Paper 2018/127

Accountability in Security Protocols

Robert Künnemann, Deepak Garg, and Michael Backes


A promising paradigm in protocol design is to hold parties accountable for misbehavior, instead of postulating that they are trustworthy. Recent approaches in defining this property, called accountability, characterized malicious behavior as a deviation from the protocol that causes a violation of the desired security property, but did so under the assumption that all deviating parties are controlled by a single, centralized adversary. In this work, we investigate the setting where multiple parties can deviate with or without coordination in a variant of the applied-pi calculus. We first demonstrate that, under realistic assumptions, it is impossible to determine all misbehaving parties; however, we show that accountability can be relaxed to exclude causal dependencies that arise from the behavior of deviating parties, and not from the protocol as specified. We map out the design space for the relaxation, point out protocol classes separating these notions and define conditions under which we can guarantee fairness and completeness. Most importantly, we discover under which circumstances it is correct to consider accountability in the single-adversary setting, where this property can be verified with off-the-shelf protocol verification tools.

Note: During the review process, a change of the title to something more specific was asked for.

Available format(s)
Publication info
Published elsewhere. MINOR revision.CSF 2021
accountability protocols verification
Contact author(s)
robert @ kunnemann de
2020-09-11: revised
2018-02-05: received
See all versions
Short URL
Creative Commons Attribution


      author = {Robert Künnemann and Deepak Garg and Michael Backes},
      title = {Accountability in Security Protocols},
      howpublished = {Cryptology ePrint Archive, Paper 2018/127},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.