Deciding knowledge in security protocols under some e-voting theories
LIP2, Faculté des Sciences, Tunis, Tunisia. email@example.com
2 LIP2, Institut National des Sciences Appliquées et de Technologie, Tunis, Tunisia.
3 Loria, INRIA & CNRS, Nancy, France.
Accepted: 7 February 2011
In the last decade, formal methods have proved their interest when analyzing security protocols. Security protocols require in particular to reason about the attacker knowledge. Two standard notions are often considered in formal approaches: deducibility and indistinguishability relations. The first notion states whether an attacker can learn the value of a secret, while the latter states whether an attacker can notice some difference between protocol runs with different values of the secret. Several decision procedures have been developed so far for both notions but none of them can be applied in the context of e-voting protocols, which require dedicated cryptographic primitives. In this work, we show that both deduction and indistinguishability are decidable in polynomial time for two theories modeling the primitives of e-voting protocols.
Mathematics Subject Classification: 68Q85
Key words: Security protocols / formal methods / decidability / e-voting / equational theory / deduction / static equivalence
© EDP Sciences, 2011