Article

A Method for Proving Observational Equivalence

Authors:

Véronique Cortier,

Stéphanie DelauneAuthors Info & Claims

CSF '09: Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium

Pages 266 - 276

https://doi.org/10.1109/CSF.2009.9

Published: 08 July 2009 Publication History

Publisher Site

Abstract

Formal methods have proved their usefulness for analyzing the security of protocols. Most existing results focus on trace properties like secrecy (expressed as a reachability property) or authentication. There are however several security properties, which cannot be defined (or cannot be naturally defined) as trace properties and require the notion of observational equivalence. Typical examples are anonymity, privacy related properties or statements closer to security properties used in cryptography.In this paper, we consider the applied pi calculus and we show that for determinate processes, observational equivalence actually coincides with trace equivalence, a notion simpler to reason with.We exhibit a large class of determinate processes, called simple processes, that capture most existing protocols and cryptographic primitives. Then, for simple processes without replication nor else branch,we reduce the decidability of trace equivalence to deciding an equivalence relation introduced by M. Baudet. Altogether, this yields the first decidability result of observational equivalence for a general class of equational theories.

Cited By

View all

Comon HJacomme CScerri GLigatti JOu XKatz JVigna G(2020)Oracle Simulation: A Technique for Protocol Composition with Long Term Shared SecretsProceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security10.1145/3372297.3417229(1427-1444)Online publication date: 30-Oct-2020
https://dl.acm.org/doi/10.1145/3372297.3417229
Cheval VKremer SRakotonirina ICavallaro LKinder JWang XKatz J(2019)Exploiting Symmetries When Proving Equivalence Properties for Security ProtocolsProceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security10.1145/3319535.3354260(905-922)Online publication date: 6-Nov-2019
https://dl.acm.org/doi/10.1145/3319535.3354260
Desai APhanishayee AQadeer SSeshia S(2018)Compositional programming and testing of dynamic distributed systemsProceedings of the ACM on Programming Languages10.1145/32765292:OOPSLA(1-30)Online publication date: 24-Oct-2018
https://dl.acm.org/doi/10.1145/3276529
Show More Cited By

Recommendations

Symbolic bisimulation for the applied pi calculus
Security Issues in Concurrency (SecCo'07)

We propose a symbolic semantics for the finite applied pi calculus. The applied pi calculus is a variant of the pi calculus with extensions for modelling cryptographic protocols. By treating inputs symbolically, our semantics avoids potentially infinite ...
Automated Verification of Equivalence Properties of Cryptographic Protocols

Indistinguishability properties are essential in formal verification of cryptographic protocols. They are needed to model anonymity properties, strong versions of confidentiality, and resistance against offline guessing attacks. Indistinguishability ...
Automated Symbolic Proofs of Observational Equivalence
CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security

Many cryptographic security definitions can be naturally formulated as observational equivalence properties. However, existing automated tools for verifying the observational equivalence of cryptographic protocols are limited: they do not handle ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

CSF '09: Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium

July 2009

314 pages

ISBN:9780769537122

Publisher

IEEE Computer Society

United States

Publication History

Published: 08 July 2009

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

18
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 12 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Comon HJacomme CScerri GLigatti JOu XKatz JVigna G(2020)Oracle Simulation: A Technique for Protocol Composition with Long Term Shared SecretsProceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security10.1145/3372297.3417229(1427-1444)Online publication date: 30-Oct-2020
https://dl.acm.org/doi/10.1145/3372297.3417229
Cheval VKremer SRakotonirina ICavallaro LKinder JWang XKatz J(2019)Exploiting Symmetries When Proving Equivalence Properties for Security ProtocolsProceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security10.1145/3319535.3354260(905-922)Online publication date: 6-Nov-2019
https://dl.acm.org/doi/10.1145/3319535.3354260
Desai APhanishayee AQadeer SSeshia S(2018)Compositional programming and testing of dynamic distributed systemsProceedings of the ACM on Programming Languages10.1145/32765292:OOPSLA(1-30)Online publication date: 24-Oct-2018
https://dl.acm.org/doi/10.1145/3276529
Chadha RSistla AViswanathan MAceto LIngólfsdóttir A(2017)Verification of randomized security protocolsProceedings of the 32nd Annual ACM/IEEE Symposium on Logic in Computer Science10.5555/3329995.3330061(1-12)Online publication date: 20-Jun-2017
https://dl.acm.org/doi/10.5555/3329995.3330061
Chadha RCheval VCiobâcă ŞKremer S(2016)Automated Verification of Equivalence Properties of Cryptographic ProtocolsACM Transactions on Computational Logic10.1145/292671517:4(1-32)Online publication date: 20-Sep-2016
https://dl.acm.org/doi/10.1145/2926715
Colvin R(2016)Modelling and analysing neural networks using a hybrid process algebraTheoretical Computer Science10.1016/j.tcs.2015.08.019623:C(15-64)Online publication date: 11-Apr-2016
https://dl.acm.org/doi/10.1016/j.tcs.2015.08.019
Chrétien RCortier VDelaune S(2015)From Security Protocols to Pushdown AutomataACM Transactions on Computational Logic10.1145/281126217:1(1-45)Online publication date: 23-Sep-2015
https://dl.acm.org/doi/10.1145/2811262
Cheval VCortier VPlet A(2013)Lengths May Break Privacy --- Or How to Check for Equivalences with LengthProceedings of the 25th International Conference on Computer Aided Verification - Volume 804410.5555/2958031.2958049(708-723)Online publication date: 13-Jul-2013
https://dl.acm.org/doi/10.5555/2958031.2958049
Iplea FVamanu LVíRlan C(2013)Reasoning about minimal anonymity in security protocolsFuture Generation Computer Systems10.1016/j.future.2012.02.00129:3(828-842)Online publication date: 1-Mar-2013
https://dl.acm.org/doi/10.1016/j.future.2012.02.001
Liu JLin H(2012)A complete symbolic bisimulation for full applied pi calculusTheoretical Computer Science10.5555/2846460.2846535458:C(76-112)Online publication date: 2-Nov-2012
https://dl.acm.org/doi/10.5555/2846460.2846535
Show More Cited By

Abstract

Cited By

Recommendations

Symbolic bisimulation for the applied pi calculus

Automated Verification of Equivalence Properties of Cryptographic Protocols

Automated Symbolic Proofs of Observational Equivalence

Comments

Information

Published In

Publisher

Publication History

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations