Conference paper
Diffie-Hellman without Difficulty
An excellent way for a protocol to obtain shared keys is Diffie-Hellman. For the automated verification of security protocols, the use of Diffie-Hellman poses a certain amount of difficulty, because it requires algebraic reasoning. Several tools work in the free algebra and even for tools that do support Diffie-Hellman, the algebraic reasoning becomes a bottleneck.
We provide a new relative-soundness result: for a large class of protocols, significantly restricting the abilities of the intruder is without loss of attacks. We also show the soundness of a very restrictive encoding of Diffie-Hellman proposed by Millen and how to obtain a problem that can be answered in the free algebra without increasing its size upon encoding.
This enables the efficient use of free-algebra verification tools for Diffie-Hellman based protocols and significantly reduces search-spaces for tools that do support algebraic reasoning.
Language: | English |
---|---|
Publisher: | Springer |
Year: | 2011 |
Pages: | 214-229 |
Proceedings: | Formal Aspects of Security and Trust |
Series: | Lecture Notes in Computer Science |
Journal subtitle: | 8th International Workshop, Fast 2011 |
ISBN: | 3642294197 , 3642294200 , 9783642294198 and 9783642294204 |
ISSN: | 16113349 and 03029743 |
Types: | Conference paper |
DOI: | 10.1007/978-3-642-29420-4 |
ORCIDs: | Mödersheim, Sebastian Alexander |