DEEPSEC: Deciding Equivalence Properties in Security Protocols - Theory and Practice

Vincent Cheval 1 Steve Kremer 1 Itsaka Rakotonirina 1
1 PESTO - Proof techniques for security protocols
Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : Automated verification has become an essential part in the security evaluation of cryptographic protocols. Recently, there has been a considerable effort to lift the theory and tool support that existed for reachability properties to the more complex case of equivalence properties. In this paper we contribute both to the theory and practice of this verification problem. We establish new complexity results for static equivalence, trace equivalence and labelled bisimilarity and provide a decision procedure for these equivalences in the case of a bounded number of sessions. Our procedure is the first to decide trace equivalence and labelled bisimilarity exactly for a large variety of cryptographic primitives—those that can be represented by a subterm convergent destructor rewrite system. We implemented the procedure in a new tool, DEEPSEC. We showed through extensive experiments that it is significantly more efficient than other similar tools, while at the same time raises the scope of the protocols that can be analysed.
Document type :
Conference papers
Complete list of metadatas

Cited literature [44 references]  Display  Hide  Download

https://hal.inria.fr/hal-01763122
Contributor : Steve Kremer <>
Submitted on : Tuesday, April 10, 2018 - 5:29:56 PM
Last modification on : Tuesday, December 18, 2018 - 4:38:25 PM

File

main.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01763122, version 1

Collections

Citation

Vincent Cheval, Steve Kremer, Itsaka Rakotonirina. DEEPSEC: Deciding Equivalence Properties in Security Protocols - Theory and Practice. 39th IEEE Symposium on Security and Privacy, May 2018, San Francisco, United States. ⟨hal-01763122⟩

Share

Metrics

Record views

435

Files downloads

128