Filters








26 Hits in 3.8 sec

Asymmetric Unification: A New Unification Paradigm for Cryptographic Protocol Analysis [chapter]

Serdar Erbatur, Santiago Escobar, Deepak Kapur, Zhiqiang Liu, Christopher A. Lynch, Catherine Meadows, José Meseguer, Paliath Narendran, Sonia Santiago, Ralf Sasse
2013 Lecture Notes in Computer Science  
We also give results on the complexity and decidability of asymmetric unification.  ...  We demonstrate how asymmetric unification can improve performanceby running the algorithm on a set of benchmark problems.  ...  We explain below how steps (1)-(4) yield an asymmetric unification algorithm for exclusive or with uninterpreted symbols (XOR) from a symmetric one.  ... 
doi:10.1007/978-3-642-38574-2_16 fatcat:yom3pf444rbntievnplrn4zo6i

Theories of Homomorphic Encryption, Unification, and the Finite Variant Property

Fan Yang, Santiago Escobar, Catherine Meadows, José Meseguer, Paliath Narendran
2014 Proceedings of the 16th International Symposium on Principles and Practice of Declarative Programming - PPDP '14  
Most theories that arise in cryptographic protocols have decompositions suitable for variant unification, but there is one major exception: the theory that describes encryption that is homomorphic over  ...  This new verification procedure also allows us to construct a rough metric of the complexity of a theory with respect to variant unification, or variant complexity.  ...  Theory of Homomorphic Encryption over Two Xor Operators Definition 20. The theory for homomorphic encryption over two Xor operators is defined as T2XORH = (Σ2XORH, B2XORH, R2XORH).  ... 
doi:10.1145/2643135.2643154 dblp:conf/ppdp/YangEMMN14 fatcat:ss5awwz6wffnnlp6i67rg5svcu

How to prevent type-flaw attacks on security protocols under algebraic properties [article]

Sreekanth Malladi, Pascal Lafourcade
2010 arXiv   pre-print
In this paper, we prove that type-flaw attacks can be prevented with the same technique even under the ACUN algebraic properties of XOR which is commonly used in "real-world" protocols such as SSL 3.0.  ...  Heather et al. proved that tagging every message field with it's type prevents all type-flaw attacks under a free message algebra and perfect encryption system.  ...  We benefited greatly from the following people's help and  ... 
arXiv:1003.5385v1 fatcat:5let6o24lbhizlzazoxbnw2goe

Effective Symbolic Protocol Analysis via Equational Irreducibility Conditions [chapter]

Serdar Erbatur, Santiago Escobar, Deepak Kapur, Zhiqiang Liu, Christopher Lynch, Catherine Meadows, José Meseguer, Paliath Narendran, Sonia Santiago, Ralf Sasse
2012 Lecture Notes in Computer Science  
terms generated during a state exploration are in normal form with respect to the equational theory.  ...  Contextual symbolic reachability analysis also introduces a new type of unification mechanism, which we call asymmetric unification, in which any solution must leave the right side of the solution irreducible  ...  the asymmetric XOR unification algorithm developed for this paper.  ... 
doi:10.1007/978-3-642-33167-1_5 fatcat:ptueva5cwvfj3ccvbqbwntdqbu

Asymmetric Unification and Disunification [article]

Veena Ravishankar, Kimberly A. Gero, Paliath Narendran
2017 arXiv   pre-print
Asymmetric Unification is a type of Equational Unification where the right-hand sides of the equations are in normal form with respect to the given term rewriting system.  ...  In Disunification we solve equations and disequations with respect to an equational theory for the case with free constants.  ...  A theory for which ground disunifiability is in P whereas asymmetric unification is NP-hard This theory is the same as the one mentioned in previous section, ACUN, but with a homomorphism added.  ... 
arXiv:1706.05066v3 fatcat:fwhesedlwzh7zillg5ke7zdjfq

Cap unification

Siva Anantharaman, Hai Lin, Christopher Lynch, Paliath Narendran, Michael Rusinowitch
2010 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security - ASIACCS '10  
Cap Unification is an extension of Equational Unification: look for a cap to be placed on a given set of terms, so as to unify it with a given term modulo the equational theory.  ...  We give a decision procedure for Cap Unification, when the intruder capabilities are modeled as homomorphic encryption theory.  ...  Concerning theories with a homomorphism operator, the only work for active intruders is [12] , which presents decidability results for a class of monoidal theories containing exclusive OR, in combination  ... 
doi:10.1145/1755688.1755713 dblp:conf/ccs/AnantharamanLLNR10 fatcat:ioaqzistgzcgtcknfss4sjtfeq

Symbolic Verification of Privacy-Type Properties for Security Protocols with XOR

David Baelde, Stephanie Delaune, Ivan Gazeau, Steve Kremer
2017 2017 IEEE 30th Computer Security Foundations Symposium (CSF)  
In this paper, we present a novel procedure for verifying equivalences on finite processes, i.e., without replication, for protocols that rely on various cryptographic primitives including exclusive or  ...  We have implemented our procedure in the tool AKISS, and successfully used it on several case studies that are outside the scope of existing tools, e.g., unlinkability on various RFID protocols, and resistance  ...  The research leading to these results has received funding from the European Research Council (  ... 
doi:10.1109/csf.2017.22 dblp:conf/csfw/BaeldeDGK17 fatcat:k5jcblv44fextdcvic3xj6mwdq

