Complexity of Checking Freshness of Cryptographic Protocols

Freshness is a central security issue for cryptographic protocols and is the security goal violated by replay attacks. This paper is the first to formally define freshness and its attacks based on role instances and the attacker’s involvement, and is the first work to investigate the complexity of checking freshness. We discuss and prove a series of complexity results of checking freshness in several different scenarios, where the attacker’s behavior is restricted differently, with different bounds on the number of role instances in a run. ∗ Research supported in part by NSF grants CCF 0306475 and CNS 0755500. † This paper covers our paper [1] accepted by ICISS08 and provides more details.