Protocol analysis modulo combination of theories: A case study in Maude-NPA
RiuNet: Repositorio Institucional de la Universidad Politécnica de Valencia
JavaScript is disabled for your browser. Some features of this site may not work without it.
Buscar en RiuNet
Listar
Mi cuenta
Estadísticas
Ayuda RiuNet
Admin. UPV
Protocol analysis modulo combination of theories: A case study in Maude-NPA
Mostrar el registro sencillo del ítem
Ficheros en el ítem
![[Cerrado]](/themes/UPV/images/candado.png)
| dc.contributor.author | Sasse, Ralf
|
es_ES |
| dc.contributor.author | Escobar Román, Santiago
|
es_ES |
| dc.contributor.author | Meadows, Catherine
|
es_ES |
| dc.contributor.author | Meseguer, José
|
es_ES |
| dc.date.accessioned | 2014-02-24T10:10:21Z | |
| dc.date.issued | 2011 | |
| dc.identifier.isbn | 978-3-642-22443-0 | |
| dc.identifier.issn | 0302-9743 | |
| dc.identifier.uri | http://hdl.handle.net/10251/35906 | |
| dc.description.abstract | There is a growing interest in formal methods and tools to analyze cryptographic protocols modulo algebraic properties of their underlying cryptographic functions. It is well-known that an intruder who uses algebraic equivalences of such functions can mount attacks that would be impossible if the cryptographic functions did not satisfy such equivalences. In practice, however, protocols use a collection of well-known functions, whose algebraic properties can naturally be grouped together as a union of theories E 1... ¿ n. Reasoning symbolically modulo the algebraic properties E 1... ¿ n requires performing (E 1... ¿ n)-unification. However, even if a unification algorithm for each individual E i is available, this requires combining the existing algorithms by methods that are highly non-deterministic and have high computational cost. In this work we present an alternative method to obtain unification algorithms for combined theories based on variant narrowing. Although variant narrowing is less efficient at the level of a single theory E i, it does not use any costly combination method. Furthermore, it does not require that each E i has a dedicated unification algorithm in a tool implementation. We illustrate the use of this method in the Maude-NPA tool by means of a well-known protocol requiring the combination of three distinct equational theories. © 2011 Springer-Verlag. | es_ES |
| dc.description.sponsorship | R. Sasse and J. Meseguer have been partially supported by NSF Grants CNS0716638, CNS-0831064 and CNS-0904749. S. Escobar has been partially supported by the EU (FEDER) and the Spanish MEC/MICINN under grant TIN 2007-68093- C02-02. C. Meadows has been partially supported by NSF Grant CNS-0904749 | |
| dc.description.sponsorship | National Science Foundation, EEUU | |
| dc.format.extent | 16 | es_ES |
| dc.language | Inglés | es_ES |
| dc.publisher | Springer Verlag (Germany) | es_ES |
| dc.relation.ispartof | Security and Trust Management | es_ES |
| dc.relation.ispartofseries | Lecture Notes in Computer Science;vol. 6710 | |
| dc.rights | Reserva de todos los derechos | es_ES |
| dc.subject | Cryptographic protocol verification | es_ES |
| dc.subject | Equational unification | es_ES |
| dc.subject | Exclusive or | es_ES |
| dc.subject | Narrowing | es_ES |
| dc.subject | Variants | es_ES |
| dc.subject.classification | LENGUAJES Y SISTEMAS INFORMATICOS | es_ES |
| dc.title | Protocol analysis modulo combination of theories: A case study in Maude-NPA | es_ES |
| dc.type | Capítulo de libro | es_ES |
| dc.embargo.lift | 10000-01-01 | |
| dc.embargo.terms | forever | es_ES |
| dc.identifier.doi | 10.1007/978-3-642-22444-7_11 | |
| dc.relation.projectID | info:eu-repo/grantAgreement/NSF//0716638/US/CT-ISG: Attacker Models and Verification Methods for End-to-End Protocol Security/ | es_ES |
| dc.relation.projectID | info:eu-repo/grantAgreement/NSF//0904749/US/TC: Medium: Collaborative Research: Unification Laboratory: Increasing the Power of Cryptographic Protocol Analysis Tools/ | es_ES |
| dc.relation.projectID | info:eu-repo/grantAgreement/NSF//0831064/US/Collaborative Research: CT-M: Unification Laboratory for Cryptographic Protocol Analysis/ | es_ES |
| dc.relation.projectID | info:eu-repo/grantAgreement/MEC//TIN2007-68093-C02-02/ES/TECHNOLOGICS-UPV/ | es_ES |
| dc.rights.accessRights | Abierto | es_ES |
| dc.contributor.affiliation | Universitat Politècnica de València. Departamento de Sistemas Informáticos y Computación - Departament de Sistemes Informàtics i Computació | es_ES |
