Skip to Main content Skip to Navigation
Preprints, Working Papers, ...

Efficiently deciding equivalence for standard primitives and phases

Abstract : Privacy properties like anonymity or untraceability are now well identified, desirable goals of many security protocols. Such properties are typically stated as equivalence properties. However, automatically checking equivalence of protocols often yields efficiency issues. We propose an efficient algorithm, based on graph planning and SAT-solving. It can decide equivalence for a bounded number of sessions, for protocols with standard cryptographic primitives and phases (often necessary to specify privacy properties), provided protocols are well-typed, that is encrypted messages cannot be confused. The resulting implementation , SAT-Equiv, demonstrates a significant speed-up w.r.t. other existing tools that decide equivalence, covering typically more than 100 sessions. Combined with a previous result, SAT-Equiv can now be used to prove security, for some protocols, for an unbounded number of sessions.
Complete list of metadatas

Cited literature [14 references]  Display  Hide  Download
Contributor : Antoine Dallon <>
Submitted on : Wednesday, June 20, 2018 - 1:38:03 PM
Last modification on : Friday, March 6, 2020 - 4:18:09 PM
Document(s) archivé(s) le : Tuesday, September 25, 2018 - 7:34:01 PM


Files produced by the author(s)


  • HAL Id : hal-01819366, version 1


Véronique Cortier, Antoine Dallon, Stéphanie Delaune. Efficiently deciding equivalence for standard primitives and phases. 2018. ⟨hal-01819366⟩



Record views


Files downloads