Computing Knowledge in Equational Extensions of Subterm Convergent Theories

International audienceWe study decision procedures for two knowledge problems critical to the verification of security protocols, namely the intruder deduction and the static equivalence problems. These problems can be related to particular forms of context matching and context unification. Both problems are defined with respect to an equational theory and are known to be decidable when the equational theory is given by a subterm convergent term rewrite system. In this work we extend this to consider a subterm convergent term rewrite system defined modulo an equational theory, like Commutativity. We present two pairs of solutions for these important problems. The first solves the deduction and static equivalence problems in systems modulo shallow theories such as Commutativity. The second provides a general procedure that solves the deduction and static equivalence problems in subterm convergent systems modulo syntactic permutative theories, provided a finite measure is ensured. Several examples of such theories are also given

Hierarchical Combination of Unification Algorithms

International audienceA critical question in unification theory is how to obtain a unification algorithm for the combination of non-disjoint equational theories when there exists unification algorithms for the constituent theories. The problem is known to be difficult and can easily be seen to be undecidable in the general case. Therefore, previous work has focused on identifying specific conditions and methods in which the problem is decidable. We continue the investigation in this paper, building on previous combination results. We are able to develop a novel approach to the non-disjoint combination problem. The approach is based on a new set of restrictions and combination method such that if the restrictions are satisfied the method produces an algorithm for the unification problem in the union of non-disjoint equational theories

Terminating Non-Disjoint Combined Unification (Extended Abstract)

International audienc

Terminating Non-Disjoint Combined Unification

International audienceThe equational unification problem, where the underlying equational theory may be given as the union of component equational theories, appears often in practice in many fields such as automated reasoning, logic programming, declarative programming, and the formal analysis of security protocols. In this paper, we investigate the unification problem in the non-disjoint union of equational theories via the combination of hierarchical unification procedures. In this context, a unification algorithm known for a base theory is extended with some additional inference rules to take into account the rest of the theory. We present a simple form of hierarchical unification procedure. The approach is particularly well-suited for any theory where a unification procedure can be obtained in a syntactic way using transformation rules to process the axioms of the theory. Hierarchical unification procedures are exemplified with various theories used in protocol analysis. Next, we look at modularity methods for combining theories already using a hierarchical approach. In addition, we consider a new complexity measure that allows us to obtain terminating (combined) hierarchical unification procedures

Non-disjoint Combined Unification and Closure by Equational Paramodulation

Extended version available at https://hal.inria.fr/hal-03329075International audienceClosure properties such as forward closure and closure via paramodulation have proven to be very useful in equational logic, especially for the formal analysis of security protocols. In this paper, we consider the non-disjoint unification problem in conjunction with these closure properties. Given a base theory E, we consider classes of theory extensions of E admitting a unification algorithm built in a hierarchical way. In this context, a hierarchical unification procedure is obtained by extending an E-unification algorithm with some additional inference rules to take into account the rest of the theory. We look at hierarchical unification procedures by investigating an appropriate notion of E-constructed theory, defined in terms of E-paramodulation. We show that any E-constructed theory with a finite closure by E-paramodulation admits a terminating hierarchical unification procedure. We present modularity results for the unification problem modulo the union of E-constructed theories sharing only symbols in E. Finally, we also give sufficient conditions for obtaining terminating (combined) hierarchical unification procedures in the case of regular and collapse-free E-constructed theories

Knowledge Problems in Security Protocols: Going Beyond Subterm Convergent Theories

