this article was going through many versions as the ideas developed, and the mutual influences cannot be specified. This work was partly supported by DARPA contract NAG2-703 and ARPA/ONR grant N00014-94-1-0775

In 1933 G odel introduced a calculus of provability (also known as modal logic S4) and left open the question of its exact intended semantics. In this paper we give a solution to this problem. We find the logic LP of propositions and proofs and show that G odel's provability calculus is nothing but the forgetful projection of LP. This also achieves G odel's objective of defining intuitionistic propositional logic Int via classical proofs and provides a Brouwer-Heyting-Kolmogorov style provability semantics for Int which resisted formalization since the early 1930s. LP may be regarded as a unified underlying structure for intuitionistic, modal logics, typed combinatory logic and #-calculus.

We describe a sequent calculus, based on work of Herbelin, of which the cut-free derivations are in 1-1 correspondence with the normal natural deduction proofs of intuitionistic logic. We present a simple proof of Herbelin's strong cutelimination theorem for the calculus, using the recursive path ordering theorem of Dershowitz.

abstract. The family of normal propositional modal logic systems is given a very systematic organisation by their model theory. This model theory is generally given using frame semantics, and it is systematic in the sense that for the most important systems we have a clean, exact correspondence between their constitutive axioms as they are usually given in a Hilbert-Lewis style and conditions on the accessibility relation on frames. By contrast, the usual structural proof theory of modal logic, as given in Gentzen systems, is ad-hoc. While we can formulate several modal logics in the sequent calculus that enjoy cut-elimination, their formalisation arises through system-bysystem fine tuning to ensure that the cut-elimination holds, and the correspondence to the axioms of the Hilbert-Lewis systems becomes opaque. This paper introduces a systematic presentation for the systems K, D, M, S4, and S5 in the calculus of structures, a structural proof theory that employs deep inference. Because of this, we are able to axiomatise the modal logics in a manner directly analogous to the Hilbert-Lewis axiomatisation. We show that the calculus possesses a cut-elimination property directly analogous to cut-elimination for the sequent calculus for these systems, and we discuss the extension to several other modal logics. 1

We prove a folklore theorem, that two derivations in a cut-free sequent calculus for intuitionistic propositional logic (based on Kleene's G3) are inter-permutable (using a set of basic "permutation reduction rules" derived from Kleene's work in 1952) iff they determine the same natural deduction. The basic rules form a confluent and weakly normalising rewriting system. We refer to Schwichtenberg's proof elsewhere that a modification of this system is strongly normalising. Key words: intuitionistic logic, proof theory, natural deduction, sequent calculus. 1 Introduction There is a folklore theorem that two intuitionistic sequent calculus derivations are "really the same" iff they are inter-permutable, using permutations as described by Kleene in [13]. Our purpose here is to make precise and prove such a "permutability theorem". Prawitz [18] showed how intuitionistic sequent calculus derivations determine natural deductions, via a mapping ' from LJ to NJ (here we consider only ...

A focused proof system provides a normal form to cut-free proofs in which the application of invertible and non-invertible inference rules is structured. Within linear logic, the focused proof system of Andreoli provides an elegant and comprehensive normal form for cut-free proofs. Within intuitionistic and classical logics, there are various different proof systems in the literature that exhibit focusing behavior. These focused proof systems have been applied to both the proof search and the proof normalization approaches to computation. We present a new, focused proof system for intuitionistic logic, called LJF, and show how other intuitionistic proof systems can be mapped into the new system by inserting logical connectives that prematurely stop focusing. We also use LJF to design a focused proof system LKF for classical logic. Our approach to the design and analysis of these systems is based on the completeness of focusing in linear logic and on the notion of polarity that appears in Girard’s LC and LU proof systems.

It is well-known that weakening and contraction cause naïve categorical models of the classical sequent calculus to collapse to Boolean lattices. Starting from a convenient formulation of the well-known categorical semantics of linear classical sequent proofs, we give models of weakening and contraction that do not collapse. Cut-reduction is interpreted by a partial order between morphisms. Our models make no commitment to any translation of classical logic into intuitionistic logic and distinguish non-deterministic choices of cut-elimination. We show soundness and completeness via initial models built from proof nets, and describe models built from sets and relations.

Traditional Public Key Infrastructures (PKI) have not lived up to their promise because there are too many ways to define PKIs, too many cryptographic primitives to build them with, and too many administrative domains with incompatible roots of trust. Alpaca is an authentication and authorization framework that embraces PKI diversity by enabling one PKI to “plug in ” another PKI’s credentials and cryptographic algorithms, allowing users of the latter to authenticate themselves to services using the former using their existing, unmodified certificates. Alpaca builds on Proof-Carrying Authorization (PCA) [8], expressing a credential as an explicit proof of a logical claim. Alpaca generalizes PCA to express not only delegation policies but also the cryptographic primitives, credential formats, and namespace structure needed to use foreign credentials directly. To achieve this goal, Alpaca introduces a method of creating and naming new principals which behave according to arbitrary rules, a modular approach to logical axioms, and a domain-specific language specialized for reasoning about authentication. We have implemented Alpaca as a Python module that assists applications in generating proofs (e.g., in a client requesting access to a resource), and in verifying those proofs via a compact 800-line TCB (e.g., in a server providing that resource). We present examples demonstrating Alpaca’s extensibility in scenarios involving inter-organization PKI interoperability and secure remote PKI upgrade.

From the analogue of Böhm’s Theorem proved for the typed lambda calculus, without product types and with them, it is inferred that every cartesian closed category that satisfies an equality between arrows not satisfied in free cartesian closed categories must be a preorder. A new proof is given here of these results, which were obtained previously by Richard Statman and Alex K. Simpson.

It is shown how to restrict recursion on notation in all finite types so as to characterize the polynomial time computable functions. The restrictions are obtained by enriching the type structure with the formation of types !oe, and by adding linear concepts to the lambda calculus. 1 Introduction Recursion in all finite types was introduced by Hilbert [9] and later became known as the essential part of Godel's system T [8]. This system has long been viewed as a powerful scheme unsuitable for describing small complexity classes such as polynomial time. Simmons [16] showed that ramification can be used to characterize the primitive recursive functions by higher type recursion, and Leivant and Marion [14] showed that another form of ramification can be used to restrict higher type recursion to PSPACE. However, to characterize the much smaller class of polynomial-time computable functions by higher type recursion, it seems that an additional principle is required. By introducing linear...