a heory of assertions for dolev-yao modelsseminaire-dga.gforge.inria.fr/2017/20180608... ·...
TRANSCRIPT
![Page 1: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/1.jpg)
A Theory of Assertions for Dolev-Yao Models
R Ramanujam
IMSc, Chennai
Vaishnavi Sundararajan
CMI, Chennai
S P Suresh
CMI, Chennai
IRISA, Rennes
8th June 2018
![Page 2: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/2.jpg)
IntroductionSecurity protocol: a pattern of communications to achieve a security goal
in an insecure environment.
Each communication is of the form A B: m.
A and B are agents participating in the protocol, and m is some message.
Malicious intruder can play havoc when many messages are being
communicated, by mixing-and-matching (even without breaking
cryptography).
Need formal analysis of protocols to guarantee security goals!
![Page 3: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/3.jpg)
Dolev-Yao Model
Framework for analysis of security protocols.
Messages are abstract terms rather than bitstrings.
Encryption, hashing etc. abstract functions on terms.
Cryptography assumed to be perfect, no cryptanalysis!
Formalize properties, verify.
![Page 4: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/4.jpg)
Dolev-Yao Model: IntruderIntruder I cannot break encryption, but can
see any message
block any message
redirect any message
generate messages — according to set rules!
send messages in someone else’s name
initiate new communication according to the protocol
![Page 5: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/5.jpg)
Dolev-Yao Model: ActionsTwo types of actions, send and receive.
Each communication A B separated out into a send action
(+A) and a ‘corresponding’ receive action (-B).
Every sent term assumed to be received by I.
Each received term assumed to come from I.
Ties in well with intuition of I being the network!
![Page 6: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/6.jpg)
Dolev-Yao model: Term derivation system
= � � ( , ) � ( , ′) � ( , , )
∈N
�
∈
�
�
� ( )
� �
� ( , )
� ( , )
�
� ( , )
�
� �
� ( , )
� ( , ) �
�
� � �
� ( , , )
� ( , , ) � ( )
�
<latexit sha1_base64="qHwYZ7a9ajbNdfXO/0nVDrkaZ3U=">AAAKc3ictVbdbtNIFDZll4DZBcpecjOi/KRSieyCoFx0xQokEKKrrqBQKbaik/E4GWLPmJlxSOX18+wD7NPsg3DPGacJcRJCS1lblj3nZ873nXM8M90s4dp43n/n1s7/9POFxsVL7uVffr1y9dr69bda5oqyAyoTqQ67oFnCBTsw3CTsMFMM0m7C3nUHT63+3ZApzaV4Y44yFqbQEzzmFAyKOusX/gnaxJBdkpIg5REJDBuZIhs0B5tlTQJclU3TKbxyi+DLLzdn1ZoJimpU3a3JYSJXW2SAmtB1gy7rcVEYQIhlux+6AWXCMMVFzw10CkkyY5InoMrib4p36QZ9y9K9EwQTixRMv5wMMiVlbBRjpStIwPGxagpJ8WfZKTK0e59rg9yZJockGEag+wStco2hx3g5Es27aMlENDtfNR4Hu/Ot2KaKfbg0mpmPBqOVwZBpxfbExKeRBkvjT6pbNm0x5ogPSnIm4l9Y2i4hwYccIjIr9JeXYEWDzSG0Jv9Pur6KYXkZxwTr6GJtztY43w/GXwCjRbS6mt+fKjNf2XxFVafrQr5QzUr1IxNWi3USiAt/o47Yakhnyhre06GqD1f9rfNL6NwC8qOzOB9uFubYgouhXT9OuMCdLqWVYrLuT0e4Ubidaxtey3uw/fCxR7zW/cc7Dz2f+C2vuqYfG87xtd9ZX/s3iCTNU9xdaAJat30vM2EBynBqZ0SkLAM6gB5rR0OeaQEp02ExqnbVktxGfURiqfARhlTSWacCUq2P0i5aWip6XlfxW6Jr5ybeCTGNWW5ssqtAcZ4QI4ndoknEFaMmOcIPoIojXEL7oIDiLlmPMpPSWoQ98RqBySSskqyzqgYzflaqdKzr0lFiRkYBCiMWQ54YyztmYHLFdLEHWYaV3cXC3rPFRTPNTApcWLN2WPwRyS4jL5nQUpB9JScGCMBaNF/hkUNsPeM9bvRm+zVuzGx3Dwztv5IfmaJ4iPn2HM+R6+Brzntc8Inb7YmfSounfchAKUi+zIinDA2imlOfCgo6plLIUzoKqfBgwzUbgsKGSvWYFhcf+9wwjQVg2J2eF9o2X2jqxY+32y3fa/l/bW882Tlu+IvODeem03R855HzxHnh7DsHDm1caTxo7DZ+v/TJveHedG+NTdfOHfv85tQu995nZom06Q==</latexit><latexit sha1_base64="qHwYZ7a9ajbNdfXO/0nVDrkaZ3U=">AAAKc3ictVbdbtNIFDZll4DZBcpecjOi/KRSieyCoFx0xQokEKKrrqBQKbaik/E4GWLPmJlxSOX18+wD7NPsg3DPGacJcRJCS1lblj3nZ873nXM8M90s4dp43n/n1s7/9POFxsVL7uVffr1y9dr69bda5oqyAyoTqQ67oFnCBTsw3CTsMFMM0m7C3nUHT63+3ZApzaV4Y44yFqbQEzzmFAyKOusX/gnaxJBdkpIg5REJDBuZIhs0B5tlTQJclU3TKbxyi+DLLzdn1ZoJimpU3a3JYSJXW2SAmtB1gy7rcVEYQIhlux+6AWXCMMVFzw10CkkyY5InoMrib4p36QZ9y9K9EwQTixRMv5wMMiVlbBRjpStIwPGxagpJ8WfZKTK0e59rg9yZJockGEag+wStco2hx3g5Es27aMlENDtfNR4Hu/Ot2KaKfbg0mpmPBqOVwZBpxfbExKeRBkvjT6pbNm0x5ogPSnIm4l9Y2i4hwYccIjIr9JeXYEWDzSG0Jv9Pur6KYXkZxwTr6GJtztY43w/GXwCjRbS6mt+fKjNf2XxFVafrQr5QzUr1IxNWi3USiAt/o47Yakhnyhre06GqD1f9rfNL6NwC8qOzOB9uFubYgouhXT9OuMCdLqWVYrLuT0e4Ubidaxtey3uw/fCxR7zW/cc7Dz2f+C2vuqYfG87xtd9ZX/s3iCTNU9xdaAJat30vM2EBynBqZ0SkLAM6gB5rR0OeaQEp02ExqnbVktxGfURiqfARhlTSWacCUq2P0i5aWip6XlfxW6Jr5ybeCTGNWW5ssqtAcZ4QI4ndoknEFaMmOcIPoIojXEL7oIDiLlmPMpPSWoQ98RqBySSskqyzqgYzflaqdKzr0lFiRkYBCiMWQ54YyztmYHLFdLEHWYaV3cXC3rPFRTPNTApcWLN2WPwRyS4jL5nQUpB9JScGCMBaNF/hkUNsPeM9bvRm+zVuzGx3Dwztv5IfmaJ4iPn2HM+R6+Brzntc8Inb7YmfSounfchAKUi+zIinDA2imlOfCgo6plLIUzoKqfBgwzUbgsKGSvWYFhcf+9wwjQVg2J2eF9o2X2jqxY+32y3fa/l/bW882Tlu+IvODeem03R855HzxHnh7DsHDm1caTxo7DZ+v/TJveHedG+NTdfOHfv85tQu995nZom06Q==</latexit><latexit sha1_base64="qHwYZ7a9ajbNdfXO/0nVDrkaZ3U=">AAAKc3ictVbdbtNIFDZll4DZBcpecjOi/KRSieyCoFx0xQokEKKrrqBQKbaik/E4GWLPmJlxSOX18+wD7NPsg3DPGacJcRJCS1lblj3nZ873nXM8M90s4dp43n/n1s7/9POFxsVL7uVffr1y9dr69bda5oqyAyoTqQ67oFnCBTsw3CTsMFMM0m7C3nUHT63+3ZApzaV4Y44yFqbQEzzmFAyKOusX/gnaxJBdkpIg5REJDBuZIhs0B5tlTQJclU3TKbxyi+DLLzdn1ZoJimpU3a3JYSJXW2SAmtB1gy7rcVEYQIhlux+6AWXCMMVFzw10CkkyY5InoMrib4p36QZ9y9K9EwQTixRMv5wMMiVlbBRjpStIwPGxagpJ8WfZKTK0e59rg9yZJockGEag+wStco2hx3g5Es27aMlENDtfNR4Hu/Ot2KaKfbg0mpmPBqOVwZBpxfbExKeRBkvjT6pbNm0x5ogPSnIm4l9Y2i4hwYccIjIr9JeXYEWDzSG0Jv9Pur6KYXkZxwTr6GJtztY43w/GXwCjRbS6mt+fKjNf2XxFVafrQr5QzUr1IxNWi3USiAt/o47Yakhnyhre06GqD1f9rfNL6NwC8qOzOB9uFubYgouhXT9OuMCdLqWVYrLuT0e4Ubidaxtey3uw/fCxR7zW/cc7Dz2f+C2vuqYfG87xtd9ZX/s3iCTNU9xdaAJat30vM2EBynBqZ0SkLAM6gB5rR0OeaQEp02ExqnbVktxGfURiqfARhlTSWacCUq2P0i5aWip6XlfxW6Jr5ybeCTGNWW5ssqtAcZ4QI4ndoknEFaMmOcIPoIojXEL7oIDiLlmPMpPSWoQ98RqBySSskqyzqgYzflaqdKzr0lFiRkYBCiMWQ54YyztmYHLFdLEHWYaV3cXC3rPFRTPNTApcWLN2WPwRyS4jL5nQUpB9JScGCMBaNF/hkUNsPeM9bvRm+zVuzGx3Dwztv5IfmaJ4iPn2HM+R6+Brzntc8Inb7YmfSounfchAKUi+zIinDA2imlOfCgo6plLIUzoKqfBgwzUbgsKGSvWYFhcf+9wwjQVg2J2eF9o2X2jqxY+32y3fa/l/bW882Tlu+IvODeem03R855HzxHnh7DsHDm1caTxo7DZ+v/TJveHedG+NTdfOHfv85tQu995nZom06Q==</latexit><latexit sha1_base64="qHwYZ7a9ajbNdfXO/0nVDrkaZ3U=">AAAKc3ictVbdbtNIFDZll4DZBcpecjOi/KRSieyCoFx0xQokEKKrrqBQKbaik/E4GWLPmJlxSOX18+wD7NPsg3DPGacJcRJCS1lblj3nZ873nXM8M90s4dp43n/n1s7/9POFxsVL7uVffr1y9dr69bda5oqyAyoTqQ67oFnCBTsw3CTsMFMM0m7C3nUHT63+3ZApzaV4Y44yFqbQEzzmFAyKOusX/gnaxJBdkpIg5REJDBuZIhs0B5tlTQJclU3TKbxyi+DLLzdn1ZoJimpU3a3JYSJXW2SAmtB1gy7rcVEYQIhlux+6AWXCMMVFzw10CkkyY5InoMrib4p36QZ9y9K9EwQTixRMv5wMMiVlbBRjpStIwPGxagpJ8WfZKTK0e59rg9yZJockGEag+wStco2hx3g5Es27aMlENDtfNR4Hu/Ot2KaKfbg0mpmPBqOVwZBpxfbExKeRBkvjT6pbNm0x5ogPSnIm4l9Y2i4hwYccIjIr9JeXYEWDzSG0Jv9Pur6KYXkZxwTr6GJtztY43w/GXwCjRbS6mt+fKjNf2XxFVafrQr5QzUr1IxNWi3USiAt/o47Yakhnyhre06GqD1f9rfNL6NwC8qOzOB9uFubYgouhXT9OuMCdLqWVYrLuT0e4Ubidaxtey3uw/fCxR7zW/cc7Dz2f+C2vuqYfG87xtd9ZX/s3iCTNU9xdaAJat30vM2EBynBqZ0SkLAM6gB5rR0OeaQEp02ExqnbVktxGfURiqfARhlTSWacCUq2P0i5aWip6XlfxW6Jr5ybeCTGNWW5ssqtAcZ4QI4ndoknEFaMmOcIPoIojXEL7oIDiLlmPMpPSWoQ98RqBySSskqyzqgYzflaqdKzr0lFiRkYBCiMWQ54YyztmYHLFdLEHWYaV3cXC3rPFRTPNTApcWLN2WPwRyS4jL5nQUpB9JScGCMBaNF/hkUNsPeM9bvRm+zVuzGx3Dwztv5IfmaJ4iPn2HM+R6+Brzntc8Inb7YmfSounfchAKUi+zIinDA2imlOfCgo6plLIUzoKqfBgwzUbgsKGSvWYFhcf+9wwjQVg2J2eF9o2X2jqxY+32y3fa/l/bW882Tlu+IvODeem03R855HzxHnh7DsHDm1caTxo7DZ+v/TJveHedG+NTdfOHfv85tQu995nZom06Q==</latexit>
![Page 7: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/7.jpg)
More about Dolev-Yao
Dolev-Yao treats all messages as “terms”.
What if protocol involves certificates? For
authorization, delegation etc.
Encoded as terms in Dolev-Yao — bit commitment,
protocol-specific tagging etc.
Not always concise/readable!
![Page 8: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/8.jpg)
ExampleA sends to B a nonce m encrypted in some key k, along with a
disjunctive certificate about the value of m being a or b.
Need to encode this certificate as a term in Dolev-Yao algebra.
Uses 1-out-of-2 encryption: For a given {m}k, show that it is of
the form {mi}k where mi ∈ {m0, m1}, without revealing i.
Needs multiplication, exponentiation, and hashing!
Not obvious that the end result stands for {m = a or m = b}.
![Page 9: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/9.jpg)
ZKP Terms [BHM08]
Extend the Dolev-Yao model with “zero-knowledge proof terms”.
Zero-knowledge proof term: ZKp,q(P1,…,Pp ; Q1,…,Qq ; F).
Ps: private; Qs: public; F defines relationship between Ps and
Qs.
Presents the certificate in a more readable format than encoding
into terms.
BHM08: Backes, M.; Hritcu, C.; Matteo, M. (2008) “Type-checking zero-knowledge.” In Proc. CCS ’08, 357–370.