We introduce a new form of restricted term rewrite system, the graph-embedded term rewrite system. These systems, and thus the name, are inspired by the graph minor relation and are more flexible extensions of the well-known homeomorphic-embedded property of term rewrite systems. As a motivating application area, we consider the symbolic analysis of security protocols, and more precisely the two knowledge problems defined by the deduction problem and the static equivalence problem. In this field restricted term rewrite systems, such as subterm convergent ones, have proven useful since the knowledge problems are decidable for such systems. However, many of the same decision procedures still work for examples of systems which are "beyond subterm convergent". However, the applicability of the corresponding decision procedures to these examples must often be proven on an individual basis. This is due to the problem that they don\u27t fit into an existing syntactic definition for which the procedures are known to work. Here we show that many of these systems belong to a particular subclass of graph-embedded convergent systems, called contracting convergent systems. On the one hand, we show that the knowledge problems are decidable for the subclass of contracting convergent systems. On the other hand, we show that the knowledge problems are undecidable for the class of graph-embedded systems

Knowledge Problems in Equational Extensions of Subterm Convergent Theories

UNIF 2018 was affiliated with the Third International Conference on Formal Structures for Computation and Deduction FSCD 2018, part of the Federated Logic Conference FLoC 2018International audienceWe study decision procedures for two knowledge problems critical to the verification of security protocols, namely the intruder deduction and the static equivalence problems. These problems can be related to particular forms of context matching and context unification. Both problems are defined with respect to an equational theory and are known to be decidable when the equational theory is given by a subterm convergent term rewrite system. In this note we extend this to consider a subterm convergent equational term rewrite system defined modulo an equational theory, like Commutativity or Associativity-Commutativity. We show that for certain classes of such equational theories, namely the shallow classes, the two knowledge problems remain decidable

Non-disjoint Combined Unification and Closure by Equational Paramodulation (Extended Version)

Short version published in the Proceedings of FroCoS 2021Closure properties such as forward closure and closure via paramodulation have proven to be very useful in equational logic, especially for the formal analysis of security protocols. In this paper, we consider the non-disjoint unification problem in conjunction with these closure properties. Given a base theory E, we consider classes of theory extensions of E admitting a unification algorithm built in a hierarchical way. In this context, a hierarchical unification procedure is obtained by extending an E-unification algorithm with some additional inference rules to take into account the rest of the theory. We look at hierarchical unification procedures by investigating an appropriate notion of E-constructed theory, defined in terms of E-paramodulation. We show that any E-constructed theory with a finite closure by E-paramodulation admits a terminating hierarchical unification procedure. We present modularity results for the unification problem modulo the union of E-constructed theories sharing only symbols in E. Finally, we also give sufficient conditions for obtaining terminating (combined) hierarchical unification procedures in the case of regular and collapse-free E-constructed theories

Graph-Embedded Term Rewrite Systems and Applications (A Preliminary Report)

International audienc

Unification dans des mélanges non-disjoints avec des théories fermées en avant

We investigate the unification problemin theories defined by rewrite systems which are both convergent andforward-closed. These theories are also known in the context ofprotocol analysis as theories with the finite variant property andadmit a variant-based unification algorithm. In this paper, wepresent a new rule-based unification algorithm which can be seen as analternative to the variant-based approach. In addition, we defineforward-closed combination to capture the union of a forward-closedconvergent rewrite system with another theory, such as theAssociativity-Commutativity, whose function symbols may occur inright-hand sides of the rewrite system. Finally, we present acombination algorithm for this particular class of non-disjoint unionsof theories.On étudie le problème d’unification dans les théories définies par des systèmes deréécriture qui sont à la fois convergents et fermés en avant. Ces théories sont connues dans lecontexte de l’analyse de protocoles de sécurité comme les théories ayant la propriété des variantsfinis et admettant de ce fait un algorithme d’unification à base de variants. Dans ce papier,on présente un nouvel algorithme d’unification à base de règles qui peut être vu comme unealternative à l’approche basée sur le calcul de variants. On étudie l’union d’un système deréécriture convergent et fermé en avant avec une autre théorie dont les symboles de fonctionpeuvent apparaître dans les membres droits du système de réécriture. Finalement, on présenteun algorithme de combinaison pour cette classe particulière d’unions non-disjointes de théories