Universal Timed Concurrent Constraint Programming

International audienceIn this doctoral work we aim at developing a rich timed con- current constraint (tcc) based language with strong ties to logic. The new calculus called Universal Timed Concurrent Constraint (utcc) increases the expressiveness of tcc languages allowing infinite behaviour and mobility. We introduce a constructor of the form (abs x; c)P (Abstraction in P) that can be viewed as a dual operator of the hidden operator local x in P. i.e. the later can be viewed as an existential quantification on the variable x and the former as an universal quantification of x, executing P[t=x] for all t s.t. the current store entails c[t=x]. As a compelling application, we applied this calculus to verify security protocols

Heuristic Methods for Security Protocols

Model checking is an automatic verification technique to verify hardware and software systems. However it suffers from state-space explosion problem. In this paper we address this problem in the context of cryptographic protocols by proposing a security property-dependent heuristic. The heuristic weights the state space by exploiting the security formulae; the weights may then be used to explore the state space when searching for attacks

Electronic negotiation and security of information exchanged in e-commerce

In settings such as electronic markets where trading partners have conflicting interests and a desire to cooperate, mobile agent mediated negotiation have become very popular. However, agent-based negotiation in electronic commerce involves the exchange of critical and sensitive data that must be highly safeguarded. Therefore, in order to give benefits of quick and safe trading to the trading partners, an approach that secures the information exchanged between the mobile agents during e-Commerce negotiations is needed. To this end, we discuss an approach that we refer to as Multi-Agent Security NEgotiation Protocol (MASNEP). To show that MASNEP protocol is free of attacks and thus the information exchanged throughout electronic negotiation is truly secured, we provide a formal proof on the correctness of the MASNEP.<br /

A static analysis of the applied Pi calculus

We present in this technical report a non-uniform static analysis for detecting the term-substitution property in systems specified in the language of the applied pi calculus. The analysis implements a denotational framework that has previously introduced analyses for the pi calculus and the spi calculus. The main novelty of this analysis is its ability to deal with systems specified in languages with non-free term algebras, like the applied pi calculus, where non-identity equations may relate different terms of the language. We demonstrate the applicability of the analysis to one famous security protocol, which uses non-identity equations, namely the Diffie-Hellman protocol

Process algebraic frameworks for the specification and analysis of cryptographic protocols

Two process algebraic approaches for the analysis of cryptographic protocols, namely the spi calculus by Abadi and Gordon and CryptoSPA by Focardi, Gorrieri and Martinelli, are surveyed and compared. We show that the two process algebras have comparable expressive power, by providing an encoding of the former into the latter. We also discuss the relationships among some security properties, i.e., authenticity and secrecy, that have different definitions in the two approaches

Process algebraic frameworks for the specification and ana lysis of cryptographic protocols

Two process algebraic approaches for the analysis of cryptographic protocols, namely the spi calculus by Abadi and Gordon and CryptoSPA by Focardi, Gorrieri and Martinelli, are surveyed and compared. We show that the two process algebras have comparable expressive power, by providing an encoding of the former into the latter. We also discuss the relationships among some security properties, i.e., authenticity and secrecy, that have different definitions in the two approaches

A Simple Constraint-solving Decision Procedure for Protocols with Exclusive or

We present a procedure for deciding security of protocols employing the Exclusive or operator. This procedure relies on a direct combination of a constraint solver for security protocol with a unification algorithm for the exclusive-or theory. Hence compared to the previous ones it is much simpler and easily amenable to automation. The principle of the approach can be applied to other theories too

Automata-based Analysis of Recursive Cryptographic Protocols

Cryptographic protocols can be divided into (1) protocols where the protocol steps are simple from a computational point of view and can thus be modeled by simple means, for instance, single rewrite rules---we call these protocols non-looping---and (2) protocols, such as group protocols, where the protocol steps are complex and typically involve an iterative or recursive computation---we call them recursive. While many results on the decidability of security are known for non-looping protocols, only little is known for recursive protocols. In this paper, we prove decidability of security (w.r.t.~the standard Dolev-Yao intruder) for a core class of recursive protocols and undecidability for several extensions. The key ingredient of our protocol model are specifically designed tree transducers which work over infinite signatures and have the ability to generate new constants (which allow us to mimic key generation). The decidability result is based on an automata-theoretic construction which involves a new notion of regularity, designed to work well with the infinite signatures we use