→ ∶,� , ;{ } , , ; = ( , ) ∧ ( = ∨ = )�
<latexit sha1_base64="PXdadgSz/yz2v0WtssY9V2l5vlI=">AAAFJniclVTbbtNAEHVogBJuLTzysqKqlEgmsp1eQZV6QSqCRiqUXkQcRevN2lllL2Z33SayzPfwNbwhhHjhU1g7aWmaItR9Gp05Z3ZmZ2aDmBKlHedn6dZM+fadu7P3KvcfPHz0eG7+yZESiUT4EAkq5EkAFaaE40NNNMUnscSQBRQfB/2d3H98iqUign/Uwxi3GYw4CQmC2kCduV9bwJck6mkopTgD2+Al8DUe6PTTu6yTejZoZH5AIloFqV/clrJhYJg8A8wG/ezLq0uOSGJsHH7KfCPuZzaANggmOTFNmKEEWMOOCzZGtxGdYo6yqg9p3DO4DcaWVwM+hbwLLly5pBB7xiMkmMIbtTw8iWStM7fg1J0lb2XdAU69sb624rjArTvFuTAWrPHZ78zPNPyuQAnDXCMKlWq5TqzbKZSaIIqzip8oHEPUhxFuGZNDhlU7LUrLwKJBuiA0OYWCa1CglxUpZEoNWWCYDOqeuurLwet8rUSHa+2U8DjR+SsVF4UJBVqAvKWgSyRGmg6NAZEkJleAelBCpE3jr83ZBt1TEqtx/oNRAZUJapMfmFwFbadFQjFGE+UXqFShmkQHVA+0hAbs4hAmVOdPEWKoE4lV2oRxTHi0YVr+Im+7oSmsGSQ8p7Xa6VZXBBi8xVwJDvalOCeYBHJGdc9MLbdfk4hoVWsdIEjxRhNq1NsTZ1giswf/j7FrhrT/L3GTcHIuWzzXSZbu9GBsNgTSvxEhpQryIqa6USpGyAQXNxRyIRk0HwI+hdLMGFOjsgg/6xGNlWkANtPqOO1K8fbmO5hc1/TD7naWut6avbJke9lV0mh1RyTPtZdd212eIhW7O+Ksera3bLsNQzJrNrVU08aRV3eduvt+aWFze7xws9Yz67lVtVxr1dq03lj71qGFSlulqBSXPpe/lr+Vv5d/jKi3SmPNU2vilH//Aa43wso=</latexit><latexit sha1_base64="PXdadgSz/yz2v0WtssY9V2l5vlI=">AAAFJniclVTbbtNAEHVogBJuLTzysqKqlEgmsp1eQZV6QSqCRiqUXkQcRevN2lllL2Z33SayzPfwNbwhhHjhU1g7aWmaItR9Gp05Z3ZmZ2aDmBKlHedn6dZM+fadu7P3KvcfPHz0eG7+yZESiUT4EAkq5EkAFaaE40NNNMUnscSQBRQfB/2d3H98iqUign/Uwxi3GYw4CQmC2kCduV9bwJck6mkopTgD2+Al8DUe6PTTu6yTejZoZH5AIloFqV/clrJhYJg8A8wG/ezLq0uOSGJsHH7KfCPuZzaANggmOTFNmKEEWMOOCzZGtxGdYo6yqg9p3DO4DcaWVwM+hbwLLly5pBB7xiMkmMIbtTw8iWStM7fg1J0lb2XdAU69sb624rjArTvFuTAWrPHZ78zPNPyuQAnDXCMKlWq5TqzbKZSaIIqzip8oHEPUhxFuGZNDhlU7LUrLwKJBuiA0OYWCa1CglxUpZEoNWWCYDOqeuurLwet8rUSHa+2U8DjR+SsVF4UJBVqAvKWgSyRGmg6NAZEkJleAelBCpE3jr83ZBt1TEqtx/oNRAZUJapMfmFwFbadFQjFGE+UXqFShmkQHVA+0hAbs4hAmVOdPEWKoE4lV2oRxTHi0YVr+Im+7oSmsGSQ8p7Xa6VZXBBi8xVwJDvalOCeYBHJGdc9MLbdfk4hoVWsdIEjxRhNq1NsTZ1giswf/j7FrhrT/L3GTcHIuWzzXSZbu9GBsNgTSvxEhpQryIqa6USpGyAQXNxRyIRk0HwI+hdLMGFOjsgg/6xGNlWkANtPqOO1K8fbmO5hc1/TD7naWut6avbJke9lV0mh1RyTPtZdd212eIhW7O+Ksera3bLsNQzJrNrVU08aRV3eduvt+aWFze7xws9Yz67lVtVxr1dq03lj71qGFSlulqBSXPpe/lr+Vv5d/jKi3SmPNU2vilH//Aa43wso=</latexit><latexit sha1_base64="PXdadgSz/yz2v0WtssY9V2l5vlI=">AAAFJniclVTbbtNAEHVogBJuLTzysqKqlEgmsp1eQZV6QSqCRiqUXkQcRevN2lllL2Z33SayzPfwNbwhhHjhU1g7aWmaItR9Gp05Z3ZmZ2aDmBKlHedn6dZM+fadu7P3KvcfPHz0eG7+yZESiUT4EAkq5EkAFaaE40NNNMUnscSQBRQfB/2d3H98iqUign/Uwxi3GYw4CQmC2kCduV9bwJck6mkopTgD2+Al8DUe6PTTu6yTejZoZH5AIloFqV/clrJhYJg8A8wG/ezLq0uOSGJsHH7KfCPuZzaANggmOTFNmKEEWMOOCzZGtxGdYo6yqg9p3DO4DcaWVwM+hbwLLly5pBB7xiMkmMIbtTw8iWStM7fg1J0lb2XdAU69sb624rjArTvFuTAWrPHZ78zPNPyuQAnDXCMKlWq5TqzbKZSaIIqzip8oHEPUhxFuGZNDhlU7LUrLwKJBuiA0OYWCa1CglxUpZEoNWWCYDOqeuurLwet8rUSHa+2U8DjR+SsVF4UJBVqAvKWgSyRGmg6NAZEkJleAelBCpE3jr83ZBt1TEqtx/oNRAZUJapMfmFwFbadFQjFGE+UXqFShmkQHVA+0hAbs4hAmVOdPEWKoE4lV2oRxTHi0YVr+Im+7oSmsGSQ8p7Xa6VZXBBi8xVwJDvalOCeYBHJGdc9MLbdfk4hoVWsdIEjxRhNq1NsTZ1giswf/j7FrhrT/L3GTcHIuWzzXSZbu9GBsNgTSvxEhpQryIqa6USpGyAQXNxRyIRk0HwI+hdLMGFOjsgg/6xGNlWkANtPqOO1K8fbmO5hc1/TD7naWut6avbJke9lV0mh1RyTPtZdd212eIhW7O+Ksera3bLsNQzJrNrVU08aRV3eduvt+aWFze7xws9Yz67lVtVxr1dq03lj71qGFSlulqBSXPpe/lr+Vv5d/jKi3SmPNU2vilH//Aa43wso=</latexit><latexit sha1_base64="PXdadgSz/yz2v0WtssY9V2l5vlI=">AAAFJniclVTbbtNAEHVogBJuLTzysqKqlEgmsp1eQZV6QSqCRiqUXkQcRevN2lllL2Z33SayzPfwNbwhhHjhU1g7aWmaItR9Gp05Z3ZmZ2aDmBKlHedn6dZM+fadu7P3KvcfPHz0eG7+yZESiUT4EAkq5EkAFaaE40NNNMUnscSQBRQfB/2d3H98iqUign/Uwxi3GYw4CQmC2kCduV9bwJck6mkopTgD2+Al8DUe6PTTu6yTejZoZH5AIloFqV/clrJhYJg8A8wG/ezLq0uOSGJsHH7KfCPuZzaANggmOTFNmKEEWMOOCzZGtxGdYo6yqg9p3DO4DcaWVwM+hbwLLly5pBB7xiMkmMIbtTw8iWStM7fg1J0lb2XdAU69sb624rjArTvFuTAWrPHZ78zPNPyuQAnDXCMKlWq5TqzbKZSaIIqzip8oHEPUhxFuGZNDhlU7LUrLwKJBuiA0OYWCa1CglxUpZEoNWWCYDOqeuurLwet8rUSHa+2U8DjR+SsVF4UJBVqAvKWgSyRGmg6NAZEkJleAelBCpE3jr83ZBt1TEqtx/oNRAZUJapMfmFwFbadFQjFGE+UXqFShmkQHVA+0hAbs4hAmVOdPEWKoE4lV2oRxTHi0YVr+Im+7oSmsGSQ8p7Xa6VZXBBi8xVwJDvalOCeYBHJGdc9MLbdfk4hoVWsdIEjxRhNq1NsTZ1giswf/j7FrhrT/L3GTcHIuWzzXSZbu9GBsNgTSvxEhpQryIqa6USpGyAQXNxRyIRk0HwI+hdLMGFOjsgg/6xGNlWkANtPqOO1K8fbmO5hc1/TD7naWut6avbJke9lV0mh1RyTPtZdd212eIhW7O+Ksera3bLsNQzJrNrVU08aRV3eduvt+aWFze7xws9Yz67lVtVxr1dq03lj71qGFSlulqBSXPpe/lr+Vv5d/jKi3SmPNU2vilH//Aa43wso=</latexit>
![Page 10: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/10.jpg)
ZKP Terms (Contd.)
Sounds great! So why reinvent the wheel?
Consider two certificates as follows: {m = a or m = b}
and {m = a or m = c}, with b ≠ c.
Ideally, should be able to derive m = a from these two.
One cannot do derivations on ZKP terms. Cannot
infer m = a from these certificates in this system.
![Page 11: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/11.jpg)
Overall Idea
Extend the Dolev-Yao model with a class of abstract
objects called ‘assertions’ which capture certification.
Protocol descriptions are readable. Assertions are distinct
from terms, and clearly specify the statements of the
certificates they model.
Inference on assertions is possible, independent of
underlying implementation.
![Page 12: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/12.jpg)
Assertions
The says connective allows agents to “sign” an assertion as coming
from them.
P is any application-specific predicate.
Existential quantification lets agents hide witnesses.
Earlier example now looks as follows:
Assertions have the following syntax.
∶= = � ( ) � ∧ � ∨ � ∃ . �<latexit sha1_base64="mzxs69VYpBl8GvGw66VVljVj7dQ=">AAAEPHiclVPLbtNAFJ00PEp4tbBgwWagqtRKENmhKi1SpZYigVAjBZU+pMSKbibXyajzsGbGbSKr/ABfwM/wH+zZIRZsWDN2kkJaEOosrOtzz7lzr+9xJxHcuiD4UpopX7l67frsjcrNW7fv3J2bv7dvdWoY7jEttDnsgEXBFe457gQeJgZBdgQedI628/zBMRrLtXrvhglGEnqKx5yB81B77mMLRNIH+mKDunZI82eNtiTv0saSWx5FI4rPtgSos9fahaQ253M48BNYOqh+GF9TwFu05XDgm82ohaGlpxPZ3EJQDVZqq+sBDarP1tdWg5CG1aA4Z8ECGZ9Ge37mU6urWSpROSbA2mYYJC7KwDjOBJ5WWqnFBNgR9LDpQwUSbZQVX+2ULnqkS2PfdayVowX6pyIDae1QdjxTguvb87kc/Fuumbp4Lcq4SlKHio0uilNBnab5CmiXG2RODH0AzHDfK2V9MMCcX1RlqlRd7foOtIiy4poE2dRQBWpsbKfRgXADZ8CDXYwhFS4fMEZwqUGb1SFJuOpt+B08zffgaRadBK5yWjPKtrq6g/QtKqsVbRg9IfgGcsbSjveOevKK97izy81dBgI36uBYf0efoGHejf+v8dogHv1LXOeKT2SLE52R2XYfEjAGxO+KIIQFVdS0l2rFC6VW+pJCpY0E/1viMRjvHGlHY3F10ucOrV8Aeg8GQVTxZr5g3YvBfq0aBtXw3crC5suxrWfJQ/KYLJGQPCeb5A1pkD3CyI/SgxItPSp/Ln8tfyt/H1FnSmPNfTJ1yj9/AQIybFw=</latexit><latexit