A Specification Language for Crypto-Protocols based on Multiset Rewriting, Dependent Types and Subsorting
نویسنده
چکیده
MSR is an unambiguous, flexible, powerful and relatively simple specification framework for crypto-protocols. It uses multiset rewriting rules over first-order atomic formulas to express protocol actions and relies on a form of existential quantification to symbolically model the generation of nonces and other fresh data. It supports an array of useful static checks that include type-checking and data access verification. In this paper, we give a detailed presentation of the typing infrastructure of MSR, which is based on the theory of dependent types with subsorting. We prove that type-checking protocol specifications is decidable and show that execution preserves well-typing. We illustrate these features by formalizing a wellknown protocol in MSR.
منابع مشابه
Representing the MSR Cryptoprotocol Specification Language in an Extension of Rewriting Logic with Dependent Types
This paper presents a shallow and efficient embedding of the security protocol specification language MSR into an extension of rewriting logic with dependent types. The latter is an instance of the open calculus of constructions which integrates key concepts from equational logic, rewriting logic, and type theory. MSR is based on a form of first-order multiset rewriting extended with existentia...
متن کاملTyped Multiset Rewriting Specifications of Security Protocols
The language MSR has successfully been used in the past to prove undecidability results about security protocols modeled according to the Dolev-Yao abstraction. In this paper, we revise this formalism into a flexible specification framework for complex crypto-protocols. More specifically, we equip it with an extensible typing infrastructure based on dependent types with subsorting, which elegan...
متن کاملTyped MSR: Syntax and Examples
Many design flaws and incorrect analyses of cryptographic protoAppeared in the Proceedings of the First International Workshop on Mathematical Methods, Models and Architectures for Computer Network Security — MMM’01 (V. Gorodetski, V. Skormin and L. Popyack, editors), pp.??–??, c Springer-Verlag LNCS ???, St. Petersburg, Russia, 21–23 May 2001 cols can be traced to inadequate specification lang...
متن کاملThe Logical Meeting Point of Multiset Rewriting and Process Algebra: Progress Report
We present a revisited semantics for multiset rewriting founded on the left sequent rules of linear logic in its LV presentation. The resulting interpretation is extended with a majority of linear connectives into the language of ωmultisets. It drops the distinction between multiset elements and rewrite rules, and considerably enriches the expressive power of standard multiset rewriting with em...
متن کاملRelating Process Algebras and Multiset Rewriting for Security Protocol Analysis
When formalizing security protocols, different specification languages support very different reasoning methodologies, whose results are not directly or easily comparable. Therefore, establishing clear relationships among different frameworks is highly desirable, as it permits various methodologies to cooperate by interpreting theoretical and practical results of one system in another. In this ...
متن کامل