

Lastpage

100

Abstract

We present a new automatic technique for proving strong secrecy for security protocols. Strong secrecy means that an adversary cannot see any difference when the value of the secret changes. Our technique relies on an automatic translation of the protocol into Horn clauses, and a resolution algorithm on the clauses. It requires important extensions with respect to previous work for the proof of (standard) secrecy and authenticity. This technique can handle a wide range of cryptographic primitives, and yields proofs valid for an unbounded number of sessions and an unbounded message space; it is also flexible and efficient. We have proved its correctness, implemented it, and tested it on several examples of protocols including JFK by W. Aiello et al. (2002).

Keywords

Horn clauses; data privacy; formal verification; message authentication; protocols; Horn clauses; JFK; authenticity; automatic protocol translation; correctness proving; cryptographic primitives; resolution algorithm; security protocols; standard secrecy; strong secrecy automatic proof; unbounded message space; Calculus; Cryptographic protocols; Cryptography; Data security; Logic programming; Polynomials; Privacy; Testing;

fLanguage

English

Publisher

ieee

Conference_Titel

Security and Privacy, 2004. Proceedings. 2004 IEEE Symposium on

ISSN

1081-6011

Print_ISBN

0-7695-2136-3

Type

conf

DOI

10.1109/SECPRI.2004.1301317

Filename

1301317