sha1_base64="mzxs69VYpBl8GvGw66VVljVj7dQ=">AAAEPHiclVPLbtNAFJ00PEp4tbBgwWagqtRKENmhKi1SpZYigVAjBZU+pMSKbibXyajzsGbGbSKr/ABfwM/wH+zZIRZsWDN2kkJaEOosrOtzz7lzr+9xJxHcuiD4UpopX7l67frsjcrNW7fv3J2bv7dvdWoY7jEttDnsgEXBFe457gQeJgZBdgQedI628/zBMRrLtXrvhglGEnqKx5yB81B77mMLRNIH+mKDunZI82eNtiTv0saSWx5FI4rPtgSos9fahaQ253M48BNYOqh+GF9TwFu05XDgm82ohaGlpxPZ3EJQDVZqq+sBDarP1tdWg5CG1aA4Z8ECGZ9Ge37mU6urWSpROSbA2mYYJC7KwDjOBJ5WWqnFBNgR9LDpQwUSbZQVX+2ULnqkS2PfdayVowX6pyIDae1QdjxTguvb87kc/Fuumbp4Lcq4SlKHio0uilNBnab5CmiXG2RODH0AzHDfK2V9MMCcX1RlqlRd7foOtIiy4poE2dRQBWpsbKfRgXADZ8CDXYwhFS4fMEZwqUGb1SFJuOpt+B08zffgaRadBK5yWjPKtrq6g/QtKqsVbRg9IfgGcsbSjveOevKK97izy81dBgI36uBYf0efoGHejf+v8dogHv1LXOeKT2SLE52R2XYfEjAGxO+KIIQFVdS0l2rFC6VW+pJCpY0E/1viMRjvHGlHY3F10ucOrV8Aeg8GQVTxZr5g3YvBfq0aBtXw3crC5suxrWfJQ/KYLJGQPCeb5A1pkD3CyI/SgxItPSp/Ln8tfyt/H1FnSmPNfTJ1yj9/AQIybFw=</latexit><latexit sha1_base64="mzxs69VYpBl8GvGw66VVljVj7dQ=">AAAEPHiclVPLbtNAFJ00PEp4tbBgwWagqtRKENmhKi1SpZYigVAjBZU+pMSKbibXyajzsGbGbSKr/ABfwM/wH+zZIRZsWDN2kkJaEOosrOtzz7lzr+9xJxHcuiD4UpopX7l67frsjcrNW7fv3J2bv7dvdWoY7jEttDnsgEXBFe457gQeJgZBdgQedI628/zBMRrLtXrvhglGEnqKx5yB81B77mMLRNIH+mKDunZI82eNtiTv0saSWx5FI4rPtgSos9fahaQ253M48BNYOqh+GF9TwFu05XDgm82ohaGlpxPZ3EJQDVZqq+sBDarP1tdWg5CG1aA4Z8ECGZ9Ge37mU6urWSpROSbA2mYYJC7KwDjOBJ5WWqnFBNgR9LDpQwUSbZQVX+2ULnqkS2PfdayVowX6pyIDae1QdjxTguvb87kc/Fuumbp4Lcq4SlKHio0uilNBnab5CmiXG2RODH0AzHDfK2V9MMCcX1RlqlRd7foOtIiy4poE2dRQBWpsbKfRgXADZ8CDXYwhFS4fMEZwqUGb1SFJuOpt+B08zffgaRadBK5yWjPKtrq6g/QtKqsVbRg9IfgGcsbSjveOevKK97izy81dBgI36uBYf0efoGHejf+v8dogHv1LXOeKT2SLE52R2XYfEjAGxO+KIIQFVdS0l2rFC6VW+pJCpY0E/1viMRjvHGlHY3F10ucOrV8Aeg8GQVTxZr5g3YvBfq0aBtXw3crC5suxrWfJQ/KYLJGQPCeb5A1pkD3CyI/SgxItPSp/Ln8tfyt/H1FnSmPNfTJ1yj9/AQIybFw=</latexit><latexit sha1_base64="mzxs69VYpBl8GvGw66VVljVj7dQ=">AAAEPHiclVPLbtNAFJ00PEp4tbBgwWagqtRKENmhKi1SpZYigVAjBZU+pMSKbibXyajzsGbGbSKr/ABfwM/wH+zZIRZsWDN2kkJaEOosrOtzz7lzr+9xJxHcuiD4UpopX7l67frsjcrNW7fv3J2bv7dvdWoY7jEttDnsgEXBFe457gQeJgZBdgQedI628/zBMRrLtXrvhglGEnqKx5yB81B77mMLRNIH+mKDunZI82eNtiTv0saSWx5FI4rPtgSos9fahaQ253M48BNYOqh+GF9TwFu05XDgm82ohaGlpxPZ3EJQDVZqq+sBDarP1tdWg5CG1aA4Z8ECGZ9Ge37mU6urWSpROSbA2mYYJC7KwDjOBJ5WWqnFBNgR9LDpQwUSbZQVX+2ULnqkS2PfdayVowX6pyIDae1QdjxTguvb87kc/Fuumbp4Lcq4SlKHio0uilNBnab5CmiXG2RODH0AzHDfK2V9MMCcX1RlqlRd7foOtIiy4poE2dRQBWpsbKfRgXADZ8CDXYwhFS4fMEZwqUGb1SFJuOpt+B08zffgaRadBK5yWjPKtrq6g/QtKqsVbRg9IfgGcsbSjveOevKK97izy81dBgI36uBYf0efoGHejf+v8dogHv1LXOeKT2SLE52R2XYfEjAGxO+KIIQFVdS0l2rFC6VW+pJCpY0E/1viMRjvHGlHY3F10ucOrV8Aeg8GQVTxZr5g3YvBfq0aBtXw3crC5suxrWfJQ/KYLJGQPCeb5A1pkD3CyI/SgxItPSp/Ln8tfyt/H1FnSmPNfTJ1yj9/AQIybFw=</latexit>
→ ∶ { } ,∃ .[{ } = { } ∧ ( = ∨ = )]<latexit sha1_base64="SqCVkoNJv1DKd0cC4KT05Wi/hsg=">AAAEIniclVPbahRBEO1kvcR4S/TRl8YQSCAus1FiIgRyERTJQiTmAjPDUttbs9tsT/fQ3ZPMMuRv/AOf/QHfxCfBN1/1H6zZbNQ1iqRgoOZUnbrNmXampPNB8Hlisnbl6rXrUzemb966fefuzOy9A2dyK3BfGGXsURscKqlx30uv8CizCGlb4WG7v13FD4/ROmn0Gz/IME6hq2UiBXiCWjOHUcg3eWRlt+fBWnPCt57xqEyj01Z/iUdY0AiOF4N6OAL5OoUL8gY8UqA7fKEgCOjFWF657cWYR3FrZi6oB0+WV9YCHtQfr62uBA3eqAdD++nMsZHttmYn30UdI/IUtRcKnAsbQebjEqyXQuHpdJQ7zED0oYth51hmTkOKLi6L4RFO+TzFOzyhKRKjPR+iv5NKSJ0bpG3KTMH33J+xCvxbLMx9shqXUme5Ry3OGiW54t7w6qK8Iy0KrwbkgLCSxuWiBxaEp7uPdcmsMYm3SNuMdWjqPRrMqLgcds9QjK07RK1L3DhaKF94CwR2MIFc+WrvBMHnFl3ZhCyTurvusXhEj6c0hz4Fqau0MC43O6aN/BVqZzTfteY8gQaoMhZ2SCF66bnsSu8Wwz0BCteb4EVvx5ygFaS5/9d4Qbv2/0VuSi3PafPnPJuW2z3ISIqgflUEpRzoYU13qVGImBptLknUxqZAPx8egyVBpe5sLalPetKjow+ApM4giKdJ5hdEfdE5WK43gnrj9fLcxtZI8FPsAXvIFliDPWUb7CXbZftMsPfsK/vGvtfe1j7UPtY+naVOTow499mY1b78AAp+Zlw=</latexit><latexit sha1_base64="SqCVkoNJv1DKd0cC4KT05Wi/hsg=">AAAEIniclVPbahRBEO1kvcR4S/TRl8YQSCAus1FiIgRyERTJQiTmAjPDUttbs9tsT/fQ3ZPMMuRv/AOf/QHfxCfBN1/1H6zZbNQ1iqRgoOZUnbrNmXampPNB8Hlisnbl6rXrUzemb966fefuzOy9A2dyK3BfGGXsURscKqlx30uv8CizCGlb4WG7v13FD4/ROmn0Gz/IME6hq2UiBXiCWjOHUcg3eWRlt+fBWnPCt57xqEyj01Z/iUdY0AiOF4N6OAL5OoUL8gY8UqA7fKEgCOjFWF657cWYR3FrZi6oB0+WV9YCHtQfr62uBA3eqAdD++nMsZHttmYn30UdI/IUtRcKnAsbQebjEqyXQuHpdJQ7zED0oYth51hmTkOKLi6L4RFO+TzFOzyhKRKjPR+iv5NKSJ0bpG3KTMH33J+xCvxbLMx9shqXUme5Ry3OGiW54t7w6qK8Iy0KrwbkgLCSxuWiBxaEp7uPdcmsMYm3SNuMdWjqPRrMqLgcds9QjK07RK1L3DhaKF94CwR2MIFc+WrvBMHnFl3ZhCyTurvusXhEj6c0hz4Fqau0MC43O6aN/BVqZzTfteY8gQaoMhZ2SCF66bnsSu8Wwz0BCteb4EVvx5ygFaS5/9d4Qbv2/0VuSi3PafPnPJuW2z3ISIqgflUEpRzoYU13qVGImBptLknUxqZAPx8egyVBpe5sLalPetKjow+ApM4giKdJ5hdEfdE5WK43gnrj9fLcxtZI8FPsAXvIFliDPWUb7CXbZftMsPfsK/vGvtfe1j7UPtY+naVOTow499mY1b78AAp+Zlw=</latexit><latexit sha1_base64="SqCVkoNJv1DKd0cC4KT05Wi/hsg=">AAAEIniclVPbahRBEO1kvcR4S/TRl8YQSCAus1FiIgRyERTJQiTmAjPDUttbs9tsT/fQ3ZPMMuRv/AOf/QHfxCfBN1/1H6zZbNQ1iqRgoOZUnbrNmXampPNB8Hlisnbl6rXrUzemb966fefuzOy9A2dyK3BfGGXsURscKqlx30uv8CizCGlb4WG7v13FD4/ROmn0Gz/IME6hq2UiBXiCWjOHUcg3eWRlt+fBWnPCt57xqEyj01Z/iUdY0AiOF4N6OAL5OoUL8gY8UqA7fKEgCOjFWF657cWYR3FrZi6oB0+WV9YCHtQfr62uBA3eqAdD++nMsZHttmYn30UdI/IUtRcKnAsbQebjEqyXQuHpdJQ7zED0oYth51hmTkOKLi6L4RFO+TzFOzyhKRKjPR+iv5NKSJ0bpG3KTMH33J+xCvxbLMx9shqXUme5Ry3OGiW54t7w6qK8Iy0KrwbkgLCSxuWiBxaEp7uPdcmsMYm3SNuMdWjqPRrMqLgcds9QjK07RK1L3DhaKF94CwR2MIFc+WrvBMHnFl3ZhCyTurvusXhEj6c0hz4Fqau0MC43O6aN/BVqZzTfteY8gQaoMhZ2SCF66bnsSu8Wwz0BCteb4EVvx5ygFaS5/9d4Qbv2/0VuSi3PafPnPJuW2z3ISIqgflUEpRzoYU13qVGImBptLknUxqZAPx8egyVBpe5sLalPetKjow+ApM4giKdJ5hdEfdE5WK43gnrj9fLcxtZI8FPsAXvIFliDPWUb7CXbZftMsPfsK/vGvtfe1j7UPtY+naVOTow499mY1b78AAp+Zlw=</latexit><latexit sha1_base64="SqCVkoNJv1DKd0cC4KT05Wi/hsg=">AAAEIniclVPbahRBEO1kvcR4S/TRl8YQSCAus1FiIgRyERTJQiTmAjPDUttbs9tsT/fQ3ZPMMuRv/AOf/QHfxCfBN1/1H6zZbNQ1iqRgoOZUnbrNmXampPNB8Hlisnbl6rXrUzemb966fefuzOy9A2dyK3BfGGXsURscKqlx30uv8CizCGlb4WG7v13FD4/ROmn0Gz/IME6hq2UiBXiCWjOHUcg3eWRlt+fBWnPCt57xqEyj01Z/iUdY0AiOF4N6OAL5OoUL8gY8UqA7fKEgCOjFWF657cWYR3FrZi6oB0+WV9YCHtQfr62uBA3eqAdD++nMsZHttmYn30UdI/IUtRcKnAsbQebjEqyXQuHpdJQ7zED0oYth51hmTkOKLi6L4RFO+TzFOzyhKRKjPR+iv5NKSJ0bpG3KTMH33J+xCvxbLMx9shqXUme5Ry3OGiW54t7w6qK8Iy0KrwbkgLCSxuWiBxaEp7uPdcmsMYm3SNuMdWjqPRrMqLgcds9QjK07RK1L3DhaKF94CwR2MIFc+WrvBMHnFl3ZhCyTurvusXhEj6c0hz4Fqau0MC43O6aN/BVqZzTfteY8gQaoMhZ2SCF66bnsSu8Wwz0BCteb4EVvx5ygFaS5/9d4Qbv2/0VuSi3PafPnPJuW2z3ISIqgflUEpRzoYU13qVGImBptLknUxqZAPx8egyVBpe5sLalPetKjow+ApM4giKdJ5hdEfdE5WK43gnrj9fLcxtZI8FPsAXvIFliDPWUb7CXbZftMsPfsK/vGvtfe1j7UPtY+naVOTow499mY1b78AAp+Zlw=</latexit>
![Page 13: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/13.jpg)
Existential Quantification
When exactly can one existentially quantify out a term
from an assertion?
m from m = t? m from {m}k = t?
Quantification becomes complicated in the presence of
encryption!
![Page 14: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/14.jpg)
Abstractability
A position p is ‘abstractable’ inside a term t if we can
replace the subterm at p with something else and build
the rest of t back up.
We can also consider a notion of abstractability w.r.t. a set
of terms S, if we can use (some of the) terms in S to build
the relevant parts of t.
abs(S, t): Set of abstractable positions of t w.r.t S.
