Article

YAPA: A Generic Tool for Computing Intruder Knowledge

Authors:

Mathieu Baudet,

Véronique Cortier,

Stéphanie DelauneAuthors Info & Claims

RTA '09: Proceedings of the 20th International Conference on Rewriting Techniques and Applications

Pages 148 - 163

https://doi.org/10.1007/978-3-642-02348-4_11

Published: 19 June 2009 Publication History

Abstract

Reasoning about the knowledge of an attacker is a necessary step in many formal analyses of security protocols. In the framework of the applied pi calculus, as in similar languages based on equational logics, knowledge is typically expressed by two relations: deducibility and static equivalence. Several decision procedures have been proposed for these relations under a variety of equational theories. However, each theory has its particular algorithm, and none has been implemented so far.

We provide a generic procedure for deducibility and static equivalence that takes as input any convergent rewrite system. We show that our algorithm covers all the existing decision procedures for convergent theories. We also provide an efficient implementation, and compare it briefly with the more general tool ProVerif.

References

[1]

Abadi, M., Baudet, M., Warinschi, B.: Guessing attacks and the computational soundness of static equivalence. In: Aceto, L., Ingólfsdóttir, A. (eds.) FOSSACS 2006. LNCS, vol. 3921, pp. 398-412. Springer, Heidelberg (2006).

[2]

Abadi, M., Cortier, V.: Deciding knowledge in security protocols under equational theories. Theoretical Computer Science 387(1-2), 2-32 (2006).

[3]

Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: 28th ACM Symposium on Principles of Programming Languages (POPL 2001), pp. 104-115. ACM Press, New York (2001).

[4]

Anantharaman, S., Narendran, P., Rusinowitch, M.: Intruders with caps. In: Baader, F. (ed.) RTA 2007. LNCS, vol. 4533, pp. 20-35. Springer, Heidelberg (2007).

[5]

Baudet, M.: Deciding security of protocols against off-line guessing attacks. In: 12th ACM Conference on Computer and Communications Security (CCS 2005), pp. 16-25. ACM Press, New York (2005).

[6]

Baudet, M.: Sécurité des protocoles cryptographiques : aspects logiques et calculatoires. Thèse de doctorat, LSV, ENS Cachan, France (2007).

[7]

Baudet, M., Cortier, V., Delaune, S.: YAPA: A generic tool for computing intruder knowledge. Research Report LSV-09-03, Laboratoire Spécification et Vérification, ENS Cachan, France, 28 pages (Feburary 2009).

[8]

Baudet, M., Cortier, V., Kremer, S.: Computationally sound implementations of equational theories against passive adversaries. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 652-663. Springer, Heidelberg (2005).

[9]

Blanchet, B.: An Efficient Cryptographic Protocol Verifier Based on Prolog Rules. In: 14th Computer Security FoundationsWorkshop (CSFW 2001), pp. 82-96. IEEE Comp. Soc. Press, Los Alamitos (2001).

[10]

Blanchet, B., Abadi, M., Fournet, C.: Automated verification of selected equivalences for security protocols. Journal of Logic and Algebraic Programming 75(1), 3-51 (2008).

[11]

Chevalier, Y., Küsters, R., Rusinowitch, M., Turuani, M.: An NP decision procedure for protocol insecurity with XOR. In: 18th IEEE Symposium on Logic in Computer Science (LICS 2003). IEEE Comp. Soc. Press, Los Alamitos (2003).

[12]

Comon-Lundh, H., Shmatikov, V.: Intruder deductions, constraint solving and insecurity decision in presence of exclusive or. In: 18th IEEE Symposium on Logic in Computer Science (LICS 2003). IEEE Computer Society Press, Los Alamitos (2003).

[13]

Corin, R., Doumen, J., Etalle, S.: Analysing password protocol security against off-line dictionary attacks. In: 2nd International Workshop on Security Issues with Petri Nets and other Computational Models (WISP 2004). ENTCS (2004).

[14]

Cortier, V., Delaune, S.: Deciding knowledge in security protocols for monoidal equational theories. In: Dershowitz, N., Voronkov, A. (eds.) LPAR 2007. LNCS (LNAI), vol. 4790, pp. 196-210. Springer, Heidelberg (2007).

[15]

Cortier, V., Delaune, S., Lafourcade, P.: A survey of algebraic properties used in cryptographic protocols. Journal of Computer Security 14(1), 1-43 (2006).

[16]

Delaune, S., Jacquemard, F.: A decision procedure for the verification of security protocols with explicit destructors. In: 11th ACM Conference on Computer and Communications Security (CCS 2004), pp. 278-287 (2004).

[17]

Delaune, S., Kremer, S., Ryan, M.D.: Verifying privacy-type properties of electronic voting protocols. Journal of Computer Security (to appear) (2008).

[18]

Lowe, G.: Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147- 166. Springer, Heidelberg (1996).

[19]

Millen, J., Shmatikov, V.: Constraint solving for bounded-process cryptographic protocol analysis. In: 8th ACM Conference on Computer and Communications Security (CCS 2001) (2001).

