Selecting Theories and Recursive Protocols
نویسنده
چکیده
Many decidability results are known for non-recursive cryptographic protocols, where the protocol steps can be expressed by simple rewriting rules. Recently, a tree transducer-based model was proposed for recursive protocols, where the protocol steps involve some kind of recursive computations. This model has, however, some limitations: (1) rules are assumed to have linear left-hand sides (so no equality tests can be performed), (2) only finite amount of information can be conveyed from one receive-send action to the next ones. It has been proven that, in this model, relaxing these assumptions leads to undecidability. In this paper, we propose a formalism, called selecting theories, which extends the standard non-recursive term rewriting model and allows participants to compare and store arbitrary messages. This formalism can model recursive protocols, where participants, in each protocol step, are able to send a number of messages unbounded w.r.t. the size of the protocol. We prove that insecurity of protocols with selecting theories is decidable in NEXPTIME.
منابع مشابه
Automatic Analysis of Recursive Cryptographic Protocols
In recent years, formal methods have been developed to analyze and verify cryptographic protocols. We will focus on protocols that rely on iteration or recursion. These protocols typically use special security tokens – such as numbers used only once, called nonces, or keys generated by a principal – to achieve their security assertions. The recursion depth of the computations in such protocols ...
متن کاملOn the Automatic Analysis of Recursive Security Protocols with XOR
In many security protocols, such as group protocols, principals have to perform iterative or recursive computations. We call such protocols recursive protocols. Recently, first results on the decidability of the security of such protocols have been obtained. While recursive protocols often employ operators with algebraic, security relevant properties, such as the exclusive OR (XOR), the existin...
متن کاملA real-time recursive dynamic model for vehicle driving simulators
This paper presents the Real-Time Recursive Dynamics (RTRD) model that is developed for driving simulators. The model could be implemented in the Driving Simulator. The RTRD can also be used for off-line high-speed dynamics analysis, compared with commercial multibody dynamics codes, to speed up mechanical design process. An overview of RTRD is presented in the paper. Basic models for specific ...
متن کاملDeduction-preserving "recursive Isomorphisms" between Theories by Marian Boykan Pour-el and Saul Kripke
Introduction. In this work we discuss recursive mappings between theories which preserve deducibility, negation and implication. Roughly, we prove that any two axiomatizable theories containing a small fragment of arithmetic—this can be stated precisely—are "isomorphic" by a primitive recursive function mapping sentences onto sentences which also preserves deducibility, negation and implication...
متن کاملFischer’s Protocol in Timed Process Algebra
Timed algebraic process theories can be developed with quite different purposes in mind. One can aim for theoretical results about the theory itself (completeness, expressiveness, decidability), or one can aim for practical applicability to non-trivial protocols. Unfortunately, these aims do not go well together. In this paper we take two theories, which are probably of the first kind, and try ...
متن کامل