![Page 15: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/15.jpg)
AbstractabilityX = {m, r, p, pair(senc(pair(m, x), k), n)}
t = pair(aenc(m, r, p), pair(senc(pair(m, x), k), n))
abs(X, t) = {ε, 0, 00, 01, 02, 1, 10, 11}
<latexit sha1_base64="CyKMVZkSiEt2QxwuFNFIpEX83tg=">AAAK+nicrVbbbttGEGWSNg7ZW9w89mVRy4ADqAYpX+qgEJAiRVsUMeAidRKAEowlOZIWXu4SuytLKsuf6VvR135H3/s3nSWpO103RQlIWu2cOXNmdoZklHGmje//de/+g/fef7jzyPU++PCjjz95vPvpay3HKobLWHKp3kZUA2cCLg0zHN5mCmgacXgTXb+w9jc3oDST4iczy6Cf0qFgAxZTg1tXuw//7EUwZCI37PrnjMVmrKAIOdwAJwmGpyIG0iWBn6Z9j5CehWkz45AjRM2IkAkU3TBRdNIVUkDbCiETlphR1z882vKqmAN00SxC7HARpXtax9jfgnea4Ecnt5AfNaGDOdoKPoCnJO8ZmJo8o0wVBRoIiUeMJ6Rc5tUPXiXcX8ApiLiGzz22Ytly1dHIOplbsVm6Vtpa0NRhwgi4nKC3fxikKZED4vttUlb2W6lAm+8UgOjnvr/w/M9KFpkFVotqFZuWBjFBo5jgfxTTsWKyfyWm0yimsxSzdoIhjeQNrBE0+JO8ruxKP2y0QyU02GifpfnW1Ds29SVuhdGtuiJYNpmumsx164503dx+rQrw/S0Jc0Ale/4vX6zmYZbt51aht6trQXV9FCRtsjLTiOjn1l4siIs7Q68JLztu2iq2rY1CgjuEBE1CSjYOA1OS+ScLtjvILENB3HnpbeU3C1/Kv25txFJsONoMdofyUnhhSbz6HLaaNGic/6DuUrf+ubXnjstxq5qnUl+KF6X4jYL785CNUx4EpVCsTBWYLP/805A1cZE8WB2yZkdoEtHq3VAFmWZcYgqu9xVWrgciWXt0XT3ew2SOO6fPfKQ7enZ26gckOPTLa7HYc+rr4mr3wZNeIuNxCsLEnGodBn5m+jlVhsUcCq831pDR+JoOIUxuWKYFTUH382n58C3IPtoTMpAKP8KQcnfVKaep1rM0QmRKzUhv2uxmky0cm8FZP2ciGxt7QygDDcacGEnskxxPWkFs+AwXNFYM5eIAUkVjg8/7tSi2QFUidsVZpKiaYYZKTnRbj2gG+jAdc8MyzLpNUIpi0zbJpGb2LQHbatu7dhuCTAHhcTumPC68tQzOxStMXPJ+XmaXQbxWznJX6YFe351yMzWK4mYCA4qybF0HQO356vycZhkK6uK97wt7/0MYCkspExYW9vOvExkB+QGEloJcKDkHoACLOHiJbz6i/Q0bMqOfhq9QNnTPqYlHL+UEVIzvUndz2I68vs35nAk2d9uf+6k0f4EVw5pTvmSknGsqSk79TlLQMZVCvqOjkCql+FIJOEjYsKmu0mJiMmIGNB4AhPbe3vdwjLaGZnvxunMY4Mz+eLz3/KweqEfOZ87nzoETOF86z53vnQvn0ol3TnbCnWQHvF+8X73fvN8r6P17tc8TZ+3y/vgbppJZ0w==</latexit><latexit sha1_base64="CyKMVZkSiEt2QxwuFNFIpEX83tg=">AAAK+nicrVbbbttGEGWSNg7ZW9w89mVRy4ADqAYpX+qgEJAiRVsUMeAidRKAEowlOZIWXu4SuytLKsuf6VvR135H3/s3nSWpO103RQlIWu2cOXNmdoZklHGmje//de/+g/fef7jzyPU++PCjjz95vPvpay3HKobLWHKp3kZUA2cCLg0zHN5mCmgacXgTXb+w9jc3oDST4iczy6Cf0qFgAxZTg1tXuw//7EUwZCI37PrnjMVmrKAIOdwAJwmGpyIG0iWBn6Z9j5CehWkz45AjRM2IkAkU3TBRdNIVUkDbCiETlphR1z882vKqmAN00SxC7HARpXtax9jfgnea4Ecnt5AfNaGDOdoKPoCnJO8ZmJo8o0wVBRoIiUeMJ6Rc5tUPXiXcX8ApiLiGzz22Ytly1dHIOplbsVm6Vtpa0NRhwgi4nKC3fxikKZED4vttUlb2W6lAm+8UgOjnvr/w/M9KFpkFVotqFZuWBjFBo5jgfxTTsWKyfyWm0yimsxSzdoIhjeQNrBE0+JO8ruxKP2y0QyU02GifpfnW1Ds29SVuhdGtuiJYNpmumsx164503dx+rQrw/S0Jc0Ale/4vX6zmYZbt51aht6trQXV9FCRtsjLTiOjn1l4siIs7Q68JLztu2iq2rY1CgjuEBE1CSjYOA1OS+ScLtjvILENB3HnpbeU3C1/Kv25txFJsONoMdofyUnhhSbz6HLaaNGic/6DuUrf+ubXnjstxq5qnUl+KF6X4jYL785CNUx4EpVCsTBWYLP/805A1cZE8WB2yZkdoEtHq3VAFmWZcYgqu9xVWrgciWXt0XT3ew2SOO6fPfKQ7enZ26gckOPTLa7HYc+rr4mr3wZNeIuNxCsLEnGodBn5m+jlVhsUcCq831pDR+JoOIUxuWKYFTUH382n58C3IPtoTMpAKP8KQcnfVKaep1rM0QmRKzUhv2uxmky0cm8FZP2ciGxt7QygDDcacGEnskxxPWkFs+AwXNFYM5eIAUkVjg8/7tSi2QFUidsVZpKiaYYZKTnRbj2gG+jAdc8MyzLpNUIpi0zbJpGb2LQHbatu7dhuCTAHhcTumPC68tQzOxStMXPJ+XmaXQbxWznJX6YFe351yMzWK4mYCA4qybF0HQO356vycZhkK6uK97wt7/0MYCkspExYW9vOvExkB+QGEloJcKDkHoACLOHiJbz6i/Q0bMqOfhq9QNnTPqYlHL+UEVIzvUndz2I68vs35nAk2d9uf+6k0f4EVw5pTvmSknGsqSk79TlLQMZVCvqOjkCql+FIJOEjYsKmu0mJiMmIGNB4AhPbe3vdwjLaGZnvxunMY4Mz+eLz3/KweqEfOZ87nzoETOF86z53vnQvn0ol3TnbCnWQHvF+8X73fvN8r6P17tc8TZ+3y/vgbppJZ0w==</latexit><latexit sha1_base64="CyKMVZkSiEt2QxwuFNFIpEX83tg=">AAAK+nicrVbbbttGEGWSNg7ZW9w89mVRy4ADqAYpX+qgEJAiRVsUMeAidRKAEowlOZIWXu4SuytLKsuf6VvR135H3/s3nSWpO103RQlIWu2cOXNmdoZklHGmje//de/+g/fef7jzyPU++PCjjz95vPvpay3HKobLWHKp3kZUA2cCLg0zHN5mCmgacXgTXb+w9jc3oDST4iczy6Cf0qFgAxZTg1tXuw//7EUwZCI37PrnjMVmrKAIOdwAJwmGpyIG0iWBn6Z9j5CehWkz45AjRM2IkAkU3TBRdNIVUkDbCiETlphR1z882vKqmAN00SxC7HARpXtax9jfgnea4Ecnt5AfNaGDOdoKPoCnJO8ZmJo8o0wVBRoIiUeMJ6Rc5tUPXiXcX8ApiLiGzz22Ytly1dHIOplbsVm6Vtpa0NRhwgi4nKC3fxikKZED4vttUlb2W6lAm+8UgOjnvr/w/M9KFpkFVotqFZuWBjFBo5jgfxTTsWKyfyWm0yimsxSzdoIhjeQNrBE0+JO8ruxKP2y0QyU02GifpfnW1Ds29SVuhdGtuiJYNpmumsx164503dx+rQrw/S0Jc0Ale/4vX6zmYZbt51aht6trQXV9FCRtsjLTiOjn1l4siIs7Q68JLztu2iq2rY1CgjuEBE1CSjYOA1OS+ScLtjvILENB3HnpbeU3C1/Kv25txFJsONoMdofyUnhhSbz6HLaaNGic/6DuUrf+ubXnjstxq5qnUl+KF6X4jYL785CNUx4EpVCsTBWYLP/805A1cZE8WB2yZkdoEtHq3VAFmWZcYgqu9xVWrgciWXt0XT3ew2SOO6fPfKQ7enZ26gckOPTLa7HYc+rr4mr3wZNeIuNxCsLEnGodBn5m+jlVhsUcCq831pDR+JoOIUxuWKYFTUH382n58C3IPtoTMpAKP8KQcnfVKaep1rM0QmRKzUhv2uxmky0cm8FZP2ciGxt7QygDDcacGEnskxxPWkFs+AwXNFYM5eIAUkVjg8/7tSi2QFUidsVZpKiaYYZKTnRbj2gG+jAdc8MyzLpNUIpi0zbJpGb2LQHbatu7dhuCTAHhcTumPC68tQzOxStMXPJ+XmaXQbxWznJX6YFe351yMzWK4mYCA4qybF0HQO356vycZhkK6uK97wt7/0MYCkspExYW9vOvExkB+QGEloJcKDkHoACLOHiJbz6i/Q0bMqOfhq9QNnTPqYlHL+UEVIzvUndz2I68vs35nAk2d9uf+6k0f4EVw5pTvmSknGsqSk79TlLQMZVCvqOjkCql+FIJOEjYsKmu0mJiMmIGNB4AhPbe3vdwjLaGZnvxunMY4Mz+eLz3/KweqEfOZ87nzoETOF86z53vnQvn0ol3TnbCnWQHvF+8X73fvN8r6P17tc8TZ+3y/vgbppJZ0w==</latexit><latexit sha1_base64="CyKMVZkSiEt2QxwuFNFIpEX83tg=">AAAK+nicrVbbbttGEGWSNg7ZW9w89mVRy4ADqAYpX+qgEJAiRVsUMeAidRKAEowlOZIWXu4SuytLKsuf6VvR135H3/s3nSWpO103RQlIWu2cOXNmdoZklHGmje//de/+g/fef7jzyPU++PCjjz95vPvpay3HKobLWHKp3kZUA2cCLg0zHN5mCmgacXgTXb+w9jc3oDST4iczy6Cf0qFgAxZTg1tXuw//7EUwZCI37PrnjMVmrKAIOdwAJwmGpyIG0iWBn6Z9j5CehWkz45AjRM2IkAkU3TBRdNIVUkDbCiETlphR1z882vKqmAN00SxC7HARpXtax9jfgnea4Ecnt5AfNaGDOdoKPoCnJO8ZmJo8o0wVBRoIiUeMJ6Rc5tUPXiXcX8ApiLiGzz22Ytly1dHIOplbsVm6Vtpa0NRhwgi4nKC3fxikKZED4vttUlb2W6lAm+8UgOjnvr/w/M9KFpkFVotqFZuWBjFBo5jgfxTTsWKyfyWm0yimsxSzdoIhjeQNrBE0+JO8ruxKP2y0QyU02GifpfnW1Ds29SVuhdGtuiJYNpmumsx164503dx+rQrw/S0Jc0Ale/4vX6zmYZbt51aht6trQXV9FCRtsjLTiOjn1l4siIs7Q68JLztu2iq2rY1CgjuEBE1CSjYOA1OS+ScLtjvILENB3HnpbeU3C1/Kv25txFJsONoMdofyUnhhSbz6HLaaNGic/6DuUrf+ubXnjstxq5qnUl+KF6X4jYL785CNUx4EpVCsTBWYLP/805A1cZE8WB2yZkdoEtHq3VAFmWZcYgqu9xVWrgciWXt0XT3ew2SOO6fPfKQ7enZ26gckOPTLa7HYc+rr4mr3wZNeIuNxCsLEnGodBn5m+jlVhsUcCq831pDR+JoOIUxuWKYFTUH382n58C3IPtoTMpAKP8KQcnfVKaep1rM0QmRKzUhv2uxmky0cm8FZP2ciGxt7QygDDcacGEnskxxPWkFs+AwXNFYM5eIAUkVjg8/7tSi2QFUidsVZpKiaYYZKTnRbj2gG+jAdc8MyzLpNUIpi0zbJpGb2LQHbatu7dhuCTAHhcTumPC68tQzOxStMXPJ+XmaXQbxWznJX6YFe351yMzWK4mYCA4qybF0HQO356vycZhkK6uK97wt7/0MYCkspExYW9vOvExkB+QGEloJcKDkHoACLOHiJbz6i/Q0bMqOfhq9QNnTPqYlHL+UEVIzvUndz2I68vs35nAk2d9uf+6k0f4EVw5pTvmSknGsqSk79TlLQMZVCvqOjkCql+FIJOEjYsKmu0mJiMmIGNB4AhPbe3vdwjLaGZnvxunMY4Mz+eLz3/KweqEfOZ87nzoETOF86z53vnQvn0ol3TnbCnWQHvF+8X73fvN8r6P17tc8TZ+3y/vgbppJZ0w==</latexit>
![Page 16: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/16.jpg)
Abstractability: Assertions
Can provide a similar definition of abstractability for
assertions.
A term-position p is abstractable from an assertion α if
we can replace the term at p with something else and
build the rest of α back up.
abs(S, α): Set of abstractable positions of α w.r.t S.
![Page 17: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/17.jpg)
Abstractability: For assertions
( , =′) = { ⋅ � ∈ ( , )} ∪ { ⋅ � ∈ ( , )}
( , ∧ ) = ( , ∨ ) = { ⋅ � ∈ ( , )} ∪ { ⋅ � ∈ ( , )}
( ,∃ . ) = { ⋅ � ∈ ( ∪ { }, ), ∉ ( � )}
( , ) = { } ∪ { ⋅ � ∈ ( , )}<latexit sha1_base64="zqydxWYmnzy0Kb+u4Bb6NbjCgS8=">AAAF6HiclVRdTxQxFB1WV3H9An30pRGIbIKbWTAIDyQYNBrDJhjkI9nZkDudu7uVTjtpO7BrHX6Db0bjk7/EV/0H/hs7+wGuQIAmM9Pce869p9PThgln2vj+n7HCtevFGzfHb5Vu37l77/7E5INtLVNFcYtKLtVuCBo5E7hlmOG4myiEOOS4E+6v5fmdA1SaSfHedBNsxNASrMkoGBfamywslIIQW0xYZjBmHzErBfmMTAcGO8ZCqLPZzTliyAoxT8ruHVg/oJE0JCFBzKL8wwQZQZtykJGApi5lq5cBT5/dNACetCHgICIn0kCv/ZkIqU4AF+vrs64isl/9fKHYcVulbSerDGpfSsiwfSfIhprmAhKQDgmENEMwM/YAlMPbPib7tGeTrEzOVQNHQ56Grs6ORiVdftHk+D+5RiiiY4vsTUz5Ff/Z/OKyT/zKwvLSol8l1YrfG8eTKW8wNpzNvgeRpGmMwlAOWterfmIaFpRhlOeeSzUmQPehhfXogCVaQIy6YTs9h2dkxuUj0pTKPcKQXvRfkoVY624cOmQMpq3/z+XBs3L11DSXGpaJJDUoaL9RM+XESJIfFxIxhdTwrpsAVczJJbQNCqhxh6o0UqomNp0CyRu21yZBOrKuXlTpph6NdrjpGAUuGGETUm7yBTYRTKpQ2xokCROtFbctT/OtcTCNJgYmcli9YV9EMkTyFoWWgmwoOQQ4ATlidt2dczH3krWY0eX6JgWOKzUwtL0uD1FRd3NcXOO1Qtw/j1xjgg1pM0Oeiu1aGxJQCvhJReBcg+jV1FeS4oixFPKKRCFVDO4KRXd6nHNi3V8WE4dtZ2TtNgCdDX2/UXJ+PuXe05Pt+UrVr1TfzU+tvho4e9x75D32Zr2q99xb9d54G96WRwvfCj8Lvwq/ix+Kn4tfil/70MLYgPPQGxnFH38B9vEEvw==</latexit><latexit