Access the full text.
Sign up today, get DeepDyve free for 14 days.
A. Armando, D. Basin, Yohan Boichut, Yannick Chevalier, L. Compagna, Jorge Cuéllar, P. Drielsma, Pierre-Cyrille Héam, O. Kouchnarenko, Jacopo Mantovani, S. Mödersheim, David Oheimb, M. Rusinowitch, Judson Santiago, Mathieu Turuani, L. Viganò, L. Vigneron (2005)
The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications
Hubert Comon-Lundh, Vitaly Shmatikov (2003)
Intruder deductions, constraint solving and insecurity decision in presence of exclusive or18th Annual IEEE Symposium of Logic in Computer Science, 2003. Proceedings.
Martín Abadi, C. Fournet (2001)
Mobile values, new names, and secure communication
A. Fujioka, T. Okamoto, K. Ohta (1992)
A Practical Secret Voting Scheme for Large Scale Elections
(2007)
Laboratoire Spécification et Vérification
Mathilde Arnaud, V. Cortier, S. Delaune (2007)
Combining Algorithms for Deciding Knowledge in Security Protocols
Hubert Comon-Lundh, V. Cortier (2003)
New Decidability Results for Fragments of First-Order Logic and Application to Cryptographic Protocols
Stefan Ciobaca, S. Delaune, Steve Kremer (2009)
Computing Knowledge in Security Protocols Under Convergent Equational TheoriesJournal of Automated Reasoning, 48
B. Blanchet (2001)
An efficient cryptographic protocol verifier based on prolog rulesProceedings. 14th IEEE Computer Security Foundations Workshop, 2001.
S. Mödersheim, L. Viganò (2009)
The Open-Source Fixed-Point Model Checker for Symbolic Analysis of Security Protocols
J. Millen, Vitaly Shmatikov (2001)
Constraint solving for bounded-process cryptographic protocol analysis
Apply the transformation rules to obtain (if possible) two saturated states (Φ 1 , Ψ 1 ) and (Φ 2 , Ψ 2 ) such that Init(ϕ i ) =⇒ * (Φ i , Ψ i )
Yannick Chevalier, M. Rusinowitch (2012)
Decidability of Equivalence of Symbolic DerivationsJournal of Automated Reasoning, 48
(2010)
ACM Transactions on Computational Logic
Mathieu Turuani (2006)
The CL-Atse Protocol Analyser
Santiago Escobar, C. Meadows, J. Meseguer, Sonia Santiago (2008)
State space reduction in the Maude-NRL Protocol AnalyzerInf. Comput., 238
M. Baudet, B. Warinschi, M. Abadi (2006)
Guessing attacks and the computational soundness of static equivalence
H. Comon, Vitaly Shmatikov (2002)
Is it possible to decide whether a cryptographic protocol is secure or notJournal of telecommunications and information technology
K. Verma (2003)
Two-Way Equational Tree Automata for AC-Like Theories: Decidability and Closure Properties
Return yes if there exists N such that N (cid:3) Φ t ↓ R (that is, the R -reduced form of t is syntactically deducible from Φ); otherwise return no
Céline Sarazin-Desbois (2012)
Thèse de Doctorat
V. Cortier, Gavin Keighren, G. Steel (2007)
Automatic Analysis of the Security of XOR-Based Key Management Schemes
H. Seidl, K. Verma (2009)
Flat and One-Variable Clauses for Single Blind Copying Protocols: The XOR Case
(2007)
Th`ese de doctorat. Ph.D. thesis, Laboratoire Sp´ecification et V´erification, ENS Cachan, France
M. Baudet (2007)
Sécurité des protocoles cryptographiques : aspects logiques et calculatoires. (Security of cryptographic protocols : logical and computational aspects)
Article 4, Publication date: February 2013
C. Cremers, P. Lafourcade, Philippe Nadeau (2009)
Comparing State Spaces in Automatic Security Protocol Analysis
Yannick Chevalier, Ralf Küsters, M. Rusinowitch, Mathieu Turuani (2003)
Deciding the Security of Protocols with Diffie-Hellman Exponentiation and Products in Exponents
S. Delaune, S. Kremer, M. Ryan (2009)
Verifying privacy-type properties of electronic voting protocols
DelauneStéphanie, KremerSteve, RyanMark (2009)
Verifying privacy-type properties of electronic voting protocolsJournal of Computer Security
Algorithm for static equivalence. Let ϕ 1 and ϕ 2 be two initial frames. The procedure for checking ϕ 1 ≈ E ϕ 2 runs as follows
There exists no fair infinite derivation starting from Init( ϕ )
J. Goubault-Larrecq, M. Roger, K. Verma (2005)
Abstraction and resolution modulo AC: How to verify Diffie-Hellman-like protocols automaticallyJ. Log. Algebraic Methods Program., 64
By construction, (Φ, Ψ) =⇒ (Φ ′ , Ψ ′ ) by an instance of the A.2 rule. Since t 0 is ground and σ = σ ′ σ
V. Cortier, S. Delaune (2007)
Deciding Knowledge in Security Protocols for Monoidal Equational Theories
