A small bound on the number of sessions for security protocols - Irisa Accéder directement au contenu
Communication Dans Un Congrès Année : 2022

A small bound on the number of sessions for security protocols

Résumé

Bounding the number of sessions is a long-standing problem in the context of security protocols. It is well known that even simple properties like secrecy are undecidable when an unbounded number of sessions is considered. Yet, attacks on existing protocols only require a few sessions.In this paper, we propose a sound algorithm that computes a sufficient set of scenarios that need to be considered to detect an attack. Our approach can be applied for both reachability and equivalence properties, for protocols with standard primitives thatare type-compliant (unifiable messages have the same type). Moreover, when equivalence properties are considered, else branches are disallowed, and protocols are supposed to be simple (an attacker knows from which role and session a message comes from).Since this class remains undecidable, ouralgorithm may return an infinite set. However, our experiments show that on most basic protocols of the literature, our algorithm computesa small number of sessions (a dozen). As a consequence, tools for a bounded number of sessions like DeepSec can then be used to conclude that a protocol is secure for an unbounded number of sessions.
Fichier principal
Vignette du fichier
main.pdf (495.44 Ko) Télécharger le fichier
supplementary-material.tar.gz (501.84 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Format : Autre

Dates et versions

hal-03473179 , version 1 (25-01-2022)

Identifiants

  • HAL Id : hal-03473179 , version 1

Citer

Véronique Cortier, Antoine Dallon, Stéphanie Delaune. A small bound on the number of sessions for security protocols. CSF 2022 - 35th IEEE Computer Security Foundations Symposium, Aug 2022, Haifa, Israel. ⟨hal-03473179⟩
123 Consultations
176 Téléchargements

Partager

Gmail Facebook X LinkedIn More