Skip to Main content Skip to Navigation

A decidable class of security protocols for both reachability and equivalence properties

Abstract : We identify a new decidable class of security protocols, both for reachability and equivalence properties. Our result holds for an unbounded number of sessions and for protocols with nonces. It covers all standard cryptographic primitives. Our class sets up three main assumptions. (i) Protocols need to be without else branch and "simple", meaning that an attacker can precisely identify from which participant and which session a message originates from. (ii) Protocols should be type-compliant which is intuitively guaranteed as soon as two encrypted messages of the protocol cannot be confused. (iii) Finally, we define the notion of dependency graph, which given a protocol, characterises how actions depend from the other ones. As soon as the graph is acyclic then the protocol falls into our class. We show that many protocols of the literature belong to our decidable class, including for example some of the protocols embedded in the biometric passport.
Document type :
Complete list of metadata

Cited literature [32 references]  Display  Hide  Download
Contributor : Véronique Cortier Connect in order to contact the contributor
Submitted on : Monday, January 20, 2020 - 4:24:36 PM
Last modification on : Friday, August 5, 2022 - 2:54:52 PM


Files produced by the author(s)


  • HAL Id : hal-02446170, version 1


Véronique Cortier, Stéphanie Delaune, Vaishnavi Sundararajan. A decidable class of security protocols for both reachability and equivalence properties. [Research Report] Loria & Inria Grand Est; Irisa. 2020. ⟨hal-02446170⟩



Record views


Files downloads