Verifying Accountability for Unbounded Sets of Participants
This work addresses the need for stronger trust and accountability in security protocol design, offering a more flexible verification method for researchers and practitioners, though it is incremental as it builds on prior definitions and tools.
The paper tackles the problem of verifying accountability in security protocols with unbounded participant sets by combining existing definitions with case tests, proposing a general construction and verification conditions that achieve soundness and completeness, and extending the Tamarin tool to automate this analysis, making it more flexible and applicable to a wider range of protocols.
Little can be achieved in the design of security protocols without trusting at least some participants. This trust should be justified or, at the very least, subject to examination. One way to strengthen trustworthiness is to hold parties accountable for their actions, as this provides a strong incentive to refrain from malicious behavior. This has led to an increased interest in accountability in the design of security protocols. In this work, we combine the accountability definition of Künnemann, Esiyok, and Backes, with the notion of case tests to extend its applicability to protocols with unbounded sets of participants. We propose a general construction of verdict functions and a set of verification conditions that achieve soundness and completeness. Expressing the verification conditions in terms of trace properties allows us to extend Tamarin -- a protocol verification tool -- with the ability to analyze and verify accountability properties in a highly automated way. In contrast to prior work, our approach is significantly more flexible and applicable to a wider range of protocols.