Skip to main content
SpringerLink
Log in

Computational Soundness Results for Stateful Applied \(\pi \) Calculus

  • Conference paper
Principles of Security and Trust (POST 2016)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9635))

Included in the following conference series:

  • 656 Accesses

Abstract

In recent years, many researches have been done to establish symbolic models of stateful protocols. Two works among them, the SAPIC tool and StatVerif tool, provide a high-level specification language and an automated analysis. Their language, the stateful applied \(\pi \) calculus, is extended from the applied \(\pi \) calculus by defining explicit state constructs. Symbolic abstractions of cryptography used in it make the analysis amenable to automation. However, this might overlook the attacks based on the algebraic properties of the cryptographic algorithms. In our paper, we establish the computational soundness results for stateful applied \(\pi \) calculus used in SAPIC tool and StatVerif tool.

In our approach, we build our results on the CoSP framework. For SAPIC, we embed the non-monotonic protocol states into the CoSP protocols, and prove that the resulting CoSP protocols are efficient. Through the embedding, we provide the computational soundness result for SAPIC (by TheoremĀ 1). For StatVerif, we encode the StatVerif process into a subset of SAPIC process, and obtain the computational soundness result for StatVerif (by TheoremĀ 2). Our encoding shows the differences between the semantics of the two languages. Our work inherits the modularity of CoSP, which allows for easily extending the proofs to specific cryptographic primitives. Thus we establish a computationally sound automated verification result for the input languages of SAPIC and StatVerif that use public-key encryption and signatures (by TheoremĀ 3).

Y. Qinā€”The research presented in this paper is supported by the National Basic Research Program of China (No. 2013CB338003) and National Natural Science Foundation of China (No. 91118006, No. 61202414).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Otherwise, the length of \(\pi \)-terms may grow exponentially by the iterated binding of variables. One example is the construct \(!([\text {Iter}(x)]-[]\rightarrow [\text {Iter}(fun(x,x))]\)).

  2. 2.

    For a closed StatVerif process \(P_0\), we denote by \(Q_0\) and \(\wp \) the same meanings in Lemma 1. We say \(P_0\) computationally satisfies \(\wp \) iff \(Q_0\) computationally satisfies \(\wp \).

References

  1. Blanchet, B.: An efficient cryptographic protocol verifier based on Prolog rules. In: 2001 Proceedings of the 14th IEEE Computer Security Foundations Workshopp, pp. 82ā€“96 (2001)

    Google ScholarĀ 

  2. Armando, A., et al.: The AVISPA tool for the automated validation of internet security protocols and applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281ā€“285. Springer, Heidelberg (2005)

    ChapterĀ  Google ScholarĀ 

  3. Escobar, S., Meadows, C., Meseguer, J.: Maude-NPA: cryptographic protocol analysis modulo equational properties. In: Aldini, A., Barthe, G., Gorrieri, R. (eds.) FOSAD 2007/2008/2009. LNCS, vol. 5705, pp. 1ā€“50. Springer, Heidelberg (2009)

    ChapterĀ  Google ScholarĀ 

  4. Dolev, D., Yao, A.C.: On the security of public key protocols. In: Proceedings of the 22nd Annual Symposium on Foundations of Computer Science, SFCS 1981, pp. 350ā€“357. IEEE Computer Society, Washington, DC (1981)

    Google ScholarĀ 

  5. Even, S., Goldreich, O.: On the security of multi-party ping-pong protocols. In: 24th Annual Symposium on Foundations of Computer Science, pp. 34ā€“39, November 1983

    Google ScholarĀ 

  6. Abadi, M., Rogaway, P.: Reconciling two views of cryptography. In: Watanabe, O., Hagiya, M., Ito, T., van Leeuwen, J., Mosses, P.D. (eds.) TCS 2000. LNCS, vol. 1872, pp. 3ā€“22. Springer, Heidelberg (2000)

    ChapterĀ  Google ScholarĀ 

  7. Janvier, R., Lakhnech, Y., MazarĆ©, L.: Completing the picture: soundness of formal encryption in the presence of active adversaries. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 172ā€“185. Springer, Heidelberg (2005)

    ChapterĀ  Google ScholarĀ 

  8. Micciancio, D., Warinschi, B.: Soundness of formal encryption in the presence of active adversaries. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 133ā€“151. Springer, Heidelberg (2004)

    ChapterĀ  Google ScholarĀ 

  9. Cortier, V., Warinschi, B.: Computationally sound, automated proofs for security protocols. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 157ā€“171. Springer, Heidelberg (2005)

    ChapterĀ  Google ScholarĀ 

  10. Cortier, V., Kremer, S., KĆ¼sters, R., Warinschi, B.: Computationally sound symbolic secrecy in the presence of hash functions. In: Arun-Kumar, S., Garg, N. (eds.) FSTTCS 2006. LNCS, vol. 4337, pp. 176ā€“187. Springer, Heidelberg (2006)

