A procedure for deciding symbolic equivalence between sets of constraint systems - Archive ouverte HAL Access content directly
Journal Articles Information and Computation Year : 2017

A procedure for deciding symbolic equivalence between sets of constraint systems

(1) , (2) , (3, 4, 5)
1
2
3
4
5

Abstract

We consider security properties of cryptographic protocols that can be modelled using trace equivalence, a crucial notion when specifying privacy-type properties, like anonymity, vote-privacy, and unlinkability. Infinite sets of possible traces are symbolically represented using deducibility constraints. We describe an algorithm that decides trace equivalence for protocols that use standard primitives and that can be represented using such constraints. More precisely, we consider symbolic equivalence between sets of constraint systems, and we also consider disequations. Considering sets and disequations is actually crucial to decide trace equivalence for processes that may involve else branches and/or private channels (for a bounded number of sessions). Our algorithm for deciding symbolic equivalence between sets of constraint systems is implemented and performs well in practice. Unfortunately, it does not scale up well for deciding trace equivalence between processes. This is however the first implemented algorithm deciding trace equivalence on such a large class of processes.
Fichier principal
Vignette du fichier
CCD-ic17.pdf (482.85 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-01584242 , version 1 (05-10-2017)

Identifiers

Cite

Vincent Cheval, Hubert Comon-Lundh, Stéphanie Delaune. A procedure for deciding symbolic equivalence between sets of constraint systems. Information and Computation, 2017, 255, pp.94 - 125. ⟨10.1016/j.ic.2017.05.004⟩. ⟨hal-01584242⟩
295 View
108 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More