A Symbolic Intruder Model for Hash-Collision Attacks

In the recent years, several practical methods have been published to compute collisions on some commonly used hash functions. In this paper we present a method to take into account, at the symbolic level, that an intruder actively attacking a protocol execution may use these collision algorithms in reasonable time during the attack. Our decision procedure relies on the reduction of constraint solving for an intruder exploiting the collision properties of hush functions to constraint solving for an intruder operating on words

Model Checking Synchronized Products of Infinite Transition Systems

Formal verification using the model checking paradigm has to deal with two aspects: The system models are structured, often as products of components, and the specification logic has to be expressive enough to allow the formalization of reachability properties. The present paper is a study on what can be achieved for infinite transition systems under these premises. As models we consider products of infinite transition systems with different synchronization constraints. We introduce finitely synchronized transition systems, i.e. product systems which contain only finitely many (parameterized) synchronized transitions, and show that the decidability of FO(R), first-order logic extended by reachability predicates, of the product system can be reduced to the decidability of FO(R) of the components. This result is optimal in the following sense: (1) If we allow semifinite synchronization, i.e. just in one component infinitely many transitions are synchronized, the FO(R)-theory of the product system is in general undecidable. (2) We cannot extend the expressive power of the logic under consideration. Already a weak extension of first-order logic with transitive closure, where we restrict the transitive closure operators to arity one and nesting depth two, is undecidable for an asynchronous (and hence finitely synchronized) product, namely for the infinite grid.Comment: 18 page

Termination of Narrowing: Automated Proofs and Modularity Properties

En 1936 Alan Turing demostro que el halting problem, esto es, el problema de decidir si un programa termina o no, es un problema indecidible para la inmensa mayoria de los lenguajes de programacion. A pesar de ello, la terminacion es un problema tan relevante que en las ultimas decadas un gran numero de tecnicas han sido desarrolladas para demostrar la terminacion de forma automatica de la maxima cantidad posible de programas. Los sistemas de reescritura de terminos proporcionan un marco teorico abstracto perfecto para el estudio de la terminacion de programas. En este marco, la evaluaci on de un t ermino consiste en la aplicacion no determinista de un conjunto de reglas de reescritura. El estrechamiento (narrowing) de terminos es una generalizacion de la reescritura que proporciona un mecanismo de razonamiento automatico. Por ejemplo, dado un conjunto de reglas que denan la suma y la multiplicacion, la reescritura permite calcular expresiones aritmeticas, mientras que el estrechamiento permite resolver ecuaciones con variables. Esta tesis constituye el primer estudio en profundidad de las propiedades de terminacion del estrechamiento. Las contribuciones son las siguientes. En primer lugar, se identican clases de sistemas en las que el estrechamiento tiene un comportamiento bueno, en el sentido de que siempre termina. Muchos metodos de razonamiento automatico, como el analisis de la semantica de lenguajes de programaci on mediante operadores de punto jo, se benefician de esta caracterizacion. En segundo lugar, se introduce un metodo automatico, basado en el marco teorico de pares de dependencia, para demostrar la terminacion del estrechamiento en un sistema particular. Nuestro metodo es, por primera vez, aplicable a cualquier clase de sistemas. En tercer lugar, se propone un nuevo metodo para estudiar la terminacion del estrechamiento desde un termino particular, permitiendo el analisis de la terminacion de lenguajes de programacion. El nuevo metodo generaliza losIborra López, J. (2010). Termination of Narrowing: Automated Proofs and Modularity Properties [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/19251Palanci

Rewrite based Verification of XML Updates

We consider problems of access control for update of XML documents. In the context of XML programming, types can be viewed as hedge automata, and static type checking amounts to verify that a program always converts valid source documents into also valid output documents. Given a set of update operations we are particularly interested by checking safety properties such as preservation of document types along any sequence of updates. We are also interested by the related policy consistency problem, that is detecting whether a sequence of authorized operations can simulate a forbidden one. We reduce these questions to type checking problems, solved by computing variants of hedge automata characterizing the set of ancestors and descendants of the initial document type for the closure of parameterized rewrite rules

Verifying Recursive Active Documents with Positive Data Tree Rewriting

This paper proposes a data tree-rewriting framework for modeling evolving documents. The framework is close to Guarded Active XML, a platform used for handling XML repositories evolving through web services. We focus on automatic verification of properties of evolving documents that can contain data from an infinite domain. We establish the boundaries of decidability, and show that verification of a {\em positive} fragment that can handle recursive service calls is decidable. We also consider bounded model-checking in our data tree-rewriting framework and show that it is \nexptime-complete

Decidability of Reachability for Polymorphic Systems with Arrays: A Complete Classification

AbstractMany interesting systems can be seen as having two kinds of state variables: array variables, which are mappings from one data type into another; and basic variables, which are used to control the system, to perform basic computations, and for operations involving arrays.We investigate such systems where:•the type of each basic variable is built from type variables using product and sum constructs;•the type of each array variable is B→B′, where B and B′ are types as for basic variables;•on any type variable, either no operations are available, or only the equality predicate, or only a linear-order predicate;•type variables denote arbitrary non-empty finite sets.We present a complete classification of reachability decision problems for these systems into decid- able or undecidable

On the Decidability of (ground) Reachability Problems for Cryptographic Protocols (extended version)

Analysis of cryptographic protocols in a symbolic model is relative to a deduction system that models the possible actions of an attacker regarding an execution of this protocol. We present in this paper a transformation algorithm for such deduction systems provided the equational theory has the finite variant property. the termination of this transformation entails the decidability of the ground reachability problems. We prove that it is necessary to add one other condition to obtain the decidability of non-ground problems, and provide one new such criterion