Skip to Main content Skip to Navigation
Journal articles

A decidable class of security protocols for both reachability and equivalence properties

Abstract : We identify a new decidable class of security protocols, both for reachability and equivalence properties. Our result holds for an unbounded number of sessions and for protocols with nonces. It covers all standard cryptographic primitives. Our class sets up three main assumptions. (i) Protocols need to be "simple", meaning that an attacker can precisely identify from which participant and which session a message originates from. We also consider protocols with no else branches (only positive test). (ii) Protocols should be type-compliant, which is intuitively guaranteed as soon as two encrypted messages of the protocol cannot be confused. (iii) Finally, we define the notion of a dependency graph, which, given a protocol, characterises how actions depend on the other ones (both sequential dependencies and data dependencies are taken into account). Whenever the graph is acyclic, then the protocol falls into our class. We show that many protocols of the literature belong to our decidable class, including for example some of the protocols embedded in the biometric passport.
Document type :
Journal articles
Complete list of metadatas

Cited literature [35 references]  Display  Hide  Download
Contributor : Véronique Cortier <>
Submitted on : Friday, November 13, 2020 - 9:16:23 PM
Last modification on : Wednesday, November 18, 2020 - 3:12:13 AM


Files produced by the author(s)



Véronique Cortier, Stéphanie Delaune, Vaishnavi Sundararajan. A decidable class of security protocols for both reachability and equivalence properties. Journal of Automated Reasoning, Springer Verlag, 2020, ⟨10.1007/s10817-020-09582-9⟩. ⟨hal-03005036⟩



Record views


Files downloads