The Essence of Reynolds

Stephen Brookes, Peter W. O'Hearn, Uday Reddy
2014 Formal Aspects of Computing  
John Reynolds (1935Reynolds ( -2013 was a pioneer of programming languages research. In this paper we pay tribute to the man, his ideas, and his influence.  ...  After the advent of category theory, homomorphisms, i.e., many-to-one correspondences, were allowed.  ...  John used category theory, and semantics in general, as a tool for guiding design (of a language or a compiler), and not just for after-the-fact study.  ... 
doi:10.1007/s00165-014-0295-x fatcat:cf3w7y647ratnebxbisrrw6oee

The essence of Reynolds

Stephen Brookes, Peter W. O'Hearn, Uday Reddy
2014 Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages - POPL '14  
John Reynolds (1935Reynolds ( -2013 was a pioneer of programming languages research. In this paper we pay tribute to the man, his ideas, and his influence.  ...  After the advent of category theory, homomorphisms, i.e., many-to-one correspondences, were allowed.  ...  John used category theory, and semantics in general, as a tool for guiding design (of a language or a compiler), and not just for after-the-fact study.  ... 
doi:10.1145/2535838.2537851 dblp:conf/popl/BrookesOR14 fatcat:gf5zdcx4j5dyhebxwbgwpvhere

Hierarchical Combination of Intruder Theories [chapter]

Yannick Chevalier, Michaël Rusinowitch
2006 Lecture Notes in Computer Science  
However several interesting equational theories, such as exponentiation with an abelian group law for exponents remain out of the scope of these techniques.  ...  This has motivated us to introduce a new notion of hierarchical combination for non-disjoint intruder theories and to show decidability results for the deduction problem in these theories.  ...  For instance it allows one to combine the abelian group theory of [27] with a theory of an exponential operator.  ... 
doi:10.1007/11805618_9 fatcat:rh6pmjwcmrf3jbdebfic6qikcm

Hierarchical combination of intruder theories

Yannick Chevalier, Michael Rusinowitch
2008 Information and Computation  
However several interesting equational theories, such as exponentiation with an abelian group law for exponents remain out of the scope of these techniques.  ...  This has motivated us to introduce a new notion of hierarchical combination for non-disjoint intruder theories and to show decidability results for the deduction problem in these theories.  ...  For instance it allows one to combine the abelian group theory of [27] with a theory of an exponential operator.  ... 
doi:10.1016/j.ic.2007.07.004 fatcat:irlw623ui5ev3hfy2l6qijhok4

Satisfiability of general intruder constraints with and without a set constructor

Tigran Avanesov, Yannick Chevalier, Michael Rusinowitch, Mathieu Turuani
2017 Journal of symbolic computation  
Most constraint solving procedures for protocol security rely on two properties of constraint systems called monotonicity and variable-origination.  ...  Mazaré in several directions: we allow non-atomic keys, and an associative, commutative and idempotent symbol (for modeling sets). We also give several new applications of the result.  ...  Using this encoding we can express the executability of a protocol scenario purely with a set of deducibility constraints avoiding unifications.  ... 
doi:10.1016/j.jsc.2016.07.009 fatcat:lmd7n6wssbbi7ck5unhc5oy3dy

Satisfiability of general intruder constraints with a set constructor

Tigran Avanesov, Yannick Chevalier, Michael Rusinowitch, Mathieu Turuani
2010 2010 Fifth International Conference on Risks and Security of Internet and Systems (CRiSIS)  
Most constraint solving procedures for protocol security rely on two properties of constraint systems called monotonicity and variable-origination.  ...  Mazaré in several directions: we allow non-atomic keys, and an associative, commutative and idempotent symbol (for modeling sets). We also give several new applications of the result.  ...  Using this encoding we can express the executability of a protocol scenario purely with a set of deducibility constraints avoiding unifications.  ... 
doi:10.1109/crisis.2010.5764919 dblp:conf/crisis/AvanesovCRT10 fatcat:3vhdytdwh5fcxje2fehzna422q

Formal Models and Techniques for Analyzing Security Protocols: A Tutorial

Véronique Cortier, Steve Kremer
2014 Foundations and Trends® in Programming Languages  
This property was first noticed by Abadi and Cortier [2004] and the existence of a context C such that t = E C[t 1 , . . . , t n ] has been later called the cap unification problem [Anantharaman et al.  ...  The aim of this paper is to provide a tutorial to some modern approaches for formally modeling protocols, their goals and automatically verifying them. • We first present an informal description of our  ...  Acknowledgements We would like to thank the reviewer for the careful reading and the helpful suggestions of improvement.  ... 
doi:10.1561/2500000001 fatcat:wzzskipj3zeczkge42wiimt7ja

Beyond Subterm-Convergent Equational Theories in Automated Verification of Stateful Protocols [chapter]

Jannik Dreier, Charles Duménil, Steve Kremer, Ralf Sasse
2017 Lecture Notes in Computer Science  
The TAMARIN prover is a state-of-the-art protocol verification tool.  ...  finite variant property, making TAMARIN the first tool to support at the same time this large set of user-defined equational theories, protocols with global mutable state, an unbounded number of sessions  ...  This work was supported by the European Research Council (ERC) under the European Union's Horizon 2020 research and innovation program (grant agreement No 645865-SPOOC), and by the CNRS project PEPS JCJC  ... 
doi:10.1007/978-3-662-54455-6_6 fatcat:qh2ew4bkfjaprlgy6w2s3pl2nm
« Previous Showing results 1 — 15 out of 26 results