eprintid: 329
rev_number: 10
eprint_status: archive
userid: 32
dir: disk0/00/00/03/29
datestamp: 2011-06-06 08:45:50
lastmod: 2011-07-11 14:36:26
status_changed: 2011-06-06 08:45:50
type: article
metadata_visibility: show
item_issues_count: 0
creators_name: Boreale, Michele
creators_name: De Nicola, Rocco
creators_name: Pugliese, Rosario
creators_id: 
creators_id: r.denicola@imtlucca.it
creators_id: 
title: Proof Techniques for Cryptographic Processes
ispublished: pub
subjects: QA
subjects: QA75
divisions: CSA
full_text_status: none
abstract: Contextual equivalences for cryptographic process calculi, like the spi-calculus, can be used to reason about correctness of protocols, but their definition suffers from quantification over all possible contexts. Here, we focus on two such equivalences, namely may-testing and barbed equivalence, and investigate tractable proof methods for them. To this aim, we design an enriched labelled transition system, where transitions are constrained by the knowledge the environment has of names and keys. The new transition system is then used to define a trace equivalence and a weak bisimulation equivalence that avoid quantification over contexts. Our main results are soundness and completeness of trace and weak bisimulation equivalence with respect to may-testing and barbed equivalence, respectively. They lead to more direct proof methods for equivalence checking. The use of these methods is illustrated with a few examples concerning implementation of secure channels and verification of protocol correctness.
date: 2001
date_type: published
publication: SIAM Journal on Computing.
volume: 31
number: 3
pagerange: 947-986
id_number: 10.1137/S0097539700377864
refereed: TRUE
issn: 0097-5397
official_url: http://dx.doi.org/10.1137/S0097539700377864
citation:   Boreale, Michele and De Nicola, Rocco and Pugliese, Rosario  Proof Techniques for Cryptographic Processes.  SIAM Journal on Computing., 31 (3).  pp. 947-986.  ISSN 0097-5397      (2001)