Abstract not found

We propose a direct and fully automated translation from standard security protocol descriptions to rewrite rules. This compilation defines non-ambiguous operational semantics for protocols and intruder behavior: they are rewrite systems executed by applying a variant of ac-narrowing. The rewrite rules are processed by the theorem-prover daTac. Multiple instances of a protocol can be run simultaneously as well as a model of the intruder (among several possible). The existence of flaws in the protocol is revealed by the derivation of an inconsistency. Our implementation of the compiler CASRUL, together with the prover daTac, permitted us to derive security flaws in many classical cryptographic protocols.

We prove the completeness of (basic) deduction strategies with constrained clauses modulo associativity and commutativity (AC). Here each inference generates one single conclusion with an additional equality s = AC t in its constraint (instead of one conclusion for each minimal AC-unifier, i.e. exponentially many). Furthermore, computing AC-unifiers is not needed at all. A clause C [[ T ]] is redundant if the constraint T is not AC-unifiable. If C is the empty clause this has to be decided to know whether C [[ T ]] denotes an inconsistency. In all other cases any sound method to detect unsatisfiable constraints can be used. 1 Introduction Some fundamental ideas on applying symbolic constraints to theorem proving were given in [KKR90], where a constrained clause is a shorthand for its (infinite) set of ground instances satisfying the constraint. In a constrained equation f(x) ' a [[ x = g(y) ]], the equality `=' of the constraint is usually interpreted in T (F) (syntactic equality), ...

We define a superposition calculus specialized for abelian groups represented as integer modules, and show its refutational completeness. This allows to substantially reduce the number of inferences compared to a standard superposition prover which applies the axioms directly. Specifically, equational literals are simplified, so that only the maximal term of the sums is on the left-hand side. Only certain minimal superpositions need to be considered; other superpositions which a standard prover would consider become redundant. This not only reduces the number of inferences, but also reduces the size of the AC-unification problems which are generated. That is, AC-unification is not necessary at the top of a term, only below some non-AC-symbol. Further, we consider situations where the axioms give rise to variable overlaps and develop techniques to avoid these explosive cases where possible. 1 Introduction Historically, starting from plain resolution, more and more problematic axioms ha...

We propose a new inference system for automated deduction with equality and associative commutative operators. This system is an extension of the ordered paramodulation strategy. However, rather than using associativity and commutativity as the other axioms, they are handled by the AC-unification algorithm and the inference rules. Moreover, we prove the refutational completeness of this system without needing the functional reflexive axioms or ACaxioms. Such a result is obtained by semantic tree techniques. We also show that the inference system is compatible with simplification rules.

We describe a refined superposition calculus for cancellative abelian monoids. They encompass not only abelian groups, but also such ubiquitous structures as the natural numbers or multisets. Both the AC axioms and the cancellation law are difficult for a general purpose superposition theorem prover, as they create many variants of clauses which contain sums. Our calculus requires neither explicit inferences with the theory clauses for cancellative abelian monoids nor extended equations or clauses. Improved ordering constraints allow us to restrict to inferences that involve the maximal term of the maximal sum in the maximal literal. Furthermore, the search space is reduced drastically by certain variable elimination techniques. Keywords Automated Theorem Proving, First-Order Logic, Superposition, Cancellative Abelian Monoids, Associativity, Commutativity, Variable Elimination, Term Rewriting. 1 Introduction To be useful in applications such as program verification and synthesis, a...

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . iii Zusammenfassung . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . iv Extended Abstract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v Ausf uhrliche Zusammenfassung . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix 1 Introduction 1 1.1 Related work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2 Preliminaries 7 2.1 Mathematical structures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 2.2 Orderings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 2.3 Strictly monotonic functions . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 2.4 Algebra . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 2.5 First-order predicate logic . . . . . . . . . . . . . . . . . ...

We give a proof of refutational completeness for Extended Narrowing And Resolution (ENAR), a calculus introduced by Dowek, Hardin and Kirchner in the context of Theorem Proving Modulo. ENAR integrates narrowing with respect to a set of rewrite rules on propositions into automated first-order theorem proving by resolution. Our proof allows to impose ordering restrictions on ENAR and provides general redundancy criteria, which are crucial for finding nontrivial proofs. On the other hand, it requires conuence and termination of the rewrite system, and in addition the existence of a well-founded ordering on propositions that is compatible with rewriting, compatible with ground inferences, total on ground clauses, and has some additional technical properties. We show that such an ordering exists for a fragment of set theory. This example falls outside the scope of a previous completeness proof for ENAR that requires cut elimination for a sequent calculus modulo the rewrite rules....

der Technischen Fakult"at der Universit"at des Saarlandes Saarbr"ucken

We show how to derive refutationally complete ground superposition calculi systematically from convergent term rewriting systems for equational theories, in order to make automated theorem proving in these theories more eective. In particular we consider abelian groups and commutative rings. These are dicult for automated theorem provers, since their axioms of associativity, commutativity, distributivity and the inverse law can generate many variations of the same equation. For these theories ordering restrictions can be strengthened so that inferences apply only to maximal summands, and superpositions into the inverse law that move summands from one side of an equation to the other can be replaced by an isolation rule that isolates the maximal terms on one side. Additional inferences arise from superpositions of extended clauses, but we can show that most of these are redundant. In particular, none are needed in the case of abelian groups, and at most one for any pair of ...