Abstract—
Mathematical models of distributed computations, based on calculus of mobile processes (π-calculus) are widely used for checking information security properties of cryptographic protocols. Since \(\pi \)-calculus is a Turing-complete computation model, this problem is unsolvable in the general case. Therefore, its study is carried out only for some special classes of π-calculus processes with restricted computational capabilities, for example, for nonrecursive processes with all runs limited in length, for processes with a limited number of parallel components, etc. However, even in these cases the proposed checking procedures are very time consuming. We assume that this is due to the very nature of the π-calculus processes. The goal of this paper is to show that even for the weakest passive adversary model and for relatively simple protocols that make use of only basic π-calculus operations, the checking of the information security properties of these protocols is a co-NP-complete problem.
Similar content being viewed by others
REFERENCES
Abadi, M. and Gordon, A.D., A calculus for cryptographic protocols: The spi calculus, Inf. Comput., 1999, vol. 148, no. 1, pp. 1–70.
Abadi, M. and Fournet, C., Mobile values, new names, and secure communication, Proceedings of the 28-th ACM Symposium on Principles of Programming Languages, 2001, pp. 104–115.
Amadio, M.R. and Lugiez, D., On the reachability problem for cryptographic protocols, Proceedings of the 11-th International Conference on Concurrency Theory, 2000, pp. 380–394.
Amadio, M.R., Lugiez, D., and Vanackere, V., On the symbolic reduction of processes with cryptographic functions, Theor. Comput. Sci., 2003, vol. 290, no. 1, pp. 695–740.
Arapinis, M., Liu, J., Ritter, E., and Ryan, M., Stateful applied pi calculus, Proceedings of the Principles of Security and Trust—Third International Conference, 2014, pp. 22–41.
Blanchet, B. and Smith, B., Automated reasoning for equivalences in the applied pi calculus with barriers, Proceedings of the 29-th IEEE Computer Security Foundations Symposium, 2014, pp. 310–324.
Bodei, C., Degano, P., Nielson, F., and Nielson, H.R., Static analysis for the pi-calculus with applications to security, Inf. Comput., 2001, vol. 168, no. 1, pp. 68–92.
Borgstrom, J. and Nestmann, U., On bisimulations for the spi calculus, Math. Struct. Comput. Sci., 2005, vol. 15, no. 3, pp. 487–552.
Bruni, A., Modersheim, S., Nielson, F., and Nielson, H.R., Set-pi: Set membership pi-calculus, Proceedings of the 28-th IEEE Computer Security Foundations Symposium, 2015, pp. 185–198.
Chadha, R., Cheval, V., Ciobaca, S., and Kremer, S., Automated verification of equivalence properties of cryptographic protocols, ACM Trans. Comput. Logic, 2016, vol. 17, no. 4, pp. 1–32.
Chevalier, Y., Kusters, R., Rusinowitch, M., and Turuani, M., Deciding the security of protocols with Diffie-Hellman exponentiation and products in exponents, Proceedings of the 23-rd Annual Conference on the Foundations of Software Technology and Theoretical Computer Science, 2003, pp. 124–135.
Chevalier, Y., Kusters, R., Rusinowitch, M., and Turuani, M., An NP decision procedure for protocol insecurity with XOR, Theor. Comput. Sci., 2005, vol. 338, nos. 1–3, pp. 247–274.
Chevalier, Y., Kusters, R., Rusinowitch, M., and Turuani, M., Deciding the security of protocols with commuting public key encryption, Electron. Notes Theor. Comput. Sci., 2005, vol. 125, no. 1, pp. 55–66.
Chevalier, Y., Kusters, R., Rusinowitch, M., and Turuani, M., Complexity results for security protocols with Diffie-Hellman exponentiation and commuting public key encryption, ACM Trans. Comput. Logic, 2008, vol. 9, no. 4, pp. 1–52.
Chretien, R., Cortier, V., and Delaune, S., Decidability of trace equivalence for protocols with nonces, Proceedings of the 28-th IEEE Computer Security Foundations Symposium, 2015, pp. 170–184.
Cortier, V. and Delaune, S., A method for proving observational equivalence, Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium, 2009, pp. 266–276.
Curti, M., Degano, P., Priami, C., and Balardi, C.T., Modelling biochemical pathways through enhanced pi-calculus, Theor. Comput. Sci., 2004, vol. 325, no. 1, pp. 111–140.
Delaune, S., Ryan, M., and Smyth, B., Automatic verification of privacy properties in the applied pi calculus, Trust Manage. II, 2008, vol. 263, pp. 263–278.
Dolev, D. and Yao, A., On the security of public key protocols, IEEE Trans. Inf. Theory, 1983, vol. 29, no. 2, pp. 198–208.
Durante, L., Sisto, R., and Valenzano, A., Automatic testing equivalence verification of spi calculus specifications, ACM Trans. Software Eng. Methodol., 2003, vol. 12, no. 2, pp. 222–284.
Durgin, N.A., Lincoln, P., and Mitchell, J.C., Multiset rewriting and the complexity of bounded security protocols, J. Comput. Secur., 2004, vol. 12, no. 2, pp. 247–311.
Godskesen, J.C., Formal verification of the ARAN protocol using the applied pi-calculus, Proceedings of the Sixth International IFIP WG 1.7 Workshop on Issues in the Theory of Security, 2006, pp. 99–113.
Huima, A., Efficient infinite state analysis of security protocols, Proceedings of the Workshop on Formal Methods and Security Protocols, 1999.
Liang, Z. and Verma, R.M., Correcting and improving the NP proof for cryptographic protocol insecurity, Proceedings of the 5-th International Conference on Information Systems Security, 2009, pp. 101–116.
Milner, R., Parrow, J., and Walker, D., A calculus of mobile processes, I and II, Inf. Comput., 1992, vol. 100, no. 1, pp. 1–77.
Milner, R., Functions as processes, Math. Struct. Comput. Sci., 1992, vol. 2, pp. 119–141.
Milner, R., Communicating and Mobile Systems—The Pi-Calculus, MIT Press, 1999.
Regev, A., Representation and simulation of biochemical processes using the pi-calculus process algebra, Proceedings of the 6-th Pacific Symposium on Biocomputing, 2001, pp. 459–470.
Rusinowitch, M. and Turuani, M., Protocol insecurity with finite number of sessions is NP-complete, Theor. Comput. Sci., 2003, vol. 299, nos. 1–3, pp. 451–475.
Smith, H. and Fingar, P., Business Process Management: The Third Wave, Meghan-Kiffer Press Tampa, 2003.
Tiplea, F.L., Enea, C., and Birjoveanu, C.V., Decidability and complexity results for security protocols, in Verification of Infinite-State Systems with Applications to Security, Amsterdam: IOS Press, 2006, pp. 185–211.
Tiu, A. and Dawson, J., Automating open bisimulation checking for the spi calculus, Proceedings of the 23rd IEEE Computer Security Foundations Symposium, 2010, pp. 307–321.
Walker, D., Objects in the π-calculus, Inf. Comput., 1995, vol. 116, no. 4, pp. 253–271.
FUNDING
This work was supported by the Russian Foundation for Basic Research, projects nos. 18-01-00854 and 16-01-00714.
Author information
Authors and Affiliations
Corresponding authors
Ethics declarations
The authors declare that they have no conflicts of interest.
Additional information
Translated by S. Kuznetsov
About this article
Cite this article
Abbas, M.M., Zakharov, V.A. Even Simple π-Calculus Processes Are Difficult to Analyze. Aut. Control Comp. Sci. 53, 573–583 (2019). https://doi.org/10.3103/S0146411619070022
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.3103/S0146411619070022