Symbolic Protocol Analysis with Products and Diffie-Hellman Exponentiation
نویسندگان
چکیده
We demonstrate that for any well-defined cryptographic protocol, the symbolic trace reachability problem in the presence of an Abelian group operator (e.g., multiplication) can be reduced to solvability of a particular system of quadratic Diophantine equations. This result enables formal analysis of protocols that employ primitives such as Diffie-Hellman exponentiation, products, and xor, with a bounded number of role instances, but without imposing any bounds on the size of terms created by the attacker. In the case of xor, the resulting system of Diophantine equations is decidable. In the case of a general Abelian group, decidability remains an open question, but our reduction demonstrates that standard mathematical techniques for solving systems of Diophantine equations are sufficient for the discovery of protocol insecurities.
منابع مشابه
On the Symbolic Analysis of Low-Level Cryptographic Primitives: Modular Exponentiation and the Diffie-Hellman Protocol
Automatic methods developed so far for analysis of security protocols only model a limited set of cryptographic primitives (often, only encryption and concatenation) and abstract from low-level features of cryptographic algorithms. This paper is an attempt towards closing this gap. We propose a symbolic technique and a decision method for analysis of protocols based on modular exponentiation, s...
متن کاملSymbolic protocol analysis with an Abelian group operator or Diffie-Hellman exponentiation
We demonstrate that for any well-defined cryptographic protocol, the symbolic trace reachability problem in the presence of an Abelian group operator (e.g., multiplication) can be reduced to solvability of a decidable system of quadratic Diophantine equations. This result enables complete, fully automated formal analysis of protocols that employ primitives such as Diffie-Hellman exponentiation,...
متن کاملDeciding the Security of Protocols with Diffie-Hellman Exponentiation and Products in Exponents
We present an NP decision procedure for the formal analysis of protocols in presence of modular exponentiation with products allowed in exponents. The number of factors that may appear in products is unlimited. We illustrate that our model is powerful enough to uncover known attacks on the A-GDH.2 protocol suite.
متن کاملSoundness of Symbolic Equivalence for Modular Exponentiation
In this paper, we study the Dynamic Decisional Diffie-Hellman (3DH) problem, a powerful generalization of the Decisional Diffie-Hellman (DDH) problem. Our main result is that DDH implies 3DH. This result leads to significantly simpler proofs for protocols by relying directly on the more general problem. Our second contribution is a computationally sound symbolic technique for reasoning about pr...
متن کاملComputationally Sound Verification of Security Protocols Using Diffie-Hellman Exponentiation
Recently, it has been proved that computational security can be automatically verified using the Dolev-Yao abstraction. We extend these results by adding a widely used component for cryptographic protocols: Diffie-Hellman exponentiation. Thus our main result is: if the Decisional Diffie-Hellman assumption is verified and the cryptographic primitives used to implement the protocol are secure, th...
متن کامل