Véronique Cortier and Stéphanie Delaune A method for proving observational equivalence Research Report LSV - 09 - 04 February 2009
نویسندگان
چکیده
Formal methods have proved their usefulness for an-alyzing the security of protocols. Most existing resultsfocus on trace properties like secrecy or authentication.There are however several security properties, whichcannot be defined (or cannot be naturally defined) astrace properties and require the notion of observationalequivalence. Typical examples are anonymity, privacyrelated properties or statements closer to security prop-erties used in cryptography.In this paper, we consider the applied pi calculus andwe show that for determinate processes, observationalequivalence actually coincides with trace equivalence, anotion simpler to reason with. We exhibit a large classof determinate processes, called simple processes, thatcapture most existing protocols and cryptographic prim-itives. Then, for simple processes without replication,we reduce the decidability of trace equivalence to decid-ing an equivalence relation introduced by M. Baudet.Altogether, this yields the first decidability result of ob-servational equivalence for a general class of equationaltheories.
منابع مشابه
Véronique Cortier and Stéphanie Delaune Safely composing security protocols Research Report LSV - 08 - 06 March 2008
Security protocols are small programs that are executed in hostile environments. Many results and tools have been developed to formally analyze the security of a protocol in the presence of an active attacker that may block, intercept and send new messages. However even when a protocol has been proved secure, there is absolutely no guarantee if the protocol is executed in an environment where o...
متن کاملRohit Chadha , Stéphanie Delaune and Steve Kremer Epistemic Logic for the Applied Pi Calculus Research Report LSV - 09 - 06 March 2009
We propose an epistemic logic for the applied pi calculus, which is a variant of the pi calculus with extensions for modeling cryptographic protocols. In such a calculus, the security guarantees are usually stated as observational equivalence. While process calculi provide a natural means to describe the protocols themselves, epistemic logics are often better suited for expressing certain secur...
متن کاملMathilde Arnaud , Véronique Cortier , and Stéphanie Delaune Modeling and Verifying Ad Hoc Routing Protocols Research Report LSV - 10 - 03 February 2010
Mobile ad hoc networks consist of mobile wireless de-vices which autonomously organize their infrastructure.In such networks, a central issue, ensured by routingprotocols, is to find a route from one device to another.Those protocols use cryptographic mechanisms in or-der to prevent malicious nodes from compromising thediscovered route.Our contribution is twofold. We...
متن کاملStéphanie Delaune , Steve Kremer and Mark D . Ryan Symbolic bisimulation for the applied pi calculus Research Report LSV - 07 - 14 April 2007
We propose a symbolic semantics for the finite applied pi calculus, which is a variant of the pi calculus with extensions for modelling cryptgraphic protocols. By treating inputs symbolically, our semantics avoids potentially infinite branching of execution trees due to inputs from the environment. Correctness is maintained by associating with each process a set of constraints on symbolic terms...
متن کامل