Cryptographic Protocol Verification Using Tractable Classes of Horn Clauses
نویسندگان
چکیده
We consider secrecy problems for cryptographic protocols modeled using Horn clauses and present general classes of Horn clauses which can be efficiently decided. Besides simplifying the methods for the class of flat and onevariable clauses introduced for modeling of protocols with single blind copying [7,25], we also generalize this class by considering k-variable clauses instead of one-variable clauses with suitable restrictions similar to those for the class S. This class allows to conveniently model protocols with joint blind copying. We show that for a fixed k, our new class can be decided in DEXPTIME, as in the case of one variable.
منابع مشابه
Automatic Verification of Cryptographic Protocols in First-Order Logic
In this paper, a new first-order logical framework and method of formalizing and verifying cryptographic protocols is presented. From the point of view of an intruder, the protocol and abilities of the intruder are modeled in Horn clauses. Based on deductive reasoning method, secrecy of cryptographic protocols is verified automatically, and if the secrecy is violated, attack scenarios can be pr...
متن کاملUsing Horn Clauses for Analyzing Security Protocols
This chapter presents a method for verifying security protocols based on an abstract representation of protocols by Horn clauses. This method is the foundation of the protocol verifier ProVerif. It is fully automatic, efficient, and can handle an unbounded number of sessions and an unbounded message space. It supports various cryptographic primitives defined by rewrite rules or equations. Even ...
متن کاملSolving Constrained Horn Clauses Using Dependence-Disjoint Expansions
Recursion-free Constrained Horn Clauses (CHCs) are logicprogramming problems that formulate verifying safety of programs with bounded iteration and recursion. They both formulate bounded verification problems and are generated by solvers that attempt to verify safety of unbounded iterative or recursive systems. Efficient solvers of recursion-free systems reduce the problem to solving a series o...
متن کاملA Logic for Automatic Verification of Cryptographic Protocols
this paper, a new first-order logical framework and method of formalizing and verifying cryptographic protocols is presented. From the point of view of an intruder, the protocol and abilities of the intruder are modeled in Horn clauses. Based on deductive reasoning method, secrecy of cryptographic protocols is verified automatically, and if the secrecy is violated, attack scenarios can be prese...
متن کاملVerifying C Cryptographic Protocol Implementations by Symbolic Execution
Many applications rely on complex cryptographic protocols for communicating over the insecure Internet (e.g., online banking, electronic commerce, social networks, etc). The C programming language is largely used in writing cryptographic software. Both the design of protocols and their C implementation are error prone. Recent years have seen a real progress in the formal verification of cryptog...
متن کامل