sha1_base64="zqydxWYmnzy0Kb+u4Bb6NbjCgS8=">AAAF6HiclVRdTxQxFB1WV3H9An30pRGIbIKbWTAIDyQYNBrDJhjkI9nZkDudu7uVTjtpO7BrHX6Db0bjk7/EV/0H/hs7+wGuQIAmM9Pce869p9PThgln2vj+n7HCtevFGzfHb5Vu37l77/7E5INtLVNFcYtKLtVuCBo5E7hlmOG4myiEOOS4E+6v5fmdA1SaSfHedBNsxNASrMkoGBfamywslIIQW0xYZjBmHzErBfmMTAcGO8ZCqLPZzTliyAoxT8ruHVg/oJE0JCFBzKL8wwQZQZtykJGApi5lq5cBT5/dNACetCHgICIn0kCv/ZkIqU4AF+vrs64isl/9fKHYcVulbSerDGpfSsiwfSfIhprmAhKQDgmENEMwM/YAlMPbPib7tGeTrEzOVQNHQ56Grs6ORiVdftHk+D+5RiiiY4vsTUz5Ff/Z/OKyT/zKwvLSol8l1YrfG8eTKW8wNpzNvgeRpGmMwlAOWterfmIaFpRhlOeeSzUmQPehhfXogCVaQIy6YTs9h2dkxuUj0pTKPcKQXvRfkoVY624cOmQMpq3/z+XBs3L11DSXGpaJJDUoaL9RM+XESJIfFxIxhdTwrpsAVczJJbQNCqhxh6o0UqomNp0CyRu21yZBOrKuXlTpph6NdrjpGAUuGGETUm7yBTYRTKpQ2xokCROtFbctT/OtcTCNJgYmcli9YV9EMkTyFoWWgmwoOQQ4ATlidt2dczH3krWY0eX6JgWOKzUwtL0uD1FRd3NcXOO1Qtw/j1xjgg1pM0Oeiu1aGxJQCvhJReBcg+jV1FeS4oixFPKKRCFVDO4KRXd6nHNi3V8WE4dtZ2TtNgCdDX2/UXJ+PuXe05Pt+UrVr1TfzU+tvho4e9x75D32Zr2q99xb9d54G96WRwvfCj8Lvwq/ix+Kn4tfil/70MLYgPPQGxnFH38B9vEEvw==</latexit><latexit sha1_base64="zqydxWYmnzy0Kb+u4Bb6NbjCgS8=">AAAF6HiclVRdTxQxFB1WV3H9An30pRGIbIKbWTAIDyQYNBrDJhjkI9nZkDudu7uVTjtpO7BrHX6Db0bjk7/EV/0H/hs7+wGuQIAmM9Pce869p9PThgln2vj+n7HCtevFGzfHb5Vu37l77/7E5INtLVNFcYtKLtVuCBo5E7hlmOG4myiEOOS4E+6v5fmdA1SaSfHedBNsxNASrMkoGBfamywslIIQW0xYZjBmHzErBfmMTAcGO8ZCqLPZzTliyAoxT8ruHVg/oJE0JCFBzKL8wwQZQZtykJGApi5lq5cBT5/dNACetCHgICIn0kCv/ZkIqU4AF+vrs64isl/9fKHYcVulbSerDGpfSsiwfSfIhprmAhKQDgmENEMwM/YAlMPbPib7tGeTrEzOVQNHQ56Grs6ORiVdftHk+D+5RiiiY4vsTUz5Ff/Z/OKyT/zKwvLSol8l1YrfG8eTKW8wNpzNvgeRpGmMwlAOWterfmIaFpRhlOeeSzUmQPehhfXogCVaQIy6YTs9h2dkxuUj0pTKPcKQXvRfkoVY624cOmQMpq3/z+XBs3L11DSXGpaJJDUoaL9RM+XESJIfFxIxhdTwrpsAVczJJbQNCqhxh6o0UqomNp0CyRu21yZBOrKuXlTpph6NdrjpGAUuGGETUm7yBTYRTKpQ2xokCROtFbctT/OtcTCNJgYmcli9YV9EMkTyFoWWgmwoOQQ4ATlidt2dczH3krWY0eX6JgWOKzUwtL0uD1FRd3NcXOO1Qtw/j1xjgg1pM0Oeiu1aGxJQCvhJReBcg+jV1FeS4oixFPKKRCFVDO4KRXd6nHNi3V8WE4dtZ2TtNgCdDX2/UXJ+PuXe05Pt+UrVr1TfzU+tvho4e9x75D32Zr2q99xb9d54G96WRwvfCj8Lvwq/ix+Kn4tfil/70MLYgPPQGxnFH38B9vEEvw==</latexit><latexit sha1_base64="zqydxWYmnzy0Kb+u4Bb6NbjCgS8=">AAAF6HiclVRdTxQxFB1WV3H9An30pRGIbIKbWTAIDyQYNBrDJhjkI9nZkDudu7uVTjtpO7BrHX6Db0bjk7/EV/0H/hs7+wGuQIAmM9Pce869p9PThgln2vj+n7HCtevFGzfHb5Vu37l77/7E5INtLVNFcYtKLtVuCBo5E7hlmOG4myiEOOS4E+6v5fmdA1SaSfHedBNsxNASrMkoGBfamywslIIQW0xYZjBmHzErBfmMTAcGO8ZCqLPZzTliyAoxT8ruHVg/oJE0JCFBzKL8wwQZQZtykJGApi5lq5cBT5/dNACetCHgICIn0kCv/ZkIqU4AF+vrs64isl/9fKHYcVulbSerDGpfSsiwfSfIhprmAhKQDgmENEMwM/YAlMPbPib7tGeTrEzOVQNHQ56Grs6ORiVdftHk+D+5RiiiY4vsTUz5Ff/Z/OKyT/zKwvLSol8l1YrfG8eTKW8wNpzNvgeRpGmMwlAOWterfmIaFpRhlOeeSzUmQPehhfXogCVaQIy6YTs9h2dkxuUj0pTKPcKQXvRfkoVY624cOmQMpq3/z+XBs3L11DSXGpaJJDUoaL9RM+XESJIfFxIxhdTwrpsAVczJJbQNCqhxh6o0UqomNp0CyRu21yZBOrKuXlTpph6NdrjpGAUuGGETUm7yBTYRTKpQ2xokCROtFbctT/OtcTCNJgYmcli9YV9EMkTyFoWWgmwoOQQ4ATlidt2dczH3krWY0eX6JgWOKzUwtL0uD1FRd3NcXOO1Qtw/j1xjgg1pM0Oeiu1aGxJQCvhJReBcg+jV1FeS4oixFPKKRCFVDO4KRXd6nHNi3V8WE4dtZ2TtNgCdDX2/UXJ+PuXe05Pt+UrVr1TfzU+tvho4e9x75D32Zr2q99xb9d54G96WRwvfCj8Lvwq/ix+Kn4tfil/70MLYgPPQGxnFH38B9vEEvw==</latexit>
![Page 18: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/18.jpg)
Abstractability: AssertionsX = {senc(m, k), k}
α = ∃x.[senc(x, k) = senc(m, k)]
abs(X, α) = {001, 01, 010, 011}
∃
<latexit sha1_base64="02JoJoPEeZZoHrlomJStyT+EEdQ=">AAAJL3icnVbdbts2FFabebO8nzbt5W6IxQVSwDMkZ8UKDAa6dtiGoQEydGkL2EJAUcc2Z4oUSDq2J+gderu9xZ5m2M2w273FDmUriWI7a0cgNn34fed855CHTJwJbmwQ/Hnr9t57jfc/aPqtDz/6+JM7d/fvvTRqphmcMiWUfh1TA4JLOLXcCnidaaBpLOBVPH3m1l+dgzZcyZ/sMoMopWPJR5xRi6az/cbeMIYxl7nl018yzuxMQzEQcA6CJBieSgakT8JemkYtQoYOZuxSQI4QvSRSJVD0B4mm875UEjoWFrYfC8qmHaeJzHliJ/2ge7ThYBUkRLbhMWLHFwH7jx7tQPe2oY92oY+2oXvBDvQX29BhhXaJHsJDkreHsMBVQxbtAhcIYRMuElJO89VXOUpCgAQyxAIOSdHyK3A5yyuo76+gDjt05csNSFYUl64caEWsmfL6z8qN89OuxNVXBzEINUc5QTdMU6JGBOEdUu6ehqRDrmwZAqIcl6/5+d+yQidr+taywrWsb5UGY7/TANLJCW+Q41/UHQ/wyNb93Zxl5cYnBakFIJsJ1nYZKav8wm2751+pj78ujF9VJCw3Km0XV81bShEGW0sRBhXxbWLVqn9DrO1lD8N6rMtR+tF8PKmXe4eb62xyYdjhZ+2mvE8ikq9TXn1up0CNgt16TjVkhgsl24Xf+oqQ1hBkUrvvzu4eBN2gHGRzEq4nB956nJzt790fJorNUpCWCWrMIAwyG+VUW84EFK3hzECGAugYBsk5z4ykKZgoX5Q3dkEe4HpCRkrjn7SktF4l5TQ1ZpnGiEypnZjra864bW0ws6PHUc5lNrPuGJaBRjNBrCLu+seLTQOzYokTyjRHuXjCqabM4iNRi+IKtErEzQSPNdVLzFCruemYCc3AdNOZsDzDrDsEpWi+6JBMGe6eFrxFN9lr2hhUCghnHUYFK1q1DI7lC0xciSgvs8uA1cpZWrUZmbp1IezCaorGBEYUZbm6joC6/TX5Mc0yFNTH/vzc9SjCUFhKuXSwQZR/nagYyA8gjZLkRKsKgAIc4vA5Ppey8w0fc2seDl6gbOgfU8smz9UcNMMH+L99uC6Y7iIfc8kr2oOKp9P8GVYMa07FpUcqhKGy9GneSQoSUyXVOxKl0inF/0QAGwkPbGpWaXE5n3ALBjcA8PQHQdTCNgqvN83m5GWvG2K3/tg7ePJ03VBN71PvM+/QC70vvSfe996Jd+qxxs+NN41fG781f2/+0fyr+fcKevvWmnPfq43mP/8CLxbPNA==</latexit><latexit sha1_base64="02JoJoPEeZZoHrlomJStyT+EEdQ=">AAAJL3icnVbdbts2FFabebO8nzbt5W6IxQVSwDMkZ8UKDAa6dtiGoQEydGkL2EJAUcc2Z4oUSDq2J+gderu9xZ5m2M2w273FDmUriWI7a0cgNn34fed855CHTJwJbmwQ/Hnr9t57jfc/aPqtDz/6+JM7d/fvvTRqphmcMiWUfh1TA4JLOLXcCnidaaBpLOBVPH3m1l+dgzZcyZ/sMoMopWPJR5xRi6az/cbeMIYxl7nl018yzuxMQzEQcA6CJBieSgakT8JemkYtQoYOZuxSQI4QvSRSJVD0B4mm875UEjoWFrYfC8qmHaeJzHliJ/2ge7ThYBUkRLbhMWLHFwH7jx7tQPe2oY92oY+2oXvBDvQX29BhhXaJHsJDkreHsMBVQxbtAhcIYRMuElJO89VXOUpCgAQyxAIOSdHyK3A5yyuo76+gDjt05csNSFYUl64caEWsmfL6z8qN89OuxNVXBzEINUc5QTdMU6JGBOEdUu6ehqRDrmwZAqIcl6/5+d+yQidr+taywrWsb5UGY7/TANLJCW+Q41/UHQ/wyNb93Zxl5cYnBakFIJsJ1nYZKav8wm2751+pj78ujF9VJCw3Km0XV81bShEGW0sRBhXxbWLVqn9DrO1lD8N6rMtR+tF8PKmXe4eb62xyYdjhZ+2mvE8ikq9TXn1up0CNgt16TjVkhgsl24Xf+oqQ1hBkUrvvzu4eBN2gHGRzEq4nB956nJzt790fJorNUpCWCWrMIAwyG+VUW84EFK3hzECGAugYBsk5z4ykKZgoX5Q3dkEe4HpCRkrjn7SktF4l5TQ1ZpnGiEypnZjra864bW0ws6PHUc5lNrPuGJaBRjNBrCLu+seLTQOzYokTyjRHuXjCqabM4iNRi+IKtErEzQSPNdVLzFCruemYCc3AdNOZsDzDrDsEpWi+6JBMGe6eFrxFN9lr2hhUCghnHUYFK1q1DI7lC0xciSgvs8uA1cpZWrUZmbp1IezCaorGBEYUZbm6joC6/TX5Mc0yFNTH/vzc9SjCUFhKuXSwQZR/nagYyA8gjZLkRKsKgAIc4vA5Ppey8w0fc2seDl6gbOgfU8smz9UcNMMH+L99uC6Y7iIfc8kr2oOKp9P8GVYMa07FpUcqhKGy9GneSQoSUyXVOxKl0inF/0QAGwkPbGpWaXE5n3ALBjcA8PQHQdTCNgqvN83m5GWvG2K3/tg7ePJ03VBN71PvM+/QC70vvSfe996Jd+qxxs+NN41fG781f2/+0fyr+fcKevvWmnPfq43mP/8CLxbPNA==</latexit><latexit sha1_base64="02JoJoPEeZZoHrlomJStyT+EEdQ=">AAAJL3icnVbdbts2FFabebO8nzbt5W6IxQVSwDMkZ8UKDAa6dtiGoQEydGkL2EJAUcc2Z4oUSDq2J+gderu9xZ5m2M2w273FDmUriWI7a0cgNn34fed855CHTJwJbmwQ/Hnr9t57jfc/aPqtDz/6+JM7d/fvvTRqphmcMiWUfh1TA4JLOLXcCnidaaBpLOBVPH3m1l+dgzZcyZ/sMoMopWPJR5xRi6az/cbeMIYxl7nl018yzuxMQzEQcA6CJBieSgakT8JemkYtQoYOZuxSQI4QvSRSJVD0B4mm875UEjoWFrYfC8qmHaeJzHliJ/2ge7ThYBUkRLbhMWLHFwH7jx7tQPe2oY92oY+2oXvBDvQX29BhhXaJHsJDkreHsMBVQxbtAhcIYRMuElJO89VXOUpCgAQyxAIOSdHyK3A5yyuo76+gDjt05csNSFYUl64caEWsmfL6z8qN89OuxNVXBzEINUc5QTdMU6JGBOEdUu6ehqRDrmwZAqIcl6/5+d+yQidr+taywrWsb5UGY7/TANLJCW+Q41/UHQ/wyNb93Zxl5cYnBakFIJsJ1nYZKav8wm2751+pj78ujF9VJCw3Km0XV81bShEGW0sRBhXxbWLVqn9DrO1lD8N6rMtR+tF8PKmXe4eb62xyYdjhZ+2mvE8ikq9TXn1up0CNgt16TjVkhgsl24Xf+oqQ1hBkUrvvzu4eBN2gHGRzEq4nB956nJzt790fJorNUpCWCWrMIAwyG+VUW84EFK3hzECGAugYBsk5z4ykKZgoX5Q3dkEe4HpCRkrjn7SktF4l5TQ1ZpnGiEypnZjra864bW0ws6PHUc5lNrPuGJaBRjNBrCLu+seLTQOzYokTyjRHuXjCqabM4iNRi+IKtErEzQSPNdVLzFCruemYCc3AdNOZsDzDrDsEpWi+6JBMGe6eFrxFN9lr2hhUCghnHUYFK1q1DI7lC0xciSgvs8uA1cpZWrUZmbp1IezCaorGBEYUZbm6joC6/TX5Mc0yFNTH/vzc9SjCUFhKuXSwQZR/nagYyA8gjZLkRKsKgAIc4vA5Ppey8w0fc2seDl6gbOgfU8smz9UcNMMH+L99uC6Y7iIfc8kr2oOKp9P8GVYMa07FpUcqhKGy9GneSQoSUyXVOxKl0inF/0QAGwkPbGpWaXE5n3ALBjcA8PQHQdTCNgqvN83m5GWvG2K3/tg7ePJ03VBN71PvM+/QC70vvSfe996Jd+qxxs+NN41fG781f2/+0fyr+fcKevvWmnPfq43mP/8CLxbPNA==</latexit><latexit sha1_base64="02JoJoPEeZZoHrlomJStyT+EEdQ=">AAAJL3icnVbdbts2FFabebO8nzbt5W6IxQVSwDMkZ8UKDAa6dtiGoQEydGkL2EJAUcc2Z4oUSDq2J+gderu9xZ5m2M2w273FDmUriWI7a0cgNn34fed855CHTJwJbmwQ/Hnr9t57jfc/aPqtDz/6+JM7d/fvvTRqphmcMiWUfh1TA4JLOLXcCnidaaBpLOBVPH3m1l+dgzZcyZ/sMoMopWPJR5xRi6az/cbeMIYxl7nl018yzuxMQzEQcA6CJBieSgakT8JemkYtQoYOZuxSQI4QvSRSJVD0B4mm875UEjoWFrYfC8qmHaeJzHliJ/2ge7ThYBUkRLbhMWLHFwH7jx7tQPe2oY92oY+2oXvBDvQX29BhhXaJHsJDkreHsMBVQxbtAhcIYRMuElJO89VXOUpCgAQyxAIOSdHyK3A5yyuo76+gDjt05csNSFYUl64caEWsmfL6z8qN89OuxNVXBzEINUc5QTdMU6JGBOEdUu6ehqRDrmwZAqIcl6/5+d+yQidr+taywrWsb5UGY7/TANLJCW+Q41/UHQ/wyNb93Zxl5cYnBakFIJsJ1nYZKav8wm2751+pj78ujF9VJCw3Km0XV81bShEGW0sRBhXxbWLVqn9DrO1lD8N6rMtR+tF8PKmXe4eb62xyYdjhZ+2mvE8ikq9TXn1up0CNgt16TjVkhgsl24Xf+oqQ1hBkUrvvzu4eBN2gHGRzEq4nB956nJzt790fJorNUpCWCWrMIAwyG+VUW84EFK3hzECGAugYBsk5z4ykKZgoX5Q3dkEe4HpCRkrjn7SktF4l5TQ1ZpnGiEypnZjra864bW0ws6PHUc5lNrPuGJaBRjNBrCLu+seLTQOzYokTyjRHuXjCqabM4iNRi+IKtErEzQSPNdVLzFCruemYCc3AdNOZsDzDrDsEpWi+6JBMGe6eFrxFN9lr2hhUCghnHUYFK1q1DI7lC0xciSgvs8uA1cpZWrUZmbp1IezCaorGBEYUZbm6joC6/TX5Mc0yFNTH/vzc9SjCUFhKuXSwQZR/nagYyA8gjZLkRKsKgAIc4vA5Ppey8w0fc2seDl6gbOgfU8smz9UcNMMH+L99uC6Y7iIfc8kr2oOKp9P8GVYMa07FpUcqhKGy9GneSQoSUyXVOxKl0inF/0QAGwkPbGpWaXE5n3ALBjcA8PQHQdTCNgqvN83m5GWvG2K3/tg7ePJ03VBN71PvM+/QC70vvSfe996Jd+qxxs+NN41fG781f2/+0fyr+fcKevvWmnPfq43mP/8CLxbPNA==</latexit>
![Page 19: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/19.jpg)
Inference system for Assertions
Sequents now of the form S; A ⊢ α.
