Title :
A theory of dictionary attacks and its complexity
Author :
Delaune, Stéphanie ; Jacquemard, Florent
Author_Institution :
France Telecom R&D, Cachan, France
Abstract :
We consider the problem of automating proofs of cryptographic protocols when some data, like poorly chosen passwords, can be guessed by dictionary attacks. First, we define a theory of these attacks: we introduce an inference system modeling the guessing capabilities of an intruder. This system extends the classical Dolev-Yao rules. Using proof rewriting techniques, we show a locality lemma for our inference system which yields the PTIME-completeness of the deduction problem. This result is lifted to the simultaneous solving of intruder deduction constraints with variables. Constraint solving is the basis of a NP algorithm for the protocol insecurity problem in the presence of dictionary attacks, assuming a bounded number of sessions. This extends the classical NP-completeness result for the Dolev-Yao model. We illustrate the procedure with examples of published protocols. The model and decision algorithm have been validated on some examples in a prototype implementation.
Keywords :
computational complexity; constraint handling; cryptography; inference mechanisms; protocols; Dolev-Yao model; NP algorithm; NP-completeness; PTIME-completeness; attack complexity; constraint solving; cryptographic protocols; dictionary attacks; inference system; intruder deduction constraint; proof rewriting; proofing automation; protocol insecurity problem; Automatic generation control; Computer security; Cryptographic protocols; Cryptography; Dictionaries; Inference algorithms; Modeling; Prototypes; Random number generation; Research and development;
Conference_Titel :
Computer Security Foundations Workshop, 2004. Proceedings. 17th IEEE
Print_ISBN :
0-7695-2169-X
DOI :
10.1109/CSFW.2004.1310728
