A reduced semantics for deciding trace equivalence using constraint systems

Many privacy-type properties of security protocols can be modelled using trace equivalence properties in suitable process algebras. It has been shown that such properties can be decided for interesting classes of finite processes (i.e., without replication) by means of symbolic execution and constraint solving. However, this does not suffice to obtain practical tools. Current prototypes suffer from a classical combinatorial explosion problem caused by the exploration of many interleavings in the behaviour of processes. M\"odersheim et al. have tackled this problem for reachability properties using partial order reduction techniques. We revisit their work, generalize it and adapt it for equivalence checking. We obtain an optimization in the form of a reduced symbolic semantics that eliminates redundant interleavings on the fly.Comment: Accepted for publication at POST'1

Cognitive resources moderate the adverse impact of poor perceived neighborhood conditions on self-reported physical activity of older adults

Rebar, A ORCiD: 0000-0003-3164-993XPoor neighborhood conditions are associated with lower levels of physical activity for older adults but socio-ecological models posit that physical activity depends on both environmental and individual factors. Older adults' ability to overcome environmental barriers to physical activity may partially rely on cognitive resources. However, evidence on the moderating role of these cognitive resources in the associations between environmental barriers and physical activity is still lacking. We analyzed cross-national and longitudinal data on 28,393 adults aged 50 to 96 years as part of the SHARE. Lack of access to services and neighborhood nuisances were used as indicators of poor neighborhood conditions. Delayed recall and verbal fluency were used as indicators of cognitive resources. Confounder-adjusted generalized estimation equations were conducted to test associations between neighborhood conditions and self-reported moderate physical activity, as well as the moderating role of cognitive resources. Results showed that poor neighborhood conditions reduced the odds of engagement in physical activity. Cognitive resources robustly reduced the adverse influence of poor neighborhood conditions on physical activity. Participants with lower cognitive resource scores showed lower odds of engaging in physical activity when neighborhood conditions were poorer, whereas these conditions were not related to this engagement for participants with higher cognitive resource scores. These findings suggest that cognitive resources can temper the detrimental effect of poor neighborhood conditions on physical activity. Public policies should target both individual and environmental factors to tackle the current pandemic of physical inactivity more comprehensively. © 2019 Elsevier Inc

Episodic memory encoding and retrieval in face-name paired paradigm: An FNIRS study

Background: Episodic memory (EM) is particularly sensitive to pathological conditions and aging. In a neurocognitive context, the paired-associate learning (PAL) paradigm, which requires participants to learn and recall associations between stimuli, has been used to measure EM. The present study aimed to explore whether functional near-infrared spectroscopy (fNIRS) can be employed to determine cortical activity underlying encoding and retrieval. Moreover, we examined whether and how different aspects of task (i.e., novelty, difficulty) affects those cortical activities. Methods: Twenty-two male college students (age: M = 20.55, SD = 1.62) underwent a face-name PAL paradigm under 40-channel fNIRS covering fronto-parietal and middle occipital regions. Results: A decreased activity during encoding in a broad network encompassing the bilateral frontal cortex (Brodmann areas 9, 11, 45, and 46) was observed during the encoding, while an increased activity in the left orbitofrontal cortex (Brodmann area 11) was observed during the retrieval. Increased HbO concentration in the superior parietal cortices and decreased HbO concentration in the inferior parietal cortices were observed during encoding while dominant activation of left PFC was found during retrieval only. Higher task difficulty was associated with greater neural activity in the bilateral prefrontal cortex and higher task novelty was associated with greater activation in occipital regions. Conclusion: Combining the PAL paradigm with fNIRS provided the means to differentiate neural activity characterising encoding and retrieval. Therefore, the fNIRS may have the potential to complete EM assessments in clinical settings

The hitchhiker's guide to decidability and complexity of equivalence properties in security protocols

International audiencePrivacy-preserving security properties in cryptographic protocols are typically modelled by observational equivalences in process calculi such as the applied pi-calulus. We survey decidability and complexity results for the automated verification of such equivalences, casting existing results in a common framework which allows for a precise comparison. This unified view, beyond providing a clearer insight on the current state of the art, allowed us to identify some variations in the statements of the decision problems-sometimes resulting in different complexity results. Additionally, we prove a couple of novel or strengthened results

Trace Equivalence and Epistemic Logic to Express Security Properties

In process algebras, security properties are expressed as equivalences between processes, but which equivalence is suitable is not clear. This means that there is a gap between an intuitive security notion and the formulation. Appropriate formalization is essential for verification, and our purpose is bridging this gap. By chasing scope extrusions, we prove that trace equivalence is congruent. Moreover, we construct an epistemic logic for the applied pi calculus and show that its logical equivalence agrees with the trace equivalence. We use the epistemic logic to show that trace equivalence is pertinent in the presence of a non-adaptive attacker

A Multiset Rewriting Model for Specifying and Verifying Timing Aspects of Security Protocols

Catherine Meadows has played an important role in the advancement of formal methods for protocol security verification. Her insights on the use of, for example, narrowing and rewriting logic has made possible the automated discovery of new attacks and the shaping of new protocols. Meadows has also investigated other security aspects, such as, distance-bounding protocols and denial of service attacks. We have been greatly inspired by her work. This paper describes the use of Multiset Rewriting for the specification and verification of timing aspects of protocols, such as network delays, timeouts, timed intruder models and distance-bounding properties. We detail these timed features with a number of examples and describe decidable fragments of related verification problems

Timing attacks: symbolic framework and proof techniques

We propose a framework for timing attacks, based on (a variant of) the applied-pi calculus. Since many privacy properties, as well as strong secrecy and game-based security properties, are stated as process equivalences, we focus on (time) trace equivalence. We show that actually, considering timing attacks does not add any complexity: time trace equivalence can be reduced to length trace equivalence, where the attacker no longer has access to execution times but can still compare the length of messages. We therefore deduce from a previous decidability result for length equivalence that time trace equivalence is decidable for bounded processes and the standard cryptographic primitives. As an application, we study several protocols that aim for privacy. In particular, we (automatically) detect an existing timing attack against the biometric passport and new timing attacks against the Private Authentication protocol