Simple equality rule: if t derivable from S, can state t = t.
Some rules for manipulating equality make use of
abstractability.
![Page 20: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/20.jpg)
Inference system for AssertionsAbstractability used by projection, substitution,
existential introduction etc.
Can go from α(t) to α(u) if all occurrences of t
abstractable from α w.r.t. the set of terms S.
Restricted contradiction rule: two terms t and u such
that the structure of t and u can be determined (maybe
using abstractability!) to be different, but S; A ⊢ t = u.
![Page 21: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/21.jpg)
; ∪ { } �
�
; � =
; � ( , . . , ) = ( , . . , )[ , ]
; � =
; � =
� [ � � ]; �
; � [ ] ; � =
[ , � ]; � [ ]
<latexit sha1_base64="9C2DlkkDbrq6LpZRHDXhFP/fzTY=">AAAKlHicrVbrbuNEFPYW2CzmtgWJP/wZUaVqpRKcgpauoNKuCgKhLSoK7a4Um2hsj5PZjMfuXNpEw/SleAlegbfh2LG7SRonFOEo8syc23fO+WbGYc6oVJ7394Ott95+52Hr0bvue+9/8OFHj7c/vpCZFhE5jzKWiVchloRRTs4VVYy8ygXBacjIy3B8UshfXhEhacZ/U9OcBCkecprQCCtYGmw//MuXKWbM9UMypNwoHGqGhTV/RPCzrj8qPLt+qpmiEE6n3ByWUmus768W1M5SrEa2nuQiyxIlCIGV11oqAEEkcnvfoufIj3SOfONjlo+wb5F/FWM5QrM58rWkfIh8RSaQocET8EB4vOCxmM/CwaQBVol3ls9uMVwPslehGJg6cDy1Fql59DPwM7AKHcN/CSu5XIt1dyOIuQClT5mYxO6pgenaA+SzOFN59TpAsCrsPsCY09QrNXWp2ZjJwFALbnT5dquUbssA8F5bW8r8S41j1FcDWvikN6WKwaFUAkdAJUbQdUd0VMfe9IJ1hYB27N6vO0uV103JLHEozFSNGhp8UdmXy3otwvYCoPZdRO0GwoyreHdBgZcGzGUZ87HdG+/f1M4knkp7s3pLlDJwtwS//V+pVu1E21fBwJzZFRmUNUdNRb+115X9ElwNDHnDnrW0Ae6ihsqub9gipdrF+F/0cC6J8crSNzdtZWc0B+MNrWnv3hPZ/38SNCW1dBS0N58FvvH8CHwjOBK61Qj5KY2LFyOXSBTne8EAomBWO0qg+zbYUKeihbM+VrdSIatvrMHjHa/jfX345KmHvM5XT4+eeF3U7XjlczvYcarnbLC99acfZ5FOCVcRw1L2u16uAoMF3BysIJOWJMfRGA9JP76iueQ4JTIwk/LatagN8hglmYA/V6hcnTcyOJVymoagWSQgl2VlVitkfa2So8BQnmtFeDQLlGiGVIaKOxzFVJBIsSkMcCQowEXRCBd7B276hShzlVyIcMp7ACxjQVlamZNoId1yVchELq5OmJrAFoXFmCQYbtgi74RgpQWR5hTnOZDjGDr6RdFVUIMep5jyQq0fmOdxFhL0M+Ey4+hMZLUCACg09l7ANwk/+J4OqZL7/V6EGTk+xSoavciuiYjgK2ezjx8h13GT8SnltDZr13YiNScjnGMhMHvjET6JJOalT3kvKGCYZjy7pyHPBHyFUUmusABCpXKWFuXXI6qIhAYQYKfnBS7Q/A6p7w4uDjtdr9P99XDn2VFF+EfOZ87nzp7Tdb5xnjk/OWfOuRO1vmydt35vDdxP3e/cE/eHmerWg8rmE2fhcX/5B6hywtw=</latexit><latexit sha1_base64="9C2DlkkDbrq6LpZRHDXhFP/fzTY=">AAAKlHicrVbrbuNEFPYW2CzmtgWJP/wZUaVqpRKcgpauoNKuCgKhLSoK7a4Um2hsj5PZjMfuXNpEw/SleAlegbfh2LG7SRonFOEo8syc23fO+WbGYc6oVJ7394Ott95+52Hr0bvue+9/8OFHj7c/vpCZFhE5jzKWiVchloRRTs4VVYy8ygXBacjIy3B8UshfXhEhacZ/U9OcBCkecprQCCtYGmw//MuXKWbM9UMypNwoHGqGhTV/RPCzrj8qPLt+qpmiEE6n3ByWUmus768W1M5SrEa2nuQiyxIlCIGV11oqAEEkcnvfoufIj3SOfONjlo+wb5F/FWM5QrM58rWkfIh8RSaQocET8EB4vOCxmM/CwaQBVol3ls9uMVwPslehGJg6cDy1Fql59DPwM7AKHcN/CSu5XIt1dyOIuQClT5mYxO6pgenaA+SzOFN59TpAsCrsPsCY09QrNXWp2ZjJwFALbnT5dquUbssA8F5bW8r8S41j1FcDWvikN6WKwaFUAkdAJUbQdUd0VMfe9IJ1hYB27N6vO0uV103JLHEozFSNGhp8UdmXy3otwvYCoPZdRO0GwoyreHdBgZcGzGUZ87HdG+/f1M4knkp7s3pLlDJwtwS//V+pVu1E21fBwJzZFRmUNUdNRb+115X9ElwNDHnDnrW0Ae6ihsqub9gipdrF+F/0cC6J8crSNzdtZWc0B+MNrWnv3hPZ/38SNCW1dBS0N58FvvH8CHwjOBK61Qj5KY2LFyOXSBTne8EAomBWO0qg+zbYUKeihbM+VrdSIatvrMHjHa/jfX345KmHvM5XT4+eeF3U7XjlczvYcarnbLC99acfZ5FOCVcRw1L2u16uAoMF3BysIJOWJMfRGA9JP76iueQ4JTIwk/LatagN8hglmYA/V6hcnTcyOJVymoagWSQgl2VlVitkfa2So8BQnmtFeDQLlGiGVIaKOxzFVJBIsSkMcCQowEXRCBd7B276hShzlVyIcMp7ACxjQVlamZNoId1yVchELq5OmJrAFoXFmCQYbtgi74RgpQWR5hTnOZDjGDr6RdFVUIMep5jyQq0fmOdxFhL0M+Ey4+hMZLUCACg09l7ANwk/+J4OqZL7/V6EGTk+xSoavciuiYjgK2ezjx8h13GT8SnltDZr13YiNScjnGMhMHvjET6JJOalT3kvKGCYZjy7pyHPBHyFUUmusABCpXKWFuXXI6qIhAYQYKfnBS7Q/A6p7w4uDjtdr9P99XDn2VFF+EfOZ87nzp7Tdb5xnjk/OWfOuRO1vmydt35vDdxP3e/cE/eHmerWg8rmE2fhcX/5B6hywtw=</latexit><latexit sha1_base64="9C2DlkkDbrq6LpZRHDXhFP/fzTY=">AAAKlHicrVbrbuNEFPYW2CzmtgWJP/wZUaVqpRKcgpauoNKuCgKhLSoK7a4Um2hsj5PZjMfuXNpEw/SleAlegbfh2LG7SRonFOEo8syc23fO+WbGYc6oVJ7394Ott95+52Hr0bvue+9/8OFHj7c/vpCZFhE5jzKWiVchloRRTs4VVYy8ygXBacjIy3B8UshfXhEhacZ/U9OcBCkecprQCCtYGmw//MuXKWbM9UMypNwoHGqGhTV/RPCzrj8qPLt+qpmiEE6n3ByWUmus768W1M5SrEa2nuQiyxIlCIGV11oqAEEkcnvfoufIj3SOfONjlo+wb5F/FWM5QrM58rWkfIh8RSaQocET8EB4vOCxmM/CwaQBVol3ls9uMVwPslehGJg6cDy1Fql59DPwM7AKHcN/CSu5XIt1dyOIuQClT5mYxO6pgenaA+SzOFN59TpAsCrsPsCY09QrNXWp2ZjJwFALbnT5dquUbssA8F5bW8r8S41j1FcDWvikN6WKwaFUAkdAJUbQdUd0VMfe9IJ1hYB27N6vO0uV103JLHEozFSNGhp8UdmXy3otwvYCoPZdRO0GwoyreHdBgZcGzGUZ87HdG+/f1M4knkp7s3pLlDJwtwS//V+pVu1E21fBwJzZFRmUNUdNRb+115X9ElwNDHnDnrW0Ae6ihsqub9gipdrF+F/0cC6J8crSNzdtZWc0B+MNrWnv3hPZ/38SNCW1dBS0N58FvvH8CHwjOBK61Qj5KY2LFyOXSBTne8EAomBWO0qg+zbYUKeihbM+VrdSIatvrMHjHa/jfX345KmHvM5XT4+eeF3U7XjlczvYcarnbLC99acfZ5FOCVcRw1L2u16uAoMF3BysIJOWJMfRGA9JP76iueQ4JTIwk/LatagN8hglmYA/V6hcnTcyOJVymoagWSQgl2VlVitkfa2So8BQnmtFeDQLlGiGVIaKOxzFVJBIsSkMcCQowEXRCBd7B276hShzlVyIcMp7ACxjQVlamZNoId1yVchELq5OmJrAFoXFmCQYbtgi74RgpQWR5hTnOZDjGDr6RdFVUIMep5jyQq0fmOdxFhL0M+Ey4+hMZLUCACg09l7ANwk/+J4OqZL7/V6EGTk+xSoavciuiYjgK2ezjx8h13GT8SnltDZr13YiNScjnGMhMHvjET6JJOalT3kvKGCYZjy7pyHPBHyFUUmusABCpXKWFuXXI6qIhAYQYKfnBS7Q/A6p7w4uDjtdr9P99XDn2VFF+EfOZ87nzp7Tdb5xnjk/OWfOuRO1vmydt35vDdxP3e/cE/eHmerWg8rmE2fhcX/5B6hywtw=</latexit><latexit sha1_base64="9C2DlkkDbrq6LpZRHDXhFP/fzTY=">AAAKlHicrVbrbuNEFPYW2CzmtgWJP/wZUaVqpRKcgpauoNKuCgKhLSoK7a4Um2hsj5PZjMfuXNpEw/SleAlegbfh2LG7SRonFOEo8syc23fO+WbGYc6oVJ7394Ott95+52Hr0bvue+9/8OFHj7c/vpCZFhE5jzKWiVchloRRTs4VVYy8ygXBacjIy3B8UshfXhEhacZ/U9OcBCkecprQCCtYGmw//MuXKWbM9UMypNwoHGqGhTV/RPCzrj8qPLt+qpmiEE6n3ByWUmus768W1M5SrEa2nuQiyxIlCIGV11oqAEEkcnvfoufIj3SOfONjlo+wb5F/FWM5QrM58rWkfIh8RSaQocET8EB4vOCxmM/CwaQBVol3ls9uMVwPslehGJg6cDy1Fql59DPwM7AKHcN/CSu5XIt1dyOIuQClT5mYxO6pgenaA+SzOFN59TpAsCrsPsCY09QrNXWp2ZjJwFALbnT5dquUbssA8F5bW8r8S41j1FcDWvikN6WKwaFUAkdAJUbQdUd0VMfe9IJ1hYB27N6vO0uV103JLHEozFSNGhp8UdmXy3otwvYCoPZdRO0GwoyreHdBgZcGzGUZ87HdG+/f1M4knkp7s3pLlDJwtwS//V+pVu1E21fBwJzZFRmUNUdNRb+115X9ElwNDHnDnrW0Ae6ihsqub9gipdrF+F/0cC6J8crSNzdtZWc0B+MNrWnv3hPZ/38SNCW1dBS0N58FvvH8CHwjOBK61Qj5KY2LFyOXSBTne8EAomBWO0qg+zbYUKeihbM+VrdSIatvrMHjHa/jfX345KmHvM5XT4+eeF3U7XjlczvYcarnbLC99acfZ5FOCVcRw1L2u16uAoMF3BysIJOWJMfRGA9JP76iueQ4JTIwk/LatagN8hglmYA/V6hcnTcyOJVymoagWSQgl2VlVitkfa2So8BQnmtFeDQLlGiGVIaKOxzFVJBIsSkMcCQowEXRCBd7B276hShzlVyIcMp7ACxjQVlamZNoId1yVchELq5OmJrAFoXFmCQYbtgi74RgpQWR5hTnOZDjGDr6RdFVUIMep5jyQq0fmOdxFhL0M+Ey4+hMZLUCACg09l7ANwk/+J4OqZL7/V6EGTk+xSoavciuiYjgK2ezjx8h13GT8SnltDZr13YiNScjnGMhMHvjET6JJOalT3kvKGCYZjy7pyHPBHyFUUmusABCpXKWFuXXI6qIhAYQYKfnBS7Q/A6p7w4uDjtdr9P99XDn2VFF+EfOZ87nzp7Tdb5xnjk/OWfOuRO1vmydt35vDdxP3e/cE/eHmerWg8rmE2fhcX/5B6hywtw=</latexit>
![Page 22: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/22.jpg)
Inference system for Assertions
A says is essentially a signature with A’s private key, can
be removed by an unsay rule.
Rules for logical operators ∧, ∨ and ∃ are as in standard
intuitionistic logic (caveat of abstractability for ∃i).
![Page 23: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/23.jpg)
� ; �
; � ( )
; �
; �
; � ; �
∧
; � ∧
; � ∧
∧
; �
; �
∨
; � ∨
; � ∨ ; ∪ { } � ; ∪ { } �∨
; �
; � [ ]∃ [ ]
; � ∃ .
