A calculus for cryptographic protocols
Information and Computation
Mobile values, new names, and secure communication
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Automatic testing equivalence verification of spi calculus specifications
ACM Transactions on Software Engineering and Methodology (TOSEM)
Theoretical Computer Science - Special issue: Foundations of wide area network computing
A Complete Symbolic Bisimulation for Full Applied Pi Calculus
SOFSEM '10 Proceedings of the 36th Conference on Current Trends in Theory and Practice of Computer Science
Symbolic bisimulation for the applied Pi calculus
FSTTCS'07 Proceedings of the 27th international conference on Foundations of software technology and theoretical computer science
Analysing Unlinkability and Anonymity Using the Applied Pi Calculus
CSF '10 Proceedings of the 2010 23rd IEEE Computer Security Foundations Symposium
Automating Open Bisimulation Checking for the Spi Calculus
CSF '10 Proceedings of the 2010 23rd IEEE Computer Security Foundations Symposium
Trace equivalence decision: negative tests and non-determinism
Proceedings of the 18th ACM conference on Computer and communications security
The finite variant property: how to get rid of some algebraic properties
RTA'05 Proceedings of the 16th international conference on Term Rewriting and Applications
Verifying Privacy-Type Properties in a Modular Way
CSF '12 Proceedings of the 2012 IEEE 25th Computer Security Foundations Symposium
Hi-index | 0.00 |
This paper presents an extension of the automatic protocol verifier ProVerif in order to prove more observational equivalences. ProVerif can prove observational equivalence between processes that have the same structure but differ by the messages they contain. In order to extend the class of equivalences that ProVerif handles, we extend the language of terms by defining more functions (destructors) by rewrite rules. In particular, we allow rewrite rules with inequalities as side-conditions, so that we can express tests "if then else" inside terms. Finally, we provide an automatic procedure that translates a process into an equivalent process that performs as many actions as possible inside terms, to allow ProVerif to prove the desired equivalence. These extensions have been implemented in ProVerif and allow us to automatically prove anonymity in the private authentication protocol by Abadi and Fournet.