A reduced semantics for deciding trace equivalence using constraint systems

Many privacy-type properties of security protocols can be modelled using trace equivalence properties in suitable process algebras. It has been shown that such properties can be decided for interesting classes of finite processes (i.e., without replication) by means of symbolic execution and constraint solving. However, this does not suffice to obtain practical tools. Current prototypes suffer from a classical combinatorial explosion problem caused by the exploration of many interleavings in the behaviour of processes. M\"odersheim et al. have tackled this problem for reachability properties using partial order reduction techniques. We revisit their work, generalize it and adapt it for equivalence checking. We obtain an optimization in the form of a reduced symbolic semantics that eliminates redundant interleavings on the fly.Comment: Accepted for publication at POST'1

Formal Analysis of V2X Revocation Protocols

Research on vehicular networking (V2X) security has produced a range of security mechanisms and protocols tailored for this domain, addressing both security and privacy. Typically, the security analysis of these proposals has largely been informal. However, formal analysis can be used to expose flaws and ultimately provide a higher level of assurance in the protocols. This paper focusses on the formal analysis of a particular element of security mechanisms for V2X found in many proposals: the revocation of malicious or misbehaving vehicles from the V2X system by invalidating their credentials. This revocation needs to be performed in an unlinkable way for vehicle privacy even in the context of vehicles regularly changing their pseudonyms. The REWIRE scheme by Forster et al. and its subschemes BASIC and RTOKEN aim to solve this challenge by means of cryptographic solutions and trusted hardware. Formal analysis using the TAMARIN prover identifies two flaws with some of the functional correctness and authentication properties in these schemes. We then propose Obscure Token (OTOKEN), an extension of REWIRE to enable revocation in a privacy preserving manner. Our approach addresses the functional and authentication properties by introducing an additional key-pair, which offers a stronger and verifiable guarantee of successful revocation of vehicles without resolving the long-term identity. Moreover OTOKEN is the first V2X revocation protocol to be co-designed with a formal model.Comment: 16 pages, 4 figure

Observation of the Cabibbo-suppressed charmed baryon decay Λ_c^+→pφ

We report the observation of the Cabibbo-suppressed decays Λ_c^+→pK^-K^+ and Λ_c^+→pφ using data collected with the CLEO II detector at CESR. The latter mode, observed for the first time with significant statistics, is of interest as a test of color suppression in charm decays. We have determined the branching ratios for these modes relative to Λ_c^+→pK^-π^+ and compared our results with theory

Qualitative Analysis of Partially-observable Markov Decision Processes

We study observation-based strategies for partially-observable Markov decision processes (POMDPs) with omega-regular objectives. An observation-based strategy relies on partial information about the history of a play, namely, on the past sequence of observations. We consider the qualitative analysis problem: given a POMDP with an omega-regular objective, whether there is an observation-based strategy to achieve the objective with probability~1 (almost-sure winning), or with positive probability (positive winning). Our main results are twofold. First, we present a complete picture of the computational complexity of the qualitative analysis of POMDP s with parity objectives (a canonical form to express omega-regular objectives) and its subclasses. Our contribution consists in establishing several upper and lower bounds that were not known in literature. Second, we present optimal bounds (matching upper and lower bounds) on the memory required by pure and randomized observation-based strategies for the qualitative analysis of POMDP s with parity objectives and its subclasses

Cabibbo-suppressed non-leptonic B- and D-decays involving tensor mesons

The Cabibbo-suppressed non-leptonic decays of B (and D) mesons to final states involving tensor mesons are computed using the non-relativistic quark model of Isgur-Scora-Grinstein-Wise with the factorization hypothesis. We find that some of these B decay modes, as B --> (K^*, D^*)D^*_2, can have branching ratios as large as 6 x 10^{-5} which seems to be at the reach of future B factories.Comment: Latex, 11 pages, to appear in Phys. Rev.

Safety verification of asynchronous pushdown systems with shaped stacks

In this paper, we study the program-point reachability problem of concurrent pushdown systems that communicate via unbounded and unordered message buffers. Our goal is to relax the common restriction that messages can only be retrieved by a pushdown process when its stack is empty. We use the notion of partially commutative context-free grammars to describe a new class of asynchronously communicating pushdown systems with a mild shape constraint on the stacks for which the program-point coverability problem remains decidable. Stacks that fit the shape constraint may reach arbitrary heights; further a process may execute any communication action (be it process creation, message send or retrieval) whether or not its stack is empty. This class extends previous computational models studied in the context of asynchronous programs, and enables the safety verification of a large class of message passing programs

A Phase 1 trial of intravenous boronophenylalanine-fructose complex in patients with glioblastoma multiforme

Boron neutron capture therapy (BNCT) of glioblastoma multiforme was initially performed at the Brookhaven National Laboratory in the early 1950`s While this treatment for malignant brain tumors has continued in Japan, new worldwide interest has been stimulated by the development of new and more selective boron compounds. Boronophenylalanine (BPA) is a blood-brain barrier penetrating compound that has been used in BNCT of malignant melanomas. SPA has been employed experimentally in BNCT of rat gliosarcoma and has potential use in the treatment of human glioblastoma. As a preface to clinical BNCT trials, we studied the biodistribution of SPA in patients with glioblastoma

V,W and X in Technicolour Models

Light techni-fermions and pseudo Goldstone bosons that contribute to the electroweak radiative correction parameters V,W and X may relax the constraints on technicolour models from the experimental values of the parameters S and T. Order of magnitude estimates of the contributions to V,W and X from light techni-leptons are made when the the techni-neutrino has a small Dirac mass or a large Majorana mass. The contributions to V,W and X from pseudo Goldstone bosons are calculated in a gauged chiral Lagrangian. Estimates of V,W and X in one family technicolour models suggest that the upper bounds on S and T should be relaxed by between 0.1 and 1 depending upon the precise particle spectrum.Comment: 19 pages + 2 pages of ps figs, SWAT/1

Containment and equivalence of weighted automata: Probabilistic and max-plus cases

This paper surveys some results regarding decision problems for probabilistic and max-plus automata, such as containment and equivalence. Probabilistic and max-plus automata are part of the general family of weighted automata, whose semantics are maps from words to real values. Given two weighted automata, the equivalence problem asks whether their semantics are the same, and the containment problem whether one is point-wise smaller than the other one. These problems have been studied intensively and this paper will review some techniques used to show (un)decidability and state a list of open questions that still remain