| dc.description.bibliographicCitation | Sasse, R.; Escobar Román, S.; Meadows, C.; Meseguer, J. (2011). Protocol analysis modulo combination of theories: A case study in Maude-NPA. En Security and Trust Management. Springer Verlag (Germany). 6710:163-178. https://doi.org/10.1007/978-3-642-22444-7_11 | es_ES |
| dc.description.accrualMethod | S | es_ES |
| dc.relation.conferencename | 6th International Workshop, STM 2010 | es_ES |
| dc.relation.conferencedate | September 23-24, 2010 | es_ES |
| dc.relation.conferenceplace | Athens, Greece | es_ES |
| dc.relation.publisherversion | http://link.springer.com/chapter/10.1007/978-3-642-22444-7_11 | es_ES |
| dc.description.upvformatpinicio | 163 | es_ES |
| dc.description.upvformatpfin | 178 | es_ES |
| dc.type.version | info:eu-repo/semantics/publishedVersion | es_ES |
| dc.description.volume | 6710 | es_ES |
| dc.relation.senia | 217818 | |
| dc.contributor.funder | National Science Foundation, EEUU | |
| dc.contributor.funder | European Regional Development Fund | |
| dc.contributor.funder | Ministerio de Educación y Ciencia | |
| dc.description.references | Abadi, M., Cortier, V.: Deciding knowledge in security protocols under equational theories. Theoretical Computer Science 367(1-2), 2–32 (2006) | es_ES |
| dc.description.references | Armando, A., Basin, D.A., Boichut, Y., Chevalier, Y., Compagna, L., Cuéllar, J., Drielsma, P.H., Héam, P.-C., Kouchnarenko, O., Mantovani, J., Mödersheim, S., von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Viganò, L., Vigneron, L.: The avispa tool for the automated validation of internet security protocols and applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005) | es_ES |
| dc.description.references | Baader, F., Schulz, K.U.: Unification in the union of disjoint equational theories: Combining decision procedures. In: Kapur, D. (ed.) CADE 1992. LNCS, vol. 607, pp. 50–65. Springer, Heidelberg (1992) | es_ES |
| dc.description.references | Basin, D.A., Mödersheim, S., Viganò, L.: An on-the-fly model-checker for security protocol analysis. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 253–270. Springer, Heidelberg (2003) | es_ES |
| dc.description.references | Baudet, M., Cortier, V., Delaune, S.: YAPA: A generic tool for computing intruder knowledge. In: Treinen, R. (ed.) RTA 2009. LNCS, vol. 5595, pp. 148–163. Springer, Heidelberg (2009) | es_ES |
| dc.description.references | Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: CSFW, pp. 82–96. IEEE Computer Society, Los Alamitos (2001) | es_ES |
| dc.description.references | Bursuc, S., Comon-Lundh, H.: Protocol security and algebraic properties: Decision results for a bounded number of sessions. In: Treinen, R. (ed.) RTA 2009. LNCS, vol. 5595, pp. 133–147. Springer, Heidelberg (2009) | es_ES |
| dc.description.references | Chevalier, Y., Küsters, R., Rusinowitch, M., Turuani, M.: An NP decision procedure for protocol insecurity with XOR. In: LICS, pp. 261–270. IEEE Computer Society, Los Alamitos (2003) | es_ES |
| dc.description.references | Chevalier, Y., Rusinowitch, M.: Hierarchical combination of intruder theories. Inf. Comput. 206(2-4), 352–377 (2008) | es_ES |
| dc.description.references | Chevalier, Y., Rusinowitch, M.: Symbolic protocol analysis in the union of disjoint intruder theories: Combining decision procedures. Theor. Comput. Sci. 411(10), 1261–1282 (2010) | es_ES |
| dc.description.references | Ciobâcă, Ş., Delaune, S., Kremer, S.: Computing knowledge in security protocols under convergent equational theories. In: Schmidt, R.A. (ed.) CADE-22. LNCS, vol. 5663, pp. 355–370. Springer, Heidelberg (2009) | es_ES |
| dc.description.references | Comon-Lundh, H., Delaune, S.: The finite variant property: How to get rid of some algebraic properties. In: Giesl, J. (ed.) RTA 2005. LNCS, vol. 3467, pp. 294–307. Springer, Heidelberg (2005) | es_ES |
| dc.description.references | Cortier, V., Delaitre, J., Delaune, S.: Safely composing security protocols. In: Arvind, V., Prasad, S. (eds.) FSTTCS 2007. LNCS, vol. 4855, pp. 352–363. Springer, Heidelberg (2007) | es_ES |
| dc.description.references | Cremers, C.J.F.: The scyther tool: Verification, falsification, and analysis of security protocols. In: Gupta, A., Malik, S. (eds.) CAV 2008. LNCS, vol. 5123, pp. 414–418. Springer, Heidelberg (2008) | es_ES |
| dc.description.references | Escobar, S., Meadows, C., Meseguer, J.: A rewriting-based inference system for the NRL protocol analyzer and its meta-logical properties. Theoretical Computer Science 367(1-2), 162–202 (2006) | es_ES |