; � ∃ . [ ] ∪ { }; ∪ { [ ] } �∃ [ ]
; �
<latexit sha1_base64="9B4N1vQNE9FSphxpPLFkLR0mDww=">AAAKI3ictVZNj9tEGHYXCI356sKRy4hV260EkbOgshWq1KpIINSVFoXtVoqtdDx+HQ8Zz5iZ8W6iYfbf8Au48we4IS4cuHGF38DYcdJkk+yHoJOLM+/X8z7Pa8/EBaNKB8EfN7Zee/2N1ps32/5bb7/z7nu3tt9/pkQpCRwRwYR8HmMFjHI40lQzeF5IwHnM4DgePansxycgFRX8Oz0pIMrxkNOUEqzd1mC7dRyqHDPmhzEMKTcaxyXD0pofiftZP8yqzP6dMJx55FhndvankEKkWgJYv4fCkwSrbGBCDWMHxSQTa9EIhT+UOEG9L9DjxgOFmBUZ9sPvS6UdFlDL1ircFCO7O7p3Nsul8ETZs2kgCktF+RAt2fwQeLKIp/4/BXvnUuwL5Udra24EuxZRyV3shZAcnzWnV6d3pejABHYjuQPTtRdjnoYzzJOFkHkj1f5USEPt/0fuBaUvQ0vXggNrK9Mrp5pejU0h15Ip5Cvjsikag8ZLw0DKAoVm6hPaeUwCbL1jlWDFb2PPTZqV/uDi/q4tRXuxatON7etoYA6tj9zaBBDG7tupzNh2zr2hjWEuR8NFX09fe4NjpSUm7jvIAJ12ZEd37Fkv+k+qtddBsxW4eUvjuqWZMDNVJqFd0GjuPKmdz6vlt6+m1hID8JKBScMAVejFi1SCyu7etRG6up61YXaADG7tBJ3gs737DwIUdD59sH8/6KJuJ6jX/GHHa9bhYHvr5zARpMyBa8KwUv1uUOjIYKkpYVXdUkGByQgPoZ+c0EJxnIOKzLg+BS267ewJSt3bkAquUb27GGRwrtQkj51nhV6dt9UtrbH1S53uR4byotTAybRQWjKkBaqOVJRQCUSziXvARFIHF5EMV0PkDt6lKgssLlU44D0HTLCo5lUVQJbarXelStXy7pjpsZtVt5lAikumq75TwLp04pkDXBRO74dO008qXZ2bAp1jyiu3fmQeJyIG9A1wJTg6lGLm4ABUHrtP3RWBf/wlHVKt7vV7BDN4eIA1yZ6KU5DEXTouz/GV63W0KfiAcjoLuz2Lk7l5kuECS4nZy4zuhqIwr3Oqa0Fxgbng4pqBXEh3KaIKTrB0A5WraVuUn2ZUg3ICgJvOIIh8N+YrQ7368Gyv0w063W/3dh7tNwN/0/vQ+8jb9bre594j72vv0DvySOuX1l+tv1v/tH9q/9r+rf371HXrRhPzgbe02n/+C3L8n64=</latexit><latexit sha1_base64="9B4N1vQNE9FSphxpPLFkLR0mDww=">AAAKI3ictVZNj9tEGHYXCI356sKRy4hV260EkbOgshWq1KpIINSVFoXtVoqtdDx+HQ8Zz5iZ8W6iYfbf8Au48we4IS4cuHGF38DYcdJkk+yHoJOLM+/X8z7Pa8/EBaNKB8EfN7Zee/2N1ps32/5bb7/z7nu3tt9/pkQpCRwRwYR8HmMFjHI40lQzeF5IwHnM4DgePansxycgFRX8Oz0pIMrxkNOUEqzd1mC7dRyqHDPmhzEMKTcaxyXD0pofiftZP8yqzP6dMJx55FhndvankEKkWgJYv4fCkwSrbGBCDWMHxSQTa9EIhT+UOEG9L9DjxgOFmBUZ9sPvS6UdFlDL1ircFCO7O7p3Nsul8ETZs2kgCktF+RAt2fwQeLKIp/4/BXvnUuwL5Udra24EuxZRyV3shZAcnzWnV6d3pejABHYjuQPTtRdjnoYzzJOFkHkj1f5USEPt/0fuBaUvQ0vXggNrK9Mrp5pejU0h15Ip5Cvjsikag8ZLw0DKAoVm6hPaeUwCbL1jlWDFb2PPTZqV/uDi/q4tRXuxatON7etoYA6tj9zaBBDG7tupzNh2zr2hjWEuR8NFX09fe4NjpSUm7jvIAJ12ZEd37Fkv+k+qtddBsxW4eUvjuqWZMDNVJqFd0GjuPKmdz6vlt6+m1hID8JKBScMAVejFi1SCyu7etRG6up61YXaADG7tBJ3gs737DwIUdD59sH8/6KJuJ6jX/GHHa9bhYHvr5zARpMyBa8KwUv1uUOjIYKkpYVXdUkGByQgPoZ+c0EJxnIOKzLg+BS267ewJSt3bkAquUb27GGRwrtQkj51nhV6dt9UtrbH1S53uR4byotTAybRQWjKkBaqOVJRQCUSziXvARFIHF5EMV0PkDt6lKgssLlU44D0HTLCo5lUVQJbarXelStXy7pjpsZtVt5lAikumq75TwLp04pkDXBRO74dO008qXZ2bAp1jyiu3fmQeJyIG9A1wJTg6lGLm4ABUHrtP3RWBf/wlHVKt7vV7BDN4eIA1yZ6KU5DEXTouz/GV63W0KfiAcjoLuz2Lk7l5kuECS4nZy4zuhqIwr3Oqa0Fxgbng4pqBXEh3KaIKTrB0A5WraVuUn2ZUg3ICgJvOIIh8N+YrQ7368Gyv0w063W/3dh7tNwN/0/vQ+8jb9bre594j72vv0DvySOuX1l+tv1v/tH9q/9r+rf371HXrRhPzgbe02n/+C3L8n64=</latexit><latexit sha1_base64="9B4N1vQNE9FSphxpPLFkLR0mDww=">AAAKI3ictVZNj9tEGHYXCI356sKRy4hV260EkbOgshWq1KpIINSVFoXtVoqtdDx+HQ8Zz5iZ8W6iYfbf8Au48we4IS4cuHGF38DYcdJkk+yHoJOLM+/X8z7Pa8/EBaNKB8EfN7Zee/2N1ps32/5bb7/z7nu3tt9/pkQpCRwRwYR8HmMFjHI40lQzeF5IwHnM4DgePansxycgFRX8Oz0pIMrxkNOUEqzd1mC7dRyqHDPmhzEMKTcaxyXD0pofiftZP8yqzP6dMJx55FhndvankEKkWgJYv4fCkwSrbGBCDWMHxSQTa9EIhT+UOEG9L9DjxgOFmBUZ9sPvS6UdFlDL1ircFCO7O7p3Nsul8ETZs2kgCktF+RAt2fwQeLKIp/4/BXvnUuwL5Udra24EuxZRyV3shZAcnzWnV6d3pejABHYjuQPTtRdjnoYzzJOFkHkj1f5USEPt/0fuBaUvQ0vXggNrK9Mrp5pejU0h15Ip5Cvjsikag8ZLw0DKAoVm6hPaeUwCbL1jlWDFb2PPTZqV/uDi/q4tRXuxatON7etoYA6tj9zaBBDG7tupzNh2zr2hjWEuR8NFX09fe4NjpSUm7jvIAJ12ZEd37Fkv+k+qtddBsxW4eUvjuqWZMDNVJqFd0GjuPKmdz6vlt6+m1hID8JKBScMAVejFi1SCyu7etRG6up61YXaADG7tBJ3gs737DwIUdD59sH8/6KJuJ6jX/GHHa9bhYHvr5zARpMyBa8KwUv1uUOjIYKkpYVXdUkGByQgPoZ+c0EJxnIOKzLg+BS267ewJSt3bkAquUb27GGRwrtQkj51nhV6dt9UtrbH1S53uR4byotTAybRQWjKkBaqOVJRQCUSziXvARFIHF5EMV0PkDt6lKgssLlU44D0HTLCo5lUVQJbarXelStXy7pjpsZtVt5lAikumq75TwLp04pkDXBRO74dO008qXZ2bAp1jyiu3fmQeJyIG9A1wJTg6lGLm4ABUHrtP3RWBf/wlHVKt7vV7BDN4eIA1yZ6KU5DEXTouz/GV63W0KfiAcjoLuz2Lk7l5kuECS4nZy4zuhqIwr3Oqa0Fxgbng4pqBXEh3KaIKTrB0A5WraVuUn2ZUg3ICgJvOIIh8N+YrQ7368Gyv0w063W/3dh7tNwN/0/vQ+8jb9bre594j72vv0DvySOuX1l+tv1v/tH9q/9r+rf371HXrRhPzgbe02n/+C3L8n64=</latexit><latexit sha1_base64="9B4N1vQNE9FSphxpPLFkLR0mDww=">AAAKI3ictVZNj9tEGHYXCI356sKRy4hV260EkbOgshWq1KpIINSVFoXtVoqtdDx+HQ8Zz5iZ8W6iYfbf8Au48we4IS4cuHGF38DYcdJkk+yHoJOLM+/X8z7Pa8/EBaNKB8EfN7Zee/2N1ps32/5bb7/z7nu3tt9/pkQpCRwRwYR8HmMFjHI40lQzeF5IwHnM4DgePansxycgFRX8Oz0pIMrxkNOUEqzd1mC7dRyqHDPmhzEMKTcaxyXD0pofiftZP8yqzP6dMJx55FhndvankEKkWgJYv4fCkwSrbGBCDWMHxSQTa9EIhT+UOEG9L9DjxgOFmBUZ9sPvS6UdFlDL1ircFCO7O7p3Nsul8ETZs2kgCktF+RAt2fwQeLKIp/4/BXvnUuwL5Udra24EuxZRyV3shZAcnzWnV6d3pejABHYjuQPTtRdjnoYzzJOFkHkj1f5USEPt/0fuBaUvQ0vXggNrK9Mrp5pejU0h15Ip5Cvjsikag8ZLw0DKAoVm6hPaeUwCbL1jlWDFb2PPTZqV/uDi/q4tRXuxatON7etoYA6tj9zaBBDG7tupzNh2zr2hjWEuR8NFX09fe4NjpSUm7jvIAJ12ZEd37Fkv+k+qtddBsxW4eUvjuqWZMDNVJqFd0GjuPKmdz6vlt6+m1hID8JKBScMAVejFi1SCyu7etRG6up61YXaADG7tBJ3gs737DwIUdD59sH8/6KJuJ6jX/GHHa9bhYHvr5zARpMyBa8KwUv1uUOjIYKkpYVXdUkGByQgPoZ+c0EJxnIOKzLg+BS267ewJSt3bkAquUb27GGRwrtQkj51nhV6dt9UtrbH1S53uR4byotTAybRQWjKkBaqOVJRQCUSziXvARFIHF5EMV0PkDt6lKgssLlU44D0HTLCo5lUVQJbarXelStXy7pjpsZtVt5lAikumq75TwLp04pkDXBRO74dO008qXZ2bAp1jyiu3fmQeJyIG9A1wJTg6lGLm4ABUHrtP3RWBf/wlHVKt7vV7BDN4eIA1yZ6KU5DEXTouz/GV63W0KfiAcjoLuz2Lk7l5kuECS4nZy4zuhqIwr3Oqa0Fxgbng4pqBXEh3KaIKTrB0A5WraVuUn2ZUg3ICgJvOIIh8N+YrQ7368Gyv0w063W/3dh7tNwN/0/vQ+8jb9bre594j72vv0DvySOuX1l+tv1v/tH9q/9r+rf371HXrRhPzgbe02n/+C3L8n64=</latexit>
![Page 24: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/24.jpg)
Assertions: Actions
As with terms, agents can send and receive assertions.
Can now branch based on the derivability of assertions:
confirm and deny actions.
Can add new instances of predicates: insert action.
Internal action, specified by protocol description.
![Page 25: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/25.jpg)
Runtime Model
An A-action is a send, receive, confirm or deny by A.
Actions specified with as much pattern as possible for
terms, with variables standing for unknowns.
An A-role is a sequence of A-actions.
![Page 26: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/26.jpg)
Runtime Model (Contd.)
Each agent accumulates terms and assertions generated
and received, in a knowledge state (X; Φ).
Knowledge states used to enable actions, and possibly
updated after performing actions.
