Abstract
This paper extends existing models for collaborative systems. We investigate how much damage can be done by insiders alone, without collusion with an outside adversary. In contrast to traditional intruder models, such as in protocol security, all the players inside our system, including potential adversaries, have similar capabilities. They have bounded storage capacity, that is, they can only remember at any moment a bounded number of facts. This is technically imposed by only allowing balanced actions, that is, actions that have the same number of facts in their pre and post conditions. On the other hand, the adversaries inside our system have many capabilities of the standard Dolev-Yao intruder, namely, they are able, within their bounded storage capacity, to compose, decompose, overhear, and intercept messages as well as update values with fresh ones. We investigate the complexity of the decision problem of whether or not an adversary is able to discover secret data. We show that this problem is PSPACE-complete when all actions are balanced and can update values with fresh ones. As an application we turn to security protocol analysis and demonstrate that many protocol anomalies, such as the Lowe anomaly in the Needham-Schroeder public key exchange protocol, can also occur when the intruder is one of the insiders with bounded memory.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Amadio, R.M., Lugiez, D.: On the reachability problem in cryptographic protocols. In: Palamidessi, C. (ed.) CONCUR 2000. LNCS, vol. 1877, pp. 380–394. Springer, Heidelberg (2000)
Amadio, R.M., Lugiez, D., Vanackère, V.: On the symbolic reduction of processes with cryptographic functions. Theor. Comput. Sci. 290(1), 695–740 (2003)
Barth, A., Datta, A., Mitchell, J.C., Nissenbaum, H.: Privacy and contextual integrity: Framework and applications. In: IEEE Symposium on Security and Privacy (2006)
Barth, A., Mitchell, J.C., Datta, A., Sundaram, S.: Privacy and utility in business processes. In: CSF, pp. 279–294 (2007)
Butler, F., Cervesato, I., Jaggard, A.D., Scedrov, A., Walstad, C.: Formal analysis of Kerberos 5. Theor. Comput. Sci. 367(1-2), 57–87 (2006)
Cervesato, I., Jaggard, A.D., Scedrov, A., Tsay, J.-K., Walstad, C.: Breaking and fixing public-key Kerberos. Inf. Comput. 206(2-4), 402–424 (2008)
Chevalier, Y., Küsters, R., Rusinowitch, M., Turuani, M.: An NP decision procedure for protocol insecurity with XOR. Theor. Comput. Sci. 338(1-3), 247–274 (2005)
Church, A.: A formulation of the simple theory of types. J. Symbolic Logic 5, 56–68 (1940)
Clark, J., Jacob, J.: A survey of authentication protocol literature: Version 1.0 (1997), http://www.cs.york.ac.uk/~jac/papers/drareview.ps.gz
Comon-Lundh, H., Shmatikov, V.: Intruder deductions, constraint solving and insecurity decision in presence of exclusive or. In: LICS 2003, p. 271. IEEE Computer Society, Los Alamitos (2003)
Dolev, D., Yao, A.: On the security of public key protocols. IEEE Transactions on Information Theory 29(2), 198–208 (1983)
Durgin, N.A., Lincoln, P., Mitchell, J.C., Scedrov, A.: Multiset rewriting and the complexity of bounded security protocols. Journal of Computer Security 12(2), 247–311 (2004)
Esparza, J., Nielsen, M.: Decidability issues for Petri nets - a survey. Bulletin of the EATCS 52, 244–262 (1994)
Harrison, M.A., Ruzzo, W.L., Ullman, J.D.: On protection in operating systems. In: SOSP 1975, pp. 14–24. ACM, New York (1975)
Kanovich, M., Kirigin, T.B., Nigam, V., Scedrov, A.: Bounded memory Dolev-Yao adversaries in collaborative systems (2010), ftp://ftp.cis.upenn.edu/pub/papers/scedrov/FAST2010-TR.pdf
Kanovich, M., Kirigin, T.B., Nigam, V., Scedrov, A.: Progressing collaborative systems. In: FCS-PrivMod (2010)
Kanovich, M., Rowe, P., Scedrov, A.: Policy compliance in collaborative systems. In: CSF 2009, pp. 218–233. IEEE Computer Society, Los Alamitos (2009)
Kanovich, M., Rowe, P., Scedrov, A.: Collaborative planning with confidentiality. Journal of Automated Reasoning (2010) (to appear); This is an extended version of a previous paper which appeared in CSF 2007
Lowe, G.: Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147–166. Springer, Heidelberg (1996)
Milner, R.: Communicating and Mobile Systems: The π-calculus. Cambridge University Press, New York (1999)
Jones, Y.L.N.D., Landweber, L.H.: Complexity of some problems in Petri nets. Theoretical Computer Science 4, 277–299 (1977)
Roscoe, A.W.: Proving security protocols with model checkers by data independence techniques. In: CSFW, pp. 84–95 (1998)
Rusinowitch, M., Turuani, M.: Protocol insecurity with a finite number of sessions and composed keys is NP-complete. Theor. Comput. Sci. 299(1-3), 451–475 (2003)
Wang, G., Qing, S.: Two new attacks against Otway-Reese protocol. In: IFIP/SEC 2000, Information Security, pp. 137–139 (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kanovich, M., Ban Kirigin, T., Nigam, V., Scedrov, A. (2011). Bounded Memory Dolev-Yao Adversaries in Collaborative Systems. In: Degano, P., Etalle, S., Guttman, J. (eds) Formal Aspects of Security and Trust. FAST 2010. Lecture Notes in Computer Science, vol 6561. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-19751-2_2
Download citation
DOI: https://doi.org/10.1007/978-3-642-19751-2_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-19750-5
Online ISBN: 978-3-642-19751-2
eBook Packages: Computer ScienceComputer Science (R0)