Cap Unification: Application to Protocol Security modulo Homomorphic Encryption

Siva Anantharaman 1 Hai Lin 2 Christopher Lynch 2 Paliath Narendran 3 Michael Rusinowitch 4
4 CASSIS - Combination of approaches to the security of infinite states systems
FEMTO-ST - Franche-Comté Électronique Mécanique, Thermique et Optique - Sciences et Technologies (UMR 6174), INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : We address the insecurity problem for cryptographic protocols, for an active intruder and a bounded number of sessions. The protocol steps are modeled as rigid Horn clauses, and the intruder abilities as an equational theory. The problem of active intrusion -- such as whether a secret term can be derived, possibly via interaction with the honest participants of the protocol -- is then formulated as a Cap Unification problem. Cap Unification is an extension of Equational Unification: look for a cap to be placed on a given set of terms, so as to unify it with a given term modulo the equational theory. We give a decision procedure for Cap Unification, when the intruder capabilities are modeled as homomorphic encryption theory. Our procedure can be employed in a simple manner to detect attacks exploiting some properties of block ciphers.
Document type :
Conference papers
Liste complète des métadonnées
Contributor : Siva Anantharaman <>
Submitted on : Tuesday, January 19, 2010 - 5:51:17 PM
Last modification on : Thursday, January 17, 2019 - 3:06:04 PM


  • HAL Id : inria-00448703, version 1


Siva Anantharaman, Hai Lin, Christopher Lynch, Paliath Narendran, Michael Rusinowitch. Cap Unification: Application to Protocol Security modulo Homomorphic Encryption. 5th ACM Symposium on Information, Computer and Communications Security - ASIACCS 2010, Apr 2010, Beijing, China. ⟨inria-00448703⟩



Record views