882 research outputs found
Unification modulo a partial theory of exponentiation
Modular exponentiation is a common mathematical operation in modern
cryptography. This, along with modular multiplication at the base and exponent
levels (to different moduli) plays an important role in a large number of key
agreement protocols. In our earlier work, we gave many decidability as well as
undecidability results for multiple equational theories, involving various
properties of modular exponentiation. Here, we consider a partial subtheory
focussing only on exponentiation and multiplication operators. Two main results
are proved. The first result is positive, namely, that the unification problem
for the above theory (in which no additional property is assumed of the
multiplication operators) is decidable. The second result is negative: if we
assume that the two multiplication operators belong to two different abelian
groups, then the unification problem becomes undecidable.Comment: In Proceedings UNIF 2010, arXiv:1012.455
Unification modulo a 2-sorted Equational theory for Cipher-Decipher Block Chaining
We investigate unification problems related to the Cipher Block Chaining
(CBC) mode of encryption. We first model chaining in terms of a simple,
convergent, rewrite system over a signature with two disjoint sorts: list and
element. By interpreting a particular symbol of this signature suitably, the
rewrite system can model several practical situations of interest. An inference
procedure is presented for deciding the unification problem modulo this rewrite
system. The procedure is modular in the following sense: any given problem is
handled by a system of `list-inferences', and the set of equations thus derived
between the element-terms of the problem is then handed over to any
(`black-box') procedure which is complete for solving these element-equations.
An example of application of this unification procedure is given, as attack
detection on a Needham-Schroeder like protocol, employing the CBC encryption
mode based on the associative-commutative (AC) operator XOR. The 2-sorted
convergent rewrite system is then extended into one that fully captures a block
chaining encryption-decryption mode at an abstract level, using no AC-symbols;
and unification modulo this extended system is also shown to be decidable.Comment: 26 page
Two Decades of Maude
This paper is a tribute to José Meseguer, from the rest of us in the Maude team, reviewing the past, the present, and the future of the language and system with which we have been working for around two decades under his leadership. After reviewing the origins and the language's main features, we present the latest additions to the language and some features currently under development. This paper is not an introduction to Maude, and some familiarity with it and with rewriting logic are indeed assumed.Universidad de Málaga. Campus de Excelencia Internacional AndalucÃa Tech
Set Unification
The unification problem in algebras capable of describing sets has been
tackled, directly or indirectly, by many researchers and it finds important
applications in various research areas--e.g., deductive databases, theorem
proving, static analysis, rapid software prototyping. The various solutions
proposed are spread across a large literature. In this paper we provide a
uniform presentation of unification of sets, formalizing it at the level of set
theory. We address the problem of deciding existence of solutions at an
abstract level. This provides also the ability to classify different types of
set unification problems. Unification algorithms are uniformly proposed to
solve the unification problem in each of such classes.