Cited By

Abadi MBlanchet BFournet C(2017)The Applied Pi CalculusJournal of the ACM10.1145/312758665:1(1-41)Online publication date: 26-Oct-2017
https://dl.acm.org/doi/10.1145/3127586
Chadha RCheval VCiobâcă ŞKremer S(2016)Automated Verification of Equivalence Properties of Cryptographic ProtocolsACM Transactions on Computational Logic10.1145/292671517:4(1-32)Online publication date: 20-Sep-2016
https://dl.acm.org/doi/10.1145/2926715
Barthe GCrespo JGrégoire BKunz CLakhnech YSchmidt BZanella-Béguelin SSadeghi AGligor VYung M(2013)Fully automated analysis of padding-based encryption in the computational modelProceedings of the 2013 ACM SIGSAC conference on Computer & communications security10.1145/2508859.2516663(1247-1260)Online publication date: 4-Nov-2013
https://dl.acm.org/doi/10.1145/2508859.2516663
Show More Cited By

Index Terms

YAPA: A Generic Tool for Computing Intruder Knowledge
1. Theory of computation
  1. Formal languages and automata theory
    1. Formalisms
      1. Algebraic language theory

Index terms have been assigned to the content through auto-classification.

Recommendations

YAPA: A Generic Tool for Computing Intruder Knowledge

Reasoning about the knowledge of an attacker is a necessary step in many formal analyses of security protocols. In the framework of the applied pi-calculus, as in similar languages based on equational logics, knowledge is typically expressed by two ...
Intuitionistic Trilattice Logics

We take up a suggestion by Odintsov (2009, Studia Logica, 91, 407–428) and define intuitionistic variants of certain logics arising from the trilattice SIXTEEN₃ introduced in Shramko and Wansing (2005, Journal of Philosophical Logic, 34, 121–153 and ...
Termination of rewrite relations on λ-terms based on Girard's notion of reducibility

In this paper, we show how to extend the notion of reducibility introduced by Girard for proving the termination of β-reduction in the polymorphic λ-calculus, to prove the termination of various kinds of rewrite relations on λ-terms, including rewriting ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

RTA '09: Proceedings of the 20th International Conference on Rewriting Techniques and Applications

June 2009

390 pages

ISBN:9783642023477

Editor:
Ralf Treinen
Laboratoire PPS, Université Paris Diderot - Paris 7, CNRS, Paris, France

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 19 June 2009

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

10
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 11 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Abadi MBlanchet BFournet C(2017)The Applied Pi CalculusJournal of the ACM10.1145/312758665:1(1-41)Online publication date: 26-Oct-2017
https://dl.acm.org/doi/10.1145/3127586
Chadha RCheval VCiobâcă ŞKremer S(2016)Automated Verification of Equivalence Properties of Cryptographic ProtocolsACM Transactions on Computational Logic10.1145/292671517:4(1-32)Online publication date: 20-Sep-2016
https://dl.acm.org/doi/10.1145/2926715
Barthe GCrespo JGrégoire BKunz CLakhnech YSchmidt BZanella-Béguelin SSadeghi AGligor VYung M(2013)Fully automated analysis of padding-based encryption in the computational modelProceedings of the 2013 ACM SIGSAC conference on Computer & communications security10.1145/2508859.2516663(1247-1260)Online publication date: 4-Nov-2013
https://dl.acm.org/doi/10.1145/2508859.2516663
Baudet MCortier VDelaune S(2013)YAPAACM Transactions on Computational Logic10.1145/2422085.242208914:1(1-32)Online publication date: 1-Feb-2013
https://dl.acm.org/doi/10.1145/2422085.2422089
Arapinis MBursuc SRyan M(2012)Reduction of equational theories for verification of trace equivalenceProceedings of the First international conference on Principles of Security and Trust10.1007/978-3-642-28641-4_10(169-188)Online publication date: 24-Mar-2012
https://dl.acm.org/doi/10.1007/978-3-642-28641-4_10
Escobar SKapur DLynch CMeadows CMeseguer JNarendran PSasse RSchneider-Kamp PHanus M(2011)Protocol analysis in Maude-NPA using unification modulo homomorphic encryptionProceedings of the 13th international ACM SIGPLAN symposium on Principles and practices of declarative programming10.1145/2003476.2003488(65-76)Online publication date: 20-Jul-2011
https://dl.acm.org/doi/10.1145/2003476.2003488
Sasse REscobar SMeadows CMeseguer J(2010)Protocol analysis modulo combination of theoriesProceedings of the 6th international conference on Security and trust management10.5555/2050149.2050160(163-178)Online publication date: 23-Sep-2010
https://dl.acm.org/doi/10.5555/2050149.2050160
Conchinha BBasin DCaleiro C(2010)Efficient decision procedures for message deducibility and static equivalenceProceedings of the 7th International conference on Formal aspects of security and trust10.5555/1964555.1964558(34-49)Online publication date: 16-Sep-2010
https://dl.acm.org/doi/10.5555/1964555.1964558
Chevalier YRusinowitch M(2010)Compiling and securing cryptographic protocolsInformation Processing Letters10.1016/j.ipl.2009.11.004110:3(116-122)Online publication date: 1-Jan-2010
https://dl.acm.org/doi/10.1016/j.ipl.2009.11.004
Cheval VComon-Lundh HDelaune S(2010)Automating security analysisProceedings of the 5th international conference on Automated Reasoning10.1007/978-3-642-14203-1_35(412-426)Online publication date: 16-Jul-2010
https://dl.acm.org/doi/10.1007/978-3-642-14203-1_35

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents