A Reduced Semantics for Deciding Trace Equivalence Using Constraint Systems

نویسندگان

  • David Baelde
  • Stéphanie Delaune
  • Lucca Hirschi
چکیده

Many privacy-type properties of security protocols can be modelled using trace equivalence properties in suitable process algebras. It has been shown that such properties can be decided for interesting classes of finite processes (i.e., without replication) by means of symbolic execution and constraint solving. However, this does not suffice to obtain practical tools. Current prototypes suffer from a classical combinatorial explosion problem caused by the exploration of many interleavings in the behaviour of processes. Mödersheim et al. [17] have tackled this problem for reachability properties using partial order reduction techniques. We revisit their work, generalize it and adapt it for equivalence checking. We obtain an optimization in the form of a reduced symbolic semantics that eliminates redundant interleavings on the fly.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Reduced Semantics for Deciding Trace Equivalence

Many privacy-type properties of security protocols can be modelled using trace equivalence properties in suitable process algebras. It has been shown that such properties can be decided for interesting classes of finite processes (i.e., without replication) by means of symbolic execution and constraint solving. However, this does not suffice to obtain practical tools. Current prototypes suffer ...

متن کامل

Deciding equivalence-based properties using constraint solving1

Formal methods have proved their usefulness for analyzing the security of protocols. Most existingresults focus on trace properties like secrecy or authentication. There are however several securityproperties, which cannot be de ned (or cannot be naturally de ned) as trace properties and requirea notion of behavioural equivalence. Typical examples are anonymity, privacy related prop...

متن کامل

Deciding equivalence-based properties using constraint solving

Formal methods have proved their usefulness for analyzing the security of protocols. Most existingresults focus on trace properties like secrecy or authentication. There are however several securityproperties, which cannot be defined (or cannot be naturally defined) as trace properties and requirea notion of behavioural equivalence. Typical examples are anonymity, privacy related pr...

متن کامل

Automating Security Analysis: Symbolic Equivalence of Constraint Systems

We consider security properties of cryptographic protocols, that are either trace properties (such as confidentiality or authenticity) or equivalence properties (such as anonymity or strong secrecy). Infinite sets of possible traces are symbolically represented using deducibility constraints. We give a new algorithm that decides the trace equivalence for the traces that are represented using su...

متن کامل

A Compositional Method for Deciding Equivalence and Termination of Nondeterministic Programs

In this paper we address the problem of deciding mayand must-equivalence and termination of nondeterministic finite programs from second-order recursion-free Erratic Idealized Algol. We use game semantics to compositionally extract finite models of programs, and the CSP process algebra as a concrete formalism for representation of models and their efficient verification. Observational mayand mu...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2014