The algorithms presented are partly drawn from the literature--and properly
revisited and analyzed--and partly novel proposals. In particular, we present a
new goal-driven algorithm for general ACI1 unification and a new simpler
algorithm for general (Ab)(Cl) unification.Comment: 58 pages, 9 figures, 1 table. To appear in Theory and Practice of
Logic Programming (TPLP
Graphical Reasoning in Compact Closed Categories for Quantum Computation
Compact closed categories provide a foundational formalism for a variety of
important domains, including quantum computation. These categories have a
natural visualisation as a form of graphs. We present a formalism for
equational reasoning about such graphs and develop this into a generic proof
system with a fixed logical kernel for equational reasoning about compact
closed categories. Automating this reasoning process is motivated by the slow
and error prone nature of manual graph manipulation. A salient feature of our
system is that it provides a formal and declarative account of derived results
that can include `ellipses'-style notation. We illustrate the framework by
instantiating it for a graphical language of quantum computation and show how
this can be used to perform symbolic computation.Comment: 21 pages, 9 figures. This is the journal version of the paper
published at AIS
On the Complexity of the Tiden-Arnborg Algorithm for Unification modulo One-Sided Distributivity
We prove that the Tiden and Arnborg algorithm for equational unification
modulo one-sided distributivity is not polynomial time bounded as previously
thought. A set of counterexamples is developed that demonstrates that the
algorithm goes through exponentially many steps.Comment: In Proceedings UNIF 2010, arXiv:1012.455
Inspecting Maude Variants with GLINTS
[EN] This paper introduces GLINTS, a graphical tool for exploring variant narrowing computations in Maude. The most recent version of Maude, version 2.7.1, provides quite sophisticated unification features, including order-sorted equational unification for convergent theories modulo axioms such as associativity, commutativity, and identity. This novel equational unification relies on built-in generation of the set of variants of a term t, i.e., the canonical form of t sigma for a computed substitution sigma. Variant generation relies on a novel narrowing strategy called folding variant narrowing that opens up new applications in formal reasoning, theorem proving, testing, protocol analysis, and model checking, especially when the theory satisfies the finite variant property, i.e., there is a finite number of most general variants for every term in the theory. However, variant narrowing computations can be extremely involved and are simply presented in text format by Maude, often being too heavy to be debugged or even understood. The GLINTS system provides support for (i) determining whether a given theory satisfies the finite variant property, (ii) thoroughly exploring variant narrowing computations, (iii) automatic checking of node embedding and closedness modulo axioms, and (iv) querying and inspecting selected parts of the variant trees.This work has been partially supported by EU (FEDER) and Spanish MINECO grant TIN 2015-69175-C4-1-R and by Generalitat Valenciana PROMETEO-II/2015/013. Angel Cuenca-Ortega is supported by SENESCYT, Ecuador (scholarship program 2013), and Julia Sapina by FPI-UPV grant SP2013-0083. Santiago Escobar is supported by the Air Force Office of Scientific Research under award number FA9550-17-1-0286.Alpuente Frasnedo, M.; Cuenca-Ortega, A.; Escobar Román, S.; Sapiña-Sanchis, J. (2017). Inspecting Maude Variants with GLINTS. Theory and Practice of Logic Programming. 17(5-6):689-707. https://doi.org/10.1017/S147106841700031XS689707175-
A Partial Evaluation Framework for Order-sorted Equational Programs modulo Axioms
[EN] Partial evaluation is a powerful and general program optimization technique with many successful applications. Existing PE schemes do not apply to expressive rule-based languages like Maude, CafeOBJ, OBJ, ASF+SDF, and ELAN, which support: 1) rich type structures with sorts, subsorts, and overloading; and 2) equational rewriting modulo various combinations of axioms such as associativity, commutativity, and identity. In this paper, we develop the new foundations needed and illustrate the key concepts by showing how they apply to partial evaluation of expressive programs written in Maude. Our partial evaluation scheme is based on an automatic unfolding algorithm that computes term variants and relies on high-performance order-sorted equational least general generalization and order-sorted equational homeomorphic embedding algorithms for ensuring termination. We show that our partial evaluation technique is sound and complete for convergent rewrite theories that may contain various combinations of associativity, commutativity, and/or identity axioms for different binary operators. We demonstrate the effectiveness of Maude's automatic partial evaluator, Victoria, on several examples where it shows significant speed-ups. (C) 2019 Elsevier Inc. All rights reserved.This work has been partially supported by the EU (FEDER) and the Spanish MCIU under grant RTI2018-094403-B-C32, by Generalitat Valenciana under grant PROMETEO/2019/098, and by NRL under contract number N00173-17-1-G002. Angel Cuenca-Ortega has been supported by the SENESCYT, Ecuador (scholarship program 2013).Alpuente Frasnedo, M.; Cuenca-Ortega, AE.; Escobar Román, S.; Meseguer, J. (2020). A Partial Evaluation Framework for Order-sorted Equational Programs modulo Axioms. Journal of Logical and Algebraic Methods in Programming. 110:1-36. https://doi.org/10.1016/j.jlamp.2019.100501S13611
- …