    ChapterĀ  Google ScholarĀ 

  11. Backes, M., Hofheinz, D., Unruh, D.: CoSP: a general framework for computational soundness proofs. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 2009, pp. 66ā€“78. ACM, New York (2009)

    Google ScholarĀ 

  12. Backes, M., Bendun, F., Unruh, D.: Computational soundness of symbolic zero-knowledge proofs: weaker assumptions and mechanized verification. In: Basin, D., Mitchell, J.C. (eds.) POST 2013 (ETAPS 2013). LNCS, vol. 7796, pp. 206ā€“225. Springer, Heidelberg (2013)

    ChapterĀ  Google ScholarĀ 

  13. Cortier, V., Warinschi, B.: A composable computational soundness notion. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, pp. 63ā€“74. ACM, New York (2011)

    Google ScholarĀ 

  14. Bƶhl, F., Cortier, V., Warinschi, B.: Deduction soundness: prove one, get five for free. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, CCS 2013, pp. 1261ā€“1272. ACM, New York (2013)

    Google ScholarĀ 

  15. Backes, M., Malik, A., Unruh, D.: Computational soundness without protocol restrictions. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS 2012, pp. 699ā€“711. ACM, New York (2012)

    Google ScholarĀ 

  16. Arapinis, M., Liu, J., Ritter, E., Ryan, M.: Stateful applied Pi Calculus. In: Abadi, M., Kremer, S. (eds.) POST 2014 (ETAPS 2014). LNCS, vol. 8414, pp. 22ā€“41. Springer, Heidelberg (2014)

    ChapterĀ  Google ScholarĀ 

  17. Guttman, J.D.: State and progress in strand spaces: proving fair exchange. J. Autom. Reason. 48, 159ā€“195 (2012)

    ArticleĀ  MathSciNetĀ  MATHĀ  Google ScholarĀ 

  18. Schmidt, B., Meier, S., Cremers, C., Basin, D.: Automated analysis of Diffie-Hellman protocols and advanced security properties. In: 2012 IEEE 25th Computer Security Foundations Symposium (CSF), pp. 78ā€“94, June 2012

    Google ScholarĀ 

  19. Delaune, S., Kremer, S., Ryan, M.D., Steel, G.: Formal analysis of protocols based on TPM state registers. In: Proceedings of the 2011 IEEE 24th Computer Security Foundations Symposium, CSF 2011, pp. 66ā€“80. IEEE Computer Society, Washington, DC (2011)

    Google ScholarĀ 

  20. Kremer, S., KĆ¼nnemann, R.: Automated analysis of security protocols with global state. In: Proceedings of the 35th IEEE Symposium on Security and Privacy, SP 2014. IEEE Computer Society, Washington (2014)

    Google ScholarĀ 

  21. Arapinis, M., Ritter, E., Ryan, M.D.: StatVerif: verification of stateful processes. In: 2011 IEEE 24th Computer Security Foundations Symposium (CSF), pp. 33ā€“47, June 2011

    Google ScholarĀ 

  22. Mƶdersheim, S.A.: Abstraction by set-membership: verifying security protocols and web services with databases. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, pp. 351ā€“360. ACM, New York (2010)

    Google ScholarĀ 

  23. Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: Proceedings of the 28th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, vol. 36, pp. 104ā€“115, January 2001

    Google ScholarĀ 

  24. Backes, M., Mohammadi, E., Ruffing, T.: Computational soundness results for ProVerif: bridging the gap from trace properties to uniformity. In: Abadi, M., Kremer, S. (eds.) POST 2014 (ETAPS 2014). LNCS, vol. 8414, pp. 42ā€“62. Springer, Heidelberg (2014)

    ChapterĀ  Google ScholarĀ 

  25. Backes, M., Maffei, M., Unruh, D.: Computationally sound verification of source code. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, pp. 387ā€“398. ACM, New York (2010)

    Google ScholarĀ 

  26. Shao, J., Qin, Y., Feng, D.: Computational Soundness Results for Stateful Applied \(\pi \) Calculus. http://arxiv.org/abs/1601.00363

Download references

Author information

Authors and Affiliations

  1. Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, Beijing, China

    Jianxiong Shao,Ā Yu QinĀ &Ā Dengguo Feng

Authors
  1. Jianxiong Shao
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

  2. Yu Qin
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

  3. Dengguo Feng
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

Corresponding author

Correspondence to Yu Qin .

Editor information

Editors and Affiliations

  1. KU Leuven, Leuven, Belgium

    Frank Piessens

  2. Kingā€™s College London, London, UK

    Luca ViganĆ²

Rights and permissions

Reprints and permissions

Copyright information

Ā© 2016 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Shao, J., Qin, Y., Feng, D. (2016). Computational Soundness Results for Stateful Applied \(\pi \) Calculus. In: Piessens, F., ViganĆ², L. (eds) Principles of Security and Trust. POST 2016. Lecture Notes in Computer Science(), vol 9635. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-49635-0_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-49635-0_13

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-49634-3

  • Online ISBN: 978-3-662-49635-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation