Skip to main content
SpringerLink
Log in

Even Simple π-Calculus Processes Are Difficult to Analyze

  • Published:
Automatic Control and Computer Sciences Aims and scope Submit manuscript

Abstract

Mathematical models of distributed computations, based on calculus of mobile processes (π-calculus) are widely used for checking information security properties of cryptographic protocols. Since \(\pi \)-calculus is a Turing-complete computation model, this problem is unsolvable in the general case. Therefore, its study is carried out only for some special classes of π-calculus processes with restricted computational capabilities, for example, for nonrecursive processes with all runs limited in length, for processes with a limited number of parallel components, etc. However, even in these cases the proposed checking procedures are very time consuming. We assume that this is due to the very nature of the π-calculus processes. The goal of this paper is to show that even for the weakest passive adversary model and for relatively simple protocols that make use of only basic π-calculus operations, the checking of the information security properties of these protocols is a co-NP-complete problem.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

REFERENCES

  1. Abadi, M. and Gordon, A.D., A calculus for cryptographic protocols: The spi calculus, Inf. Comput., 1999, vol. 148, no. 1, pp. 1–70.

    Article  MathSciNet  Google Scholar 

  2. Abadi, M. and Fournet, C., Mobile values, new names, and secure communication, Proceedings of the 28-th ACM Symposium on Principles of Programming Languages, 2001, pp. 104–115.

    Article  Google Scholar 

  3. Amadio, M.R. and Lugiez, D., On the reachability problem for cryptographic protocols, Proceedings of the 11-th International Conference on Concurrency Theory, 2000, pp. 380–394.

  4. Amadio, M.R., Lugiez, D., and Vanackere, V., On the symbolic reduction of processes with cryptographic functions, Theor. Comput. Sci., 2003, vol. 290, no. 1, pp. 695–740.

    Article  MathSciNet  Google Scholar 

  5. Arapinis, M., Liu, J., Ritter, E., and Ryan, M., Stateful applied pi calculus, Proceedings of the Principles of Security and Trust—Third International Conference, 2014, pp. 22–41.

  6. Blanchet, B. and Smith, B., Automated reasoning for equivalences in the applied pi calculus with barriers, Proceedings of the 29-th IEEE Computer Security Foundations Symposium, 2014, pp. 310–324.

  7. Bodei, C., Degano, P., Nielson, F., and Nielson, H.R., Static analysis for the pi-calculus with applications to security, Inf. Comput., 2001, vol. 168, no. 1, pp. 68–92.

    Article  Google Scholar 

  8. Borgstrom, J. and Nestmann, U., On bisimulations for the spi calculus, Math. Struct. Comput. Sci., 2005, vol. 15, no. 3, pp. 487–552.

    Article  MathSciNet  Google Scholar 

  9. Bruni, A., Modersheim, S., Nielson, F., and Nielson, H.R., Set-pi: Set membership pi-calculus, Proceedings of the 28-th IEEE Computer Security Foundations Symposium, 2015, pp. 185–198.

  10. Chadha, R., Cheval, V., Ciobaca, S., and Kremer, S., Automated verification of equivalence properties of cryptographic protocols, ACM Trans. Comput. Logic, 2016, vol. 17, no. 4, pp. 1–32.

    Article  MathSciNet  Google Scholar 

  11. Chevalier, Y., Kusters, R., Rusinowitch, M., and Turuani, M., Deciding the security of protocols with Diffie-Hellman exponentiation and products in exponents, Proceedings of the 23-rd Annual Conference on the Foundations of Software Technology and Theoretical Computer Science, 2003, pp. 124–135.

  12. Chevalier, Y., Kusters, R., Rusinowitch, M., and Turuani, M., An NP decision procedure for protocol insecurity with XOR, Theor. Comput. Sci., 2005, vol. 338, nos. 1–3, pp. 247–274.

    Article  MathSciNet  Google Scholar 

  13. Chevalier, Y., Kusters, R., Rusinowitch, M., and Turuani, M., Deciding the security of protocols with commuting public key encryption, Electron. Notes Theor. Comput. Sci., 2005, vol. 125, no. 1, pp. 55–66.

    Article  Google Scholar 

  14. Chevalier, Y., Kusters, R., Rusinowitch, M., and Turuani, M., Complexity results for security protocols with Diffie-Hellman exponentiation and commuting public key encryption, ACM Trans. Comput. Logic, 2008, vol. 9, no. 4, pp. 1–52.

    Article  MathSciNet  Google Scholar 

  15. Chretien, R., Cortier, V., and Delaune, S., Decidability of trace equivalence for protocols with nonces, Proceedings of the 28-th IEEE Computer Security Foundations Symposium, 2015, pp. 170–184.

  16. Cortier, V. and Delaune, S., A method for proving observational equivalence, Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium, 2009, pp. 266–276.

  17. Curti, M., Degano, P., Priami, C., and Balardi, C.T., Modelling biochemical pathways through enhanced pi-calculus, Theor. Comput. Sci., 2004, vol. 325, no. 1, pp. 111–140.

    Article  Google Scholar 

  18. Delaune, S., Ryan, M., and Smyth, B., Automatic verification of privacy properties in the applied pi calculus, Trust Manage. II, 2008, vol. 263, pp. 263–278.

    Google Scholar 

  19. Dolev, D. and Yao, A., On the security of public key protocols, IEEE Trans. Inf. Theory, 1983, vol. 29, no. 2, pp. 198–208.

    Article  MathSciNet  Google Scholar 

  20. Durante, L., Sisto, R., and Valenzano, A., Automatic testing equivalence verification of spi calculus specifications, ACM Trans. Software Eng. Methodol., 2003, vol. 12, no. 2, pp. 222–284.

    Article  Google Scholar 

  21. Durgin, N.A., Lincoln, P., and Mitchell, J.C., Multiset rewriting and the complexity of bounded security protocols, J. Comput. Secur., 2004, vol. 12, no. 2, pp. 247–311.

    Article  Google Scholar 

  22. Godskesen, J.C., Formal verification of the ARAN protocol using the applied pi-calculus, Proceedings of the Sixth International IFIP WG 1.7 Workshop on Issues in the Theory of Security, 2006, pp. 99–113.

  23. Huima, A., Efficient infinite state analysis of security protocols, Proceedings of the Workshop on Formal Methods and Security Protocols, 1999.

  24. Liang, Z. and Verma, R.M., Correcting and improving the NP proof for cryptographic protocol insecurity, Proceedings of the 5-th International Conference on Information Systems Security, 2009, pp. 101–116.

  25. Milner, R., Parrow, J., and Walker, D., A calculus of mobile processes, I and II, Inf. Comput., 1992, vol. 100, no. 1, pp. 1–77.

    Article  MathSciNet  Google Scholar 

  26. Milner, R., Functions as processes, Math. Struct. Comput. Sci., 1992, vol. 2, pp. 119–141.

    Article  MathSciNet  Google Scholar 

  27. Milner, R., Communicating and Mobile Systems—The Pi-Calculus, MIT Press, 1999.

    MATH  Google Scholar 

  28. Regev, A., Representation and simulation of biochemical processes using the pi-calculus process algebra, Proceedings of the 6-th Pacific Symposium on Biocomputing, 2001, pp. 459–470.

  29. Rusinowitch, M. and Turuani, M., Protocol insecurity with finite number of sessions is NP-complete, Theor. Comput. Sci., 2003, vol. 299, nos. 1–3, pp. 451–475.

    Article  MathSciNet  Google Scholar 

  30. Smith, H. and Fingar, P., Business Process Management: The Third Wave, Meghan-Kiffer Press Tampa, 2003.

    Google Scholar 

  31. Tiplea, F.L., Enea, C., and Birjoveanu, C.V., Decidability and complexity results for security protocols, in Verification of Infinite-State Systems with Applications to Security, Amsterdam: IOS Press, 2006, pp. 185–211.

    Google Scholar 

  32. Tiu, A. and Dawson, J., Automating open bisimulation checking for the spi calculus, Proceedings of the 23rd IEEE Computer Security Foundations Symposium, 2010, pp. 307–321.

  33. Walker, D., Objects in the π-calculus, Inf. Comput., 1995, vol. 116, no. 4, pp. 253–271.

    Article  MathSciNet  Google Scholar 

Download references

FUNDING

This work was supported by the Russian Foundation for Basic Research, projects nos. 18-01-00854 and 16-01-00714.

Author information

Authors and Affiliations

  1. Moscow State University, 119991, Moscow, Russia

    M. M. Abbas

  2. National Research University University Higher School of Economy, 101000, Moscow, Russia

    V. A. Zakharov

  3. Ivannikov Institute of System Programming, Russian Academy of Sciences (ISP RAS), 109004, Moscow, Russia

    V. A. Zakharov

Authors
  1. M. M. Abbas
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. V. A. Zakharov
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to M. M. Abbas or V. A. Zakharov.

Ethics declarations

The authors declare that they have no conflicts of interest.

Additional information

Translated by S. Kuznetsov

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Abbas, M.M., Zakharov, V.A. Even Simple π-Calculus Processes Are Difficult to Analyze. Aut. Control Comp. Sci. 53, 573–583 (2019). https://doi.org/10.3103/S0146411619070022

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.3103/S0146411619070022

Keywords:

Search

Navigation