Deciding the Security of Protocols with Commuting Public Key Encryption.

Yannick Chevalier; Ralf Küsters; Michaël Rusinowitch; Mathieu Turuani

Conference papers

Deciding the Security of Protocols with Commuting Public Key Encryption.

Yannick Chevalier ¹ Ralf Küsters Michaël Rusinowitch ¹ Mathieu Turuani ¹

1 CASSIS - Combination of approaches to the security of infinite states systems

FEMTO-ST - Franche-Comté Électronique Mécanique, Thermique et Optique - Sciences et Technologies (UMR 6174), INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications

Abstract : We show that deciding insecurity of cryptographic protocols for finite sessions and commuting publi keys is in NP. Many cryptographic protocols and attacks on these protocols make use of the fact that the order in which encryption is performed does not affect the result of the encryption, i.e. encryption is commutative. However, most models for the automatic analysis of cryptographic protocols can not handle such encryption functions since in these models the message space is considered a free term algebra. In this paper, we present an NP decision procedure for the insecurity of protocols that employ RSA encryption, which is one of the most important instances of commuting public key encryption.

Keywords : protocol deduction security sécurité protocole

Domain :

Computer Science [cs] / Cryptography and Security [cs.CR]

Computer Science [cs] / Other [cs.OH]

Complete list of metadatas

https://hal.inria.fr/inria-00100013
Contributor : Publications Loria <>
Submitted on : Tuesday, September 26, 2006 - 10:13:21 AM
Last modification on : Thursday, January 9, 2020 - 1:20:01 AM

Deciding the Security of Protocols with Commuting Public Key Encryption.

Identifiers

Collections

Citation

Export

Metrics

212

Contact Legal Notice Personal Data

Deciding the Security of Protocols with Commuting Public Key Encryption.

Identifiers

Collections

Citation

Export

Share

Metrics

212

Contact Legal Notice Personal Data