A. Huima. EOEcient innite-state analysis of security protocols. In Proc. Formal methods and security protocols, FLOC Workshop, Trento, 1999. INRIA On the reachability problem in cryptographic protocols 25  Home/Search   Document Not in Database   Summary   Related Articles   Check

....ground terms of a given rst order signature. Standard tools for symbolic computation such as syntactic unication and tree automata are then available. RR n# 3915 4 Roberto M. Amadio Denis Lugiez We should point out that this approach is not new. For instance, it is the one followed by Huima in [Hui99] where a decidability result for the the reachability problem is claimed (we will mention in section 2 some technical dioeerences) The proof of this result is actually presented in Huima s master s thesis, it runs for about 45 pages and it is quite involved. Our failure to fully understand this ....

....2.1 (1) If T M then S(T ) A(T ) M. 2) If T M(m) then S(T ) A(T ) M(m) for any m 0. 3) Dene a function G as G(T ) T [ ft 1 ; t 2 j ht 1 ; t 2 i 2 Tg [ ft 1 j E(t 1 ; t 2 ) t 2 2 Tg Then A(T ) S n2 G n (T ) Related modelling We point out that Monniaux [Mon99] and Huima [Hui99] consider a signature with constructors such as encryption and pairing and destructors such as decryption and projection. In their approach, terms are considered up to the equality induced by a canonical term rewriting system. In our approach, the decryption and projection functions are handled ....

A. Huima. EOEcient innite-state analysis of security protocols. In Proc. Formal methods and security protocols, FLOC Workshop, Trento, 1999. INRIA On the reachability problem in cryptographic protocols 25

....tools. Paulson [14] uses induction on traces to formally prove protocol correctness using Isabelle. Bolignano [4] uses a state based analysis of the protocols, proving invariant properties, with the proofs subsequently mechanized in Coq. Although these approaches are not automatic, recent work [10, 16] suggests that certain authentication protocols can be modelled in decidable fragments of rst order logic. In all the approaches mentioned above the attacker must be explicitly modelled. A more recent trend has been the use of name passing process calculi for studying cryptographic authentication ....

A. Huima. EOEcient innite-state analysis of security protocols. In Proc. Formal methods and security protocols, FLOC Workshop, Trento, 1999.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC