A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf
.
Deducibility Constraints, Equational Theory and Electronic Money
[chapter]
Lecture Notes in Computer Science
The starting point of this work is a case study (from France Télécom) of an electronic purse protocol. The goal was to prove that the protocol is secure or that there is an attack. Modeling the protocol requires algebraic properties of a fragment of arithmetic, typically containing modular exponentiation. The usual equational theories described in papers on security protocols are too weak: the protocol cannot even be executed in these models. We consider here an equational theory which is
doi:10.1007/978-3-540-73147-4_10
fatcat:siochmxjibgy7cr3xfzk562h2q