Complexity of fairness constraints for the Dolev-Yao attacker model
Pages 1502 - 1509
Abstract
Liveness properties do, in general, not hold in the Dolev-Yao attacker model, unless we assume that certain communication channels are resilient, i.e. they do not lose messages. The resilient channels assumption can be seen as a fairness constraint for the Dolev-Yao attacker model. Here we study the complexity of expressing such fairness constraints for the most common interpretation of the Dolev-Yao model, in which the attacker is the communication medium. We give reference models which describe how resilient channels behave, with unbounded and bounded communication buffers. Then we show that, for checking liveness security requirements, any fairness constraint that makes this common interpretation of the Dolev-Yao model sound and complete w.r.t. the unbounded (resp. bounded) reference model is not an ω-regular (resp. locally testable) language. These results stem from the complexity of precisely capturing the behavior of resilient channels, and indicate that verification of liveness security requirements in this interpretation of the Dolev-Yao model cannot be automated efficiently.
References
[1]
M. Abadi and B. Blanchet. Computer-assisted verification of a protocol for certified email. Sci. Comput. Program., 58(1--2): 3--27, 2005.
[2]
L. Aceto, R. van Glabbeek, W. Fokkink, and A. Ingólfsdóttir. Axiomatizing prefix iteration with silent steps. Inf. Comput., 127(1): 26--40, 1996.
[3]
B. Alpern and F. Schneider. Defining liveness. Inf. Proc. Let., 21(4): 181--185, 1985.
[4]
A. Armando, R. Carbone, and L. Compagna. LTL model checking for security protocols. In CSF '07, pages 385--396. IEEE CS, 2007.
[5]
N. Asokan, V. Shoup, and M. Waidner. Optimistic fair exchange of digital signatures. IEEE J. on Selected Areas in Communications, 18(4): 593--610, 2000.
[6]
G. Bella and L. Paulson. Accountability protocols: Formalized and verified. ACM Trans. Inf. Syst. Secur., 9(2): 138--161, 2006.
[7]
B. Blanchet. An efficient cryptographic protocol verifier based on Prolog rules. In CSFW '01, page 82. IEEE Computer Society, 2001.
[8]
E. Clarke, S. Jha, and W. Marrero. Verifying security protocols with Brutus. ACM Trans. Softw. Eng. Methodol., 9(4): 443--487, 2000.
[9]
V. Cortier, R. Küsters, and B. Warinschi. A cryptographic model for branching time security properties. In ESORICS, volume 4734 of LNCS, pages 422--37, 2007.
[10]
D. Dolev and A. Yao. On the security of public key protocols. IEEE Trans. on Information Theory, IT-29(2): 198--208, 1983.
[11]
E. Emerson. Temporal and modal logic. In Leeuwen {16}, pages 995--1072.
[12]
N. Francez. Fairness. Springer, 1986.
[13]
S. Gürgens, C. Rudolph, and H. Vogt. On the security of fair non-repudiation protocols. Int. J. Inf. Sec., 4(4): 253--262, 2005.
[14]
D. Kähler, R. Küsters, and T. Truderung. Infinite state AMC-model checking for cryptographic protocols. In LICS '07, pages 181--192. IEEE CS, 2007.
[15]
S. Kremer and J. Raskin. A game-based verification of non-repudiation and fair exchange protocols. In CONCUR '01, volume 2154 of LNCS, pages 551--565, 2001.
[16]
J. van Leeuwen, editor. Handbook of theoretical computer science (vol. B): Formal models and semantics. MIT, 1990.
[17]
N. Lynch. Distributed Algorithms. Morgan Kaufmann Publishers, 1996.
[18]
R. McNaughton and S. Papert. Counter-Free Automata. MIT Press, 1971.
[19]
C. Meadows. Ordering from satan's menu: A survey of requirements specification for formal analysis of cryptographic protocols. Sci. Comput. Program., 50(1--3): 3--22, 2004.
[20]
J. Millen and V. Shmatikov. Constraint solving for bounded-process cryptographic protocol analysis. In CCS '01, pages 166--175. ACM Press, 2001.
[21]
M. Rusinowitch and M. Turuani. Protocol insecurity with finite number of sessions is NP-complete. In CSFW '01, page 174. IEEE CS, 2001.
[22]
A. Sistla. Safety, liveness and fairness in temporal logic. FAC, 6(5): 495--512, 1994.
[23]
W. Thomas. Automata on infinite objects. In Leeuwen {16}, pages 133--191.
[24]
K. Wei and J. Heather. A theorem-proving approach to verification of fair non-repudiation protocols. In FAST '06, volume 4691 of LNCS, pages 202--219, 2007.
Index Terms
- Complexity of fairness constraints for the Dolev-Yao attacker model
Recommendations
Weakening the Dolev-Yao model through probability
SIN '09: Proceedings of the 2nd international conference on Security of information and networksThe Dolev-Yao model has been widely used in protocol verification and has been implemented in many protocol verifiers. There are strong assumptions underlying this model, such as perfect cryptography: the aim of the present work is to propose an ...
Decision and Complexity of Dolev-Yao Hyperproperties
The formal analysis of cryptographic protocols traditionally focuses on trace and equivalence properties, for which decision procedures in the symbolic (or Dolev-Yao, or DY) model are known. However, many relevant security properties are expressed as DY ...
Limits of the BRSIM/UC soundness of Dolev–Yao-style XOR
The abstraction of cryptographic operations by term algebras, called Dolev–Yao models, is essential in almost all tool-supported methods for proving security protocols. Recently significant progress was made in proving that Dolev–Yao models can be sound ...
Comments
Information & Contributors
Information
Published In
March 2011
1868 pages
ISBN:9781450301138
DOI:10.1145/1982185
- Conference Chairs:
- William Chu,
- W. Eric Wong,
- Program Chairs:
- Mathew J. Palakal,
- Chih-Cheng Hung
Copyright © 2011 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 21 March 2011
Check for updates
Qualifiers
- Research-article
Funding Sources
Conference
SAC'11
Sponsor:
Acceptance Rates
Overall Acceptance Rate 1,650 of 6,669 submissions, 25%
Upcoming Conference
SAC '25
- Sponsor:
- sigapp
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 79Total Downloads
- Downloads (Last 12 months)3
- Downloads (Last 6 weeks)1
Reflects downloads up to 23 Dec 2024
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in