HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Conference papers

Deciding the Security of Protocols with Commuting Public Key Encryption.

Yannick Chevalier 1 Ralf Küsters Michaël Rusinowitch 1 Mathieu Turuani 1
1 CASSIS - Combination of approaches to the security of infinite states systems
FEMTO-ST - Franche-Comté Électronique Mécanique, Thermique et Optique - Sciences et Technologies (UMR 6174), Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : We show that deciding insecurity of cryptographic protocols for finite sessions and commuting publi keys is in NP. Many cryptographic protocols and attacks on these protocols make use of the fact that the order in which encryption is performed does not affect the result of the encryption, i.e. encryption is commutative. However, most models for the automatic analysis of cryptographic protocols can not handle such encryption functions since in these models the message space is considered a free term algebra. In this paper, we present an NP decision procedure for the insecurity of protocols that employ RSA encryption, which is one of the most important instances of commuting public key encryption.
Complete list of metadata

Contributor : Publications Loria Connect in order to contact the contributor
Submitted on : Tuesday, September 26, 2006 - 10:13:21 AM
Last modification on : Friday, January 21, 2022 - 3:08:57 AM


  • HAL Id : inria-00100013, version 1


Yannick Chevalier, Ralf Küsters, Michaël Rusinowitch, Mathieu Turuani. Deciding the Security of Protocols with Commuting Public Key Encryption.. Workshop on Automated Reasoning for Security Protocol Analysis - ARSPA'2004, Jul 2004, Cork, Ireland. 11 p. ⟨inria-00100013⟩



Record views