V. Cortier, S. Delaune, P. Lafourcade (2006)
A survey of algebraic properties used in cryptographic protocolsJ. Comput. Secur., 14
Myrto Arapinis, Tom Chothia, Eike Ritter, M. Ryan (2009)
Untraceability in the applied pi-calculus2009 International Conference for Internet Technology and Secured Transactions, (ICITST)
2}, for every equation (∀z 1 , . . . , z .M N ) in Ψ i , check that M ϕ j = E N ϕ j — that is, in other words
Vincent Cheval, Hubert Comon-Lundh, S. Delaune (2010)
Automating Security Analysis: Symbolic Equivalence of Constraint Systems
G. Lowe (1996)
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDRSoftw. Concepts Tools, 17
R. Corin, J. Doumen, S. Etalle, N. Busi, R. Gorrieri, Fabio Martinelli (2004)
Analysing Password Protocol Security Against Off-line Dictionary Attacks
Yannick Chevalier, Ralf Küsters, M. Rusinowitch, Mathieu Turuani (2003)
An NP decision procedure for protocol insecurity with XOR18th Annual IEEE Symposium of Logic in Computer Science, 2003. Proceedings.
S. Anantharaman, P. Narendran, M. Rusinowitch (2007)
Intruders with Caps
S. Delaune, S. Kremer, M. Ryan (2007)
Symbolic bisimulation for the applied pi calculus
B. Blanchet, M. Abadi, C. Fournet (2005)
Automated verification of selected equivalences for security protocols20th Annual IEEE Symposium on Logic in Computer Science (LICS' 05)
M. Abadi, V. Cortier (2004)
Deciding knowledge in security protocols under equational theoriesTheor. Comput. Sci., 367
M. Baudet (2005)
Deciding security of protocols against off-line guessing attacks
S. Delaune, Florent Jacquemard (2004)
A decision procedure for the verification of security protocols with explicit destructors
Alwen Tiu, J. Dawson (2010)
Automating Open Bisimulation Checking for the Spi Calculus2010 23rd IEEE Computer Security Foundations Symposium
Ralf Küsters, Tomasz Truderung (2008)
Reducing Protocol Analysis with XOR to the XOR-Free Case in the Horn Theory Based ApproachJournal of Automated Reasoning, 46
Vitaly Shmatikov (2004)
Decidable Analysis of Cryptographic Protocols with Products and Modular Exponentiation
(2009)
YAPA: A Generic Tool for Computing Intruder Knowledge
Yohan Boichut, Pierre-Cyrille Héam, O. Kouchnarenko (2006)
Handling Algebraic Properties in Automatic Analysis of Security Protocols
M. Baudet, V. Cortier, S. Kremer (2005)
Computationally sound implementations of equational theories against passive adversariesInf. Comput., 207
YAPA: A Generic Tool for Computing Intruder Knowledge MATHIEU BAUDET, MLstate ´ VERONIQUE CORTIER, LORIA - CNRS ´ STEPHANIE DELAUNE, LSV, ENS Cachan & CNRS & INRIA Saclay Ile-de-France Reasoning about the knowledge of an attacker is a necessary step in many formal analyses of security protocols. In the framework of the applied pi-calculus, as in similar languages based on equational logics, knowledge is typically expressed by two relations: deducibility and static equivalence. Several decision procedures have been proposed for these relations under a variety of equational theories. However, each theory has its particular algorithm, and none has been implemented so far. We provide a generic procedure for deducibility and static equivalence that takes as input any convergent rewrite system. We show that our algorithm covers most of the existing decision procedures for convergent theories. We also provide an efficient implementation and compare it briefly with the tools ProVerif and KiSs. Categories and Subject Descriptors: F.3.1 [Logics and Meanings of Programs]: Specifying and Verifying and Reasoning about Programs General Terms: Security Additional Key Words and Phrases: Formal proofs, security protocols, verification, deduction, static equivalence ACM Reference Format: Baudet, M., Cortier, V., and Delaune, S. 2013. YAPA: A generic
ACM Transactions on Computational Logic (TOCL) – Association for Computing Machinery
Published: Feb 1, 2013
Read and print from thousands of top scholarly journals.
Already have an account? Log in
Bookmark this article. You can see your Bookmarks on your DeepDyve Library.
To save an article, log in first, or sign up for a DeepDyve account if you don’t already have one.
Copy and paste the desired citation format or use the link below to download a file formatted for EndNote
Access the full text.
Sign up today, get DeepDyve free for 14 days.
All DeepDyve websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.