Relating Process Algebras and Multiset Rewriting for Immediate Decryption Protocols
نویسندگان
چکیده
When formalizing security protocols, different specification languages support very different reasoning methodologies, whose results are not directly or easily comparable. Therefore, establishing clear mappings among different frameworks is highly desirable, as it permits various methodologies to cooperate by interpreting theoretical and practical results of one system in another. In this paper, we examine the nontrivial relationship between two general verification frameworks: multiset rewriting (MSR) and a process algebra (PA) inspired to CCS and the π-calculus. Although defining a simple and general bijection between MSR and PA appears difficult, we show that the sublanguages needed to specify a large class of cryptographic protocols (immediate decryption protocols) admits an effective translation that is not only bijective and trace-preserving, but also induces a weak form of bisimulation across the two languages. In particular, the correspondence sketched in this abstract permits transferring several important trace-based properties such as secrecy and many forms of authentication. ? Partially supported by MIUR project “Constraint Based Verification of Reactive Systems” (COVER), and by the MIUR project “Network Aware Programming: Object, Languages, Implementation” (NAPOLI) ?? Partially supported by NRL under contract N00173-00-C-2086. ? ? ? Supported by the MIUR-CNR Project SP4. † Partially supported by MIUR project “Constraint Based Verification of Reactive Systems” (COVER), by MIUR project “MEFISTO”, by Microsoft Research and by the CSP project “SeTAPS II”
منابع مشابه
Relating multiset rewriting and process algebras for security protocol analysis
When formalizing security protocols, different specificationlanguages support very different reasoning methodologies, whose resultsare not directly or easily comparable. Therefore, establishing clear map-pings among different frameworks is highly desirable, as it permits vari-ous methodologies to cooperate by interpreting theoretical and practicalresults of one system into a...
متن کاملRelating Process Algebras and Multiset Rewriting for Security Protocol Analysis
When formalizing security protocols, different specification languages support very different reasoning methodologies, whose results are not directly or easily comparable. Therefore, establishing clear relationships among different frameworks is highly desirable, as it permits various methodologies to cooperate by interpreting theoretical and practical results of one system in another. In this ...
متن کاملRelating Pro ess Algebras and Multiset Rewriting ( for Example for Se urity Proto ol Analysis )
متن کامل
Relating Process Algebras and Multiset Rewriting (for Example for Security Protocol Analysis)
Distributed systems are abstractly viewed as either a collection of agents communicating through a global state, or as a set of processes that evolve by pairwise exchanging messages. Languages and frameworks that adopt these two views generally yield very different specifications of the same system, and support distinct reasoning methodologies. In this paper, we examine the non-trivial relation...
متن کاملRelating Strands and Multiset Rewriting for Security Protocol Analysis Revised Extended Abstracty
Formal analysis of security protocols is largely based on a set of assumptions commonly referred to as the Dolev-Yao model. Two formalisms that state the basic assumptions of this model are related here: strand spaces [6] and multiset rewriting with existential quantification [2, 5]. Although it is fairly intuitive that these two languages should be equivalent in some way, a number of modificat...
متن کامل