| dc.description.references | Escobar, S., Meadows, C., Meseguer, J.: Maude-NPA: Cryptographic protocol analysis modulo equational properties. In: Aldini, A., Barthe, G., Gorrieri, R. (eds.) FOSAD 2007/2008/2009 Tutorial Lectures. LNCS, vol. 5705, pp. 1–50. Springer, Heidelberg (2009) | es_ES |
| dc.description.references | Escobar, S., Meseguer, J., Sasse, R.: Effectively checking or disproving the finite variant property. Technical Report UIUCDCS-R-2008-2960, Department of Computer Science - University of Illinois at Urbana-Champaign (April 2008) | es_ES |
| dc.description.references | Escobar, S., Meseguer, J., Sasse, R.: Effectively checking the finite variant property. In: Voronkov, A. (ed.) RTA 2008. LNCS, vol. 5117, pp. 79–93. Springer, Heidelberg (2008) | es_ES |
| dc.description.references | Escobar, S., Meseguer, J., Sasse, R.: Variant narrowing and equational unification. Electr. Notes Theor. Comput. Sci. 238(3), 103–119 (2009) | es_ES |
| dc.description.references | Escobar, S., Sasse, R., Meseguer, J.: Folding variant narrowing and optimal variant termination. In: Ölveczky, P.C. (ed.) WRLA 2010. LNCS, vol. 6381, pp. 52–68. Springer, Heidelberg (2010) | es_ES |
| dc.description.references | Fabrega, F.J.T., Herzog, J., Guttman, J.: Strand Spaces: What Makes a Security Protocol Correct? Journal of Computer Security 7, 191–230 (1999) | es_ES |
| dc.description.references | Guo, Q., Narendran, P.: Unification and matching modulo nilpotence. In: CADE-13. LNCS, vol. 1104, pp. 261–274. Springer, Heidelberg (1996) | es_ES |
| dc.description.references | Harkins, D., Carrel, D.: The Internet Key Exchange (IKE), IETF RFC 2409, (November 1998) | es_ES |
| dc.description.references | Jouannaud, J.-P., Kirchner, C., Kirchner, H.: Incremental construction of unification algorithms in equational theories. In: Díaz, J. (ed.) ICALP 1983. LNCS, vol. 154, pp. 361–373. Springer, Heidelberg (1983) | es_ES |
| dc.description.references | Küsters, R., Truderung, T.: Reducing protocol analysis with xor to the xor-free case in the Horn theory based approach. In: ACM Conference on Computer and Communications Security, pp. 129–138 (2008) | es_ES |
| dc.description.references | Küsters, R., Truderung, T.: Using ProVerif to analyze protocols with Diffie-Hellman exponentiation. In: CSF, pp. 157–171. IEEE Computer Society, Los Alamitos (2009) | es_ES |
| dc.description.references | Lafourcade, P., Terrade, V., Vigier, S.: Comparison of cryptographic verification tools dealing with algebraic properties. In: Degano, P., Guttman, J.D. (eds.) FAST 2009. LNCS, vol. 5983, pp. 173–185. Springer, Heidelberg (2010) | es_ES |
| dc.description.references | Lowe, G.: Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996) | es_ES |
| dc.description.references | Meadows, C.: The NRL protocol analyzer: An overview. J. Log. Program. 26(2), 113–131 (1996) | es_ES |
| dc.description.references | Meseguer, J.: Conditional rewriting logic as a united model of concurrency. Theor. Comput. Sci. 96(1), 73–155 (1992) | es_ES |
| dc.description.references | Meseguer, J.: Membership algebra as a logical framework for equational specification. In: Parisi-Presicce, F. (ed.) WADT 1997. LNCS, vol. 1376, pp. 18–61. Springer, Heidelberg (1998) | es_ES |
| dc.description.references | Meseguer, J., Thati, P.: Symbolic reachability analysis using narrowing and its application to verification of cryptographic protocols. Higher-Order and Symbolic Computation 20(1–2), 123–160 (2007) | es_ES |
| dc.description.references | Ohlebusch, E.: Advanced Topics in Term Rewriting. Springer, Heidelberg (2002) | es_ES |
| dc.description.references | Santiago, S., Talcott, C.L., Escobar, S., Meadows, C., Meseguer, J.: A graphical user interface for Maude-NPA. Electr. Notes Theor. Comput. Sci. 258(1), 3–20 (2009) | es_ES |
| dc.description.references | Schmidt-Schauß, M.: Unification in a combination of arbitrary disjoint equational theories. J. Symb. Comput. 8(1/2), 51–99 (1989) | es_ES |
| dc.description.references | Terese (ed.): Term Rewriting Systems. Cambridge University Press, Cambridge (2003) | es_ES |
| dc.description.references | Turuani, M.: The CL-atse protocol analyser. In: Pfenning, F. (ed.) RTA 2006. LNCS, vol. 4098, pp. 277–286. Springer, Heidelberg (2006) | es_ES |
Este ítem aparece en la(s) siguiente(s) colección(ones)
Universitat Politècnica de València. Unidad de Documentación Científica de la Biblioteca (+34) 96 387 70 85 · RiuNet@bib.upv.es
El contenido de este sitio está bajo una licencia Creative Commons Reconocimiento – No Comercial – Sin Obra Derivada (by-nc-nd), salvo que se indique lo contrario.
Los metadatos de este sitio están bajo una licencia Dominio Público.
