Satisfiability of General Intruder Constraints with and without a Set Constructor
نویسندگان
چکیده
Many decision problems on security protocols can be reduced to solving socalled intruder constraints in the Dolev Yao model. Most constraint solving procedures for cryptographic protocol security rely on two properties of constraint systems called knowledge monotonicity and variable-origination. In this work we relax these restrictions by giving an NP decision procedure for solving general intruder constraints (that do not have these properties). Our result extends a rst work by L. Mazaré in several directions: we allow non-atomic keys, and an associative, commutative and idempotent symbol (for modeling sets). We also discuss several new applications of our result. Key-words: Security, Constraint solving, Dolev-Yao intruder, equational theory, ACI ∗ CASSIS, Loria-INRIA Grand Est, [email protected] † IRIT-Université Paul Sabatier, [email protected] ‡ CASSIS, Loria-INRIA Grand Est, [email protected] § CASSIS, Loria-INRIA Grand Est, [email protected] in ria -0 04 80 63 2, v er si on 3 21 M ay 2 01 0 Satis abilité des systèmes de contraintes généraux avec et sans constructeur d'ensemble Résumé : De nombreux problèmes de décision relatifs à la sécurité des protocoles cryptographiques peuvent être réduits à la résolution de ce que l'on appelle contraintes d'intrus dans le modèle de Dolev Yao . La plupart des procédures de résolution de contraintes pour la sécurité des protocoles se basent sur deux propriétés de ces systèmes appelées monotonie des connaissances et ordonnancement des variables. Dans ce travail nous relâchons ces restrictions en présentant une procédure de décision dans NP pour la résolution de contraintes d'intrus générales, c'est à dire non soumises aux deux propriétés précédentes. Notre résultat prolonge un premier travail de L. Mazaré dans plusieurs directions: nous autorisons les clés non-atomique, ainsi qu'un symbole associatif, commutatif et idempotent (pour modéliser les ensembles). Nous considérons également de nouvelles applications de ce résultat. Mots-clés : Sécurité, résolution de contraintes, intrus de Dolev-Yao, théorie équationelle, ACI in ria -0 04 80 63 2, v er si on 3 21 M ay 2 01 0 Satis ability of General Intruder Constraints with and without a Set Constructor 3
منابع مشابه
Tarskian Set Constraints
We investigate set constraints over set expressions with Tarskian functional and relational operations. Unlike the Herbrand constructor symbols used in recent set constraint formalisms, the meaning of a Tarskian function symbol is interpreted in an arbitrary first order structure. We show that satisfiability of Tarskian set constraints is decidable in nondeterministic doubly exponential time. W...
متن کاملSet Constraints with Intersection
Set constraints are inclusions between expressions denoting sets of trees. The eficiency of their satisfiabili ty test is a central issue in set-based program analysis, their main application domain. W e introduce the class of set constraints with intersection (the only operators forming the expressions are constructors and intersection) and show that i ts satisfiability problem as DEXPTIME-com...
متن کاملA Decision Procedure for Solving Constraint Systems in Presence of Multiple Independent Intruders
We consider a model of multiple independent intruders that have no ability to share knowledge between each other. We use this model to analyze security in wireless ad-hoc networks, where each intruder has a local control in the network, i.e., he can read and send messages only to his direct neighbors. Another application is the mobile ambient calculus where several intruder processes are not ab...
متن کاملMultiple Independent Lazy Intruders
We consider a model of multiple independent intruders that have no ability to share knowledge between each other. We use this model to analyze security in wireless ad-hoc networks, where each intruder has a local control in the network, i.e., he can read and send messages only to his direct neighbors. Another application is the mobile ambient calculus where several intruder processes are not ab...
متن کاملDeciding Functional Lists with Sublist Sets
Motivated by the problem of deciding verification conditions for the verification of functional programs, we present new decision procedures for automated reasoning about functional lists. We first show how to decide in NP the satisfiability problem for logical constraints containing equality, constructor, selectors, as well as the transitive sublist relation. We then extend this class of const...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- J. Symb. Comput.
دوره 80 شماره
صفحات -
تاریخ انتشار 2017