Notions of computation and monads
Information and Computation
Kripke logical relations and PCF
Information and Computation
Parametricity and local variables
Journal of the ACM (JACM)
An attack on the Needham-Schroeder public-key authentication protocol
Information Processing Letters
Foundations of programming languages
Foundations of programming languages
A calculus for cryptographic protocols
Information and Computation
Using encryption for authentication in large networks of computers
Communications of the ACM
A bisimulation method for cryptographic protocols
Nordic Journal of Computing
Types, Abstractions, and Parametric Polymorphism, Part 2
Proceedings of the 7th International Conference on Mathematical Foundations of Programming Semantics
Observable Properties of Higher Order Functions that Dynamically Create Local Names, or What's new?
MFCS '93 Proceedings of the 18th International Symposium on Mathematical Foundations of Computer Science
A New Characterization of Lambda Definability
TLCA '93 Proceedings of the International Conference on Typed Lambda Calculi and Applications
Analyzing the Needham-Schroeder Public-Key Protocol: A Comparison of Two Approaches
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
CSL '92 Selected Papers from the Workshop on Computer Science Logic
Logical Relations for Monadic Types
CSL '02 Proceedings of the 16th International Workshop and 11th Annual Conference of the EACSL on Computer Science Logic
How to prevent type flaw attacks on security protocols
Journal of Computer Security - CSFW13
Logical relation for encryption
Journal of Computer Security - Special issue on CSFW14
On a monadic semantics for freshness
Theoretical Computer Science - Applied semantics: Selected topics
A survey of algebraic properties used in cryptographic protocols
Journal of Computer Security
Hi-index | 5.23 |
Using contextual equivalence (a.k.a. observational equivalence) to specify security properties is an important idea in the field of formal verification of cryptographic protocols. While contextual equivalence is difficult to prove directly, one is usually able to deduce it using the so-called logical relations in typed @l-calculi. We apply this technique to the cryptographic metalanguage-an extension of Moggi's computational @l-calculus, where we use Stark's model for name creation to explore the difficult aspect of dynamic key generation. The categorical construction of logical relations for monadic types (by Goubault-Larrecq et al.) then allows us to derive logical relations over the category Set^I. Although Set^I is a perfectly adequate model of dynamic key generation, it lacks in some aspects when we study relations between programs in the metalanguage. This leads us to an interesting exploration of what should be the proper category to consider. We show that, to define logical relations in the cryptographic metalanguage, a better choice of category is Set^I^^^- that we proposed in [Y. Zhang, D. Nowak, Logical relations for dynamic name creation, in: Proceedings of the 17th International Workshop of Computer Science Logic and the 8th Kurt Godel Colloqium, CSL & KGL, in: Lecture Notes in Computer Science, vol. 2803, Springer-Verlag, 2003, pp. 575-588]. However, this category is still lacking in some subtler aspects and we propose a refined category Set^P^I^^^- to fix the flaws, but our final choice is Set^I^x^I, which is equivalent to Set^P^I^^^-. We define the contextual equivalence based on Set^I^x^I and show that the cryptographic logical relation derived over Set^I^x^I is sound and can be used to verify protocols in practice.