Solving the insecurity problem for assertions

TL;DR

This paper extends symbolic verification techniques for cryptographic protocols to include logical statements with equality and existential quantification, demonstrating that the insecurity problem remains NP-complete.

Contribution

It introduces methods to handle logical statements in protocol analysis, showing the insecurity problem stays in NP despite added complexity.

Findings

Insecurity problem for protocols with logical statements is NP-complete.

Extended techniques from previous work to include equality and existential quantification.

Maintained NP complexity despite unbounded witnesses and complex inference systems.

Abstract

In the symbolic verification of cryptographic protocols, a central problem is deciding whether a protocol admits an execution which leaks a designated secret to the malicious intruder. Rusinowitch & Turuani (2003) show that, when considering finitely many sessions, this ``insecurity problem'' is NP-complete. Central to their proof strategy is the observation that any execution of a protocol can be simulated by one where the intruder only communicates terms of bounded size. However, when we consider models where, in addition to terms, one can also communicate logical statements about terms, the analysis of the insecurity problem becomes tricky when both these inference systems are considered together. In this paper we consider the insecurity problem for protocols with logical statements that include {\em equality on terms} and {\em existential quantification}. Witnesses for existential quantifiers may be unbounded, and obtaining small witness terms while maintaining equality proofs complicates the analysis considerably. We extend techniques from Rusinowitch & Turuani (2003) to show that this problem is also in NP.