Abstract
Purchase PDF (441 K)
E-mail Article
Add to my Quick Links
Cited By in Scopus (0)
Purchase PDF (438 K)
doi:10.1016/j.entcs.2007.02.054 
Copyright © 2007 Elsevier B.V. All rights reserved.
Intruder Deduction for the Equational Theory of Exclusive-or with Commutative and Distributive Encryption1
References and further reading may be available for this article. To view references and further reading you must purchase this article.
Pascal Lafourcadea
Available online 29 June 2007.
Abstract
The first step in the verification of cryptographic protocols is to decide the intruder deduction problem, that is the vulnerability to a so-called passive attacker. We extend the Dolev-Yao model in order to model this problem in presence of the equational theory of a commutative encryption operator which distributes over the exclusive-or operator. The interaction between the commutative distributive law of the encryption and exclusive-or offers more possibilities to decrypt an encrypted message than in the non-commutative case, which imply a more careful analysis of the proof system. We prove decidability of the intruder deduction problem for a commutative encryption which distributes over exclusive-or with a DOUBLE-EXP-TIME procedure. And we obtain that this problem is EXPSPACE-hard in the binary case.
Keywords: Cryptoprotocal verification; Dolev-Yau model; intruder detection problem
1This work was partially supported by the DGA (Contrat n° 06 60 019 00 470 75 01), the research program ACI-SI Rossignol, and the project RNTL PROUVÉ (n° 03 V 360).
