DocumentCode
3129096
Title
A theory of dictionary attacks and its complexity
Author
Delaune, Stéphanie ; Jacquemard, Florent
Author_Institution
France Telecom R&D, Cachan, France
fYear
2004
fDate
28-30 June 2004
Firstpage
2
Lastpage
15
Abstract
We consider the problem of automating proofs of cryptographic protocols when some data, like poorly chosen passwords, can be guessed by dictionary attacks. First, we define a theory of these attacks: we introduce an inference system modeling the guessing capabilities of an intruder. This system extends the classical Dolev-Yao rules. Using proof rewriting techniques, we show a locality lemma for our inference system which yields the PTIME-completeness of the deduction problem. This result is lifted to the simultaneous solving of intruder deduction constraints with variables. Constraint solving is the basis of a NP algorithm for the protocol insecurity problem in the presence of dictionary attacks, assuming a bounded number of sessions. This extends the classical NP-completeness result for the Dolev-Yao model. We illustrate the procedure with examples of published protocols. The model and decision algorithm have been validated on some examples in a prototype implementation.
Keywords
computational complexity; constraint handling; cryptography; inference mechanisms; protocols; Dolev-Yao model; NP algorithm; NP-completeness; PTIME-completeness; attack complexity; constraint solving; cryptographic protocols; dictionary attacks; inference system; intruder deduction constraint; proof rewriting; proofing automation; protocol insecurity problem; Automatic generation control; Computer security; Cryptographic protocols; Cryptography; Dictionaries; Inference algorithms; Modeling; Prototypes; Random number generation; Research and development;
fLanguage
English
Publisher
ieee
Conference_Titel
Computer Security Foundations Workshop, 2004. Proceedings. 17th IEEE
ISSN
1063-6900
Print_ISBN
0-7695-2169-X
Type
conf
DOI
10.1109/CSFW.2004.1310728
Filename
1310728
Link To Document