![Page 27: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/27.jpg)
Enabling & Updates
=′( )
+ ∶ (�) �, � + ∶ (�) ,
∪ {�} �′
= ∪ {�}′
= ∪ { }
; �
′
= ∪ { }′
= ∪ {[�� � ]}
− ∶ �, � − ∶ ,
�
′
= ∪ { }′
= ∪ { }
, �
′
= ∪ {[�� �]}′
= ∪ {[�� �]}
∶ � ∶ ; �
∶ � ∶ ; �<latexit sha1_base64="SQzBZJMASXS+ucZav8Pa9n+izqc=">AAAJXnicnVZtb9s2EFazxovddW3aLwP2hVjcNNkSQ06LLt0QoEY3bBmawUOXNoBlGBRF2UQkUiApxy6r/r/9hH0b0D+y01v8EjtOK8MAfXzu7uE9J57dKGBK2/a/t9a+uL1e+XKjWrvz1d2v793ffPBGiVgSekpEIOSZixUNGKenmumAnkWS4tAN6Fv3/GW6/3ZIpWKC/63HEe2GuM+ZzwjWYOptrr93XNpn3BDKNZVJzVEhDoKaIymnF0SEIeaecbCUeKy0pJoMEtNsPAFg7qexGwdYJuY9KT6wNUjp1IyT8TPtIA4TxxdCc6GpYu+oaZE0Paq79SRB2+gaZB2jI+Qo1g/x4x13dyX+V45dyN5HRHCPpVnUKpfTyMOwTBLHKak7YRxoJsWFeZqY7xNT/6HVM83kJ7TjDCkx42T3g+6ZYp3sIQcH0QBPLPU05YIgZYAwDVC6zYEPcvBZz7QS5JA4Qo4pnBwwDD2sBpBJ0xHobTzIhnQWon72OPM5Qot96wgOuI22S+hxAT2+hOop0GJCPyOnPWB5+IzJ9Bnq6V4ZOMdNYue4WRaFrpcKl1jUKQoJLHCktEDFIbqoCLBMp/1Cp1Kd0c3V2Qd1Vmty/DkS6Llj52VqTcrUWl6mxST2puq7QIfr6zqaq2s8qevnCTO8IoypF0KURYLX0WcyTD4sFAPgS6EFYHX7/SlQnL3K1/HwKB/fhMQ0bhkDfiMKDoUbtLwm81/lZdu7v2U37KcHz57byG48eX74zG6iZsPOnsvFllU87d7m2j+OJ0gcQgASYKU6TTvSXYOlZiSgED5WNMLkHPdpxxuySHEcUtU1o+z2S9Aj2PeQLyR8uUaZddrJ4FCpcegCMsR6oOb3UuOivU6s/cOuYTyKNeUkT+THAYIWSecO8pikRAdjWGAi4WImiAywxAQKMZslkkL4MGpmT2PK1yCpzeQ94a+Brgi6JuMUUTLnBlapfDVrHQV6pCUGo0d9DJHTavgU61hSZU5wFMEIOYJW2E/bIZ2KVIeY8RTW6ZqWJ1yK/qBcwRBrS1ECgECK2HkF05Xv/cL6TKvdzmuCA3p0gmF2vhIXVBKY16tj/AYVOF/mfMI4K90elX4yNC8HOEpndTCJCNNcYZ7FVJ9EBRxDwcUnOnIh4Q8EU3SIJbRZqPJjMX4xYDBkQQAKPWvb3bT5r7T61cWbg0bTbjT/Oth6cVi8BhvWt9Z31o7VtH60Xli/W23r1CLrHyvVyoPKw43/qpXq3eq9HLp2q/B5aM081W/+B8NqQj0=</latexit><latexit sha1_base64="SQzBZJMASXS+ucZav8Pa9n+izqc=">AAAJXnicnVZtb9s2EFazxovddW3aLwP2hVjcNNkSQ06LLt0QoEY3bBmawUOXNoBlGBRF2UQkUiApxy6r/r/9hH0b0D+y01v8EjtOK8MAfXzu7uE9J57dKGBK2/a/t9a+uL1e+XKjWrvz1d2v793ffPBGiVgSekpEIOSZixUNGKenmumAnkWS4tAN6Fv3/GW6/3ZIpWKC/63HEe2GuM+ZzwjWYOptrr93XNpn3BDKNZVJzVEhDoKaIymnF0SEIeaecbCUeKy0pJoMEtNsPAFg7qexGwdYJuY9KT6wNUjp1IyT8TPtIA4TxxdCc6GpYu+oaZE0Paq79SRB2+gaZB2jI+Qo1g/x4x13dyX+V45dyN5HRHCPpVnUKpfTyMOwTBLHKak7YRxoJsWFeZqY7xNT/6HVM83kJ7TjDCkx42T3g+6ZYp3sIQcH0QBPLPU05YIgZYAwDVC6zYEPcvBZz7QS5JA4Qo4pnBwwDD2sBpBJ0xHobTzIhnQWon72OPM5Qot96wgOuI22S+hxAT2+hOop0GJCPyOnPWB5+IzJ9Bnq6V4ZOMdNYue4WRaFrpcKl1jUKQoJLHCktEDFIbqoCLBMp/1Cp1Kd0c3V2Qd1Vmty/DkS6Llj52VqTcrUWl6mxST2puq7QIfr6zqaq2s8qevnCTO8IoypF0KURYLX0WcyTD4sFAPgS6EFYHX7/SlQnL3K1/HwKB/fhMQ0bhkDfiMKDoUbtLwm81/lZdu7v2U37KcHz57byG48eX74zG6iZsPOnsvFllU87d7m2j+OJ0gcQgASYKU6TTvSXYOlZiSgED5WNMLkHPdpxxuySHEcUtU1o+z2S9Aj2PeQLyR8uUaZddrJ4FCpcegCMsR6oOb3UuOivU6s/cOuYTyKNeUkT+THAYIWSecO8pikRAdjWGAi4WImiAywxAQKMZslkkL4MGpmT2PK1yCpzeQ94a+Brgi6JuMUUTLnBlapfDVrHQV6pCUGo0d9DJHTavgU61hSZU5wFMEIOYJW2E/bIZ2KVIeY8RTW6ZqWJ1yK/qBcwRBrS1ECgECK2HkF05Xv/cL6TKvdzmuCA3p0gmF2vhIXVBKY16tj/AYVOF/mfMI4K90elX4yNC8HOEpndTCJCNNcYZ7FVJ9EBRxDwcUnOnIh4Q8EU3SIJbRZqPJjMX4xYDBkQQAKPWvb3bT5r7T61cWbg0bTbjT/Oth6cVi8BhvWt9Z31o7VtH60Xli/W23r1CLrHyvVyoPKw43/qpXq3eq9HLp2q/B5aM081W/+B8NqQj0=</latexit><latexit sha1_base64="SQzBZJMASXS+ucZav8Pa9n+izqc=">AAAJXnicnVZtb9s2EFazxovddW3aLwP2hVjcNNkSQ06LLt0QoEY3bBmawUOXNoBlGBRF2UQkUiApxy6r/r/9hH0b0D+y01v8EjtOK8MAfXzu7uE9J57dKGBK2/a/t9a+uL1e+XKjWrvz1d2v793ffPBGiVgSekpEIOSZixUNGKenmumAnkWS4tAN6Fv3/GW6/3ZIpWKC/63HEe2GuM+ZzwjWYOptrr93XNpn3BDKNZVJzVEhDoKaIymnF0SEIeaecbCUeKy0pJoMEtNsPAFg7qexGwdYJuY9KT6wNUjp1IyT8TPtIA4TxxdCc6GpYu+oaZE0Paq79SRB2+gaZB2jI+Qo1g/x4x13dyX+V45dyN5HRHCPpVnUKpfTyMOwTBLHKak7YRxoJsWFeZqY7xNT/6HVM83kJ7TjDCkx42T3g+6ZYp3sIQcH0QBPLPU05YIgZYAwDVC6zYEPcvBZz7QS5JA4Qo4pnBwwDD2sBpBJ0xHobTzIhnQWon72OPM5Qot96wgOuI22S+hxAT2+hOop0GJCPyOnPWB5+IzJ9Bnq6V4ZOMdNYue4WRaFrpcKl1jUKQoJLHCktEDFIbqoCLBMp/1Cp1Kd0c3V2Qd1Vmty/DkS6Llj52VqTcrUWl6mxST2puq7QIfr6zqaq2s8qevnCTO8IoypF0KURYLX0WcyTD4sFAPgS6EFYHX7/SlQnL3K1/HwKB/fhMQ0bhkDfiMKDoUbtLwm81/lZdu7v2U37KcHz57byG48eX74zG6iZsPOnsvFllU87d7m2j+OJ0gcQgASYKU6TTvSXYOlZiSgED5WNMLkHPdpxxuySHEcUtU1o+z2S9Aj2PeQLyR8uUaZddrJ4FCpcegCMsR6oOb3UuOivU6s/cOuYTyKNeUkT+THAYIWSecO8pikRAdjWGAi4WImiAywxAQKMZslkkL4MGpmT2PK1yCpzeQ94a+Brgi6JuMUUTLnBlapfDVrHQV6pCUGo0d9DJHTavgU61hSZU5wFMEIOYJW2E/bIZ2KVIeY8RTW6ZqWJ1yK/qBcwRBrS1ECgECK2HkF05Xv/cL6TKvdzmuCA3p0gmF2vhIXVBKY16tj/AYVOF/mfMI4K90elX4yNC8HOEpndTCJCNNcYZ7FVJ9EBRxDwcUnOnIh4Q8EU3SIJbRZqPJjMX4xYDBkQQAKPWvb3bT5r7T61cWbg0bTbjT/Oth6cVi8BhvWt9Z31o7VtH60Xli/W23r1CLrHyvVyoPKw43/qpXq3eq9HLp2q/B5aM081W/+B8NqQj0=</latexit><latexit sha1_base64="SQzBZJMASXS+ucZav8Pa9n+izqc=">AAAJXnicnVZtb9s2EFazxovddW3aLwP2hVjcNNkSQ06LLt0QoEY3bBmawUOXNoBlGBRF2UQkUiApxy6r/r/9hH0b0D+y01v8EjtOK8MAfXzu7uE9J57dKGBK2/a/t9a+uL1e+XKjWrvz1d2v793ffPBGiVgSekpEIOSZixUNGKenmumAnkWS4tAN6Fv3/GW6/3ZIpWKC/63HEe2GuM+ZzwjWYOptrr93XNpn3BDKNZVJzVEhDoKaIymnF0SEIeaecbCUeKy0pJoMEtNsPAFg7qexGwdYJuY9KT6wNUjp1IyT8TPtIA4TxxdCc6GpYu+oaZE0Paq79SRB2+gaZB2jI+Qo1g/x4x13dyX+V45dyN5HRHCPpVnUKpfTyMOwTBLHKak7YRxoJsWFeZqY7xNT/6HVM83kJ7TjDCkx42T3g+6ZYp3sIQcH0QBPLPU05YIgZYAwDVC6zYEPcvBZz7QS5JA4Qo4pnBwwDD2sBpBJ0xHobTzIhnQWon72OPM5Qot96wgOuI22S+hxAT2+hOop0GJCPyOnPWB5+IzJ9Bnq6V4ZOMdNYue4WRaFrpcKl1jUKQoJLHCktEDFIbqoCLBMp/1Cp1Kd0c3V2Qd1Vmty/DkS6Llj52VqTcrUWl6mxST2puq7QIfr6zqaq2s8qevnCTO8IoypF0KURYLX0WcyTD4sFAPgS6EFYHX7/SlQnL3K1/HwKB/fhMQ0bhkDfiMKDoUbtLwm81/lZdu7v2U37KcHz57byG48eX74zG6iZsPOnsvFllU87d7m2j+OJ0gcQgASYKU6TTvSXYOlZiSgED5WNMLkHPdpxxuySHEcUtU1o+z2S9Aj2PeQLyR8uUaZddrJ4FCpcegCMsR6oOb3UuOivU6s/cOuYTyKNeUkT+THAYIWSecO8pikRAdjWGAi4WImiAywxAQKMZslkkL4MGpmT2PK1yCpzeQ94a+Brgi6JuMUUTLnBlapfDVrHQV6pCUGo0d9DJHTavgU61hSZU5wFMEIOYJW2E/bIZ2KVIeY8RTW6ZqWJ1yK/qBcwRBrS1ECgECK2HkF05Xv/cL6TKvdzmuCA3p0gmF2vhIXVBKY16tj/AYVOF/mfMI4K90elX4yNC8HOEpndTCJCNNcYZ7FVJ9EBRxDwcUnOnIh4Q8EU3SIJbRZqPJjMX4xYDBkQQAKPWvb3bT5r7T61cWbg0bTbjT/Oth6cVi8BhvWt9Z31o7VtH60Xli/W23r1CLrHyvVyoPKw43/qpXq3eq9HLp2q/B5aM081W/+B8NqQj0=</latexit>
![Page 28: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/28.jpg)
Runtime Model (Contd.)
A protocol is just a set of roles.
Can consider various instantiations of roles — sessions.
A run is an admissible (according to enabling conditions!)
interleaving of such sessions.
One can think of a transition system with states that keep track
of agents’ knowledge and all the sessions in progress, where
enabled actions induce transitions.
![Page 29: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/29.jpg)
Example: FOO e-Voting Protocol
Proposed by Fujioka, Okamoto and Ohta in 1992. [FOO92]
Voter contacts admin, who checks voter’s id and authenticates.
Authenticated voter then sends vote anonymously to collector.
Admin should not know vote, collector should not know id.
Terms-only model ensures this via blind signatures.
FOO92: Fujioka, A.; Okamoto, T.; Ohta, K. (1992), “A Practical Secret Voting Scheme for Large Scale Elections”, Advances in Cryptology — AUSCRYPT ’92, 244–251.
![Page 30: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/30.jpg)
FOO Protocol: Terms-only
→ ∶
→ ∶
� ∶
→ ∶
V, {blind({v}r, b)}sg(V)
{blind({v}r, b)}sg(A)
{{v}r}sg(A)
list, {{v}r}sg(A)
r
unblind({blind(t, b)}sg(A), b)
={t}sg(A)
� ∶
![Page 31: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/31.jpg)
FOO Protocol: What we want
→ ∶
→ ∶
� ∶
{v}k , “V wants to vote with this encryption of a valid vote”
“V is eligible and wants to vote with the term sent earlier”
{v}k’ , “Some eligible agent was authorised by A to vote with
a valid vote, this term is a re-encryption of that same vote.”
A does not have to modify V’s term (which contains the vote)
in order to certify it!
![Page 32: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/32.jpg)
FOO Protocol: Assertions
→ ∶
→ ∶
� ∶
{ } , {∃ , ∶ { } = { } ∧ ( )}
![Page 33: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/33.jpg)
FOO Protocol: Assertions
→ ∶
→ ∶
� ∶
{ } , {∃ , ∶ { } = { } ∧ ( )}
Both x, r visible
Not visible, rA not known to anyone but V
![Page 34: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/34.jpg)
FOO Protocol: Assertions
→ ∶
→ ∶
� ∶
{ } , {∃ , ∶ { } = { } ∧ ( )}
� ( ) ∧ ( ,{ } )
∧ {∃ , ∶ { } = { } ∧ ( )}�
![Page 35: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/35.jpg)
FOO Protocol: Assertions
→ ∶
→ ∶
� ∶
{ } , {∃ , ∶ { } = { } ∧ ( )}
� ( ) ∧ ( ,{ } )
∧ {∃ , ∶ { } = { } ∧ ( )}�{ } , ,
∃ , , ∶ � � ( ) ∧ ( ,{ } )
∧ {∃ , ∶ { } = { }∧ ( )}�
∧ = �
![Page 36: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/36.jpg)
FOO Protocol: Assertions
→ ∶
→ ∶
� ∶
∶ ∃ ∶ ( , )
{ } , {∃ , ∶ { } = { } ∧ ( )}
� ( ) ∧ ( ,{ } )
∧ {∃ , ∶ { } = { } ∧ ( )}�{ } , ,
∃ , , ∶ � � ( ) ∧ ( ,{ } )
∧ {∃ , ∶ { } = { }∧ ( )}�
∧ = �
![Page 37: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/37.jpg)
FOO Protocol: Assertions
→ ∶
→ ∶
� ∶
∶ ∃ ∶ ( , )∶ ( ,{ } )
{ } , {∃ , ∶ { } = { } ∧ ( )}
� ( ) ∧ ( ,{ } )
∧ {∃ , ∶ { } = { } ∧ ( )}�{ } , ,
∃ , , ∶ � � ( ) ∧ ( ,{ } )
∧ {∃ , ∶ { } = { }∧ ( )}�
∧ = �
![Page 38: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/38.jpg)
Verification
Derivability problem: Given a finite set of terms X, a
finite set of assertions Φ, and an assertion α, is it the
case whether X; Φ ⊢α?
Insecurity problem: Given a protocol Pr and a
designated secret assertion α, is there a run of Pr at the
end of which XI, ΦI ⊢α?
![Page 39: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/39.jpg)
Derivability Problem
Proof search: Start from the desired conclusion, try to build a
proof tree using inference system.
For assertions, slightly problematic because of two reasons:
∨e: Need to check that the conclusion of the rule is derivable
from each disjunct separately; two proofs to search for!
∃i: Need to pick appropriate term as witness; unbounded
search!
![Page 40: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/40.jpg)
Derivability ProblemGet around this problem by considering down-closures.
(S;A) said to be down-closed if the following hold:
S contains all bound variables of A
If β∧γ ∈ A, then {β, γ}⊆A
If β∨γ ∈ A, then β ∈ A or γ ∈ A
If ∃x.β ∈ A, then β ∈ A
If a says β ∈ A, then β ∈ A
(T;B) down-closure of (S;A) if it is a minimal down-closed set with S ⊆T & A⊆B.
(T; B) linear in the size of (S; A).
![Page 41: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/41.jpg)
Derivability Problem
Helpful because various “left” properties hold about this system.
Left conjunction: S; A∪{β∧γ} ⊢α iff S; A∪{β, γ} ⊢α.
Left disjunction: S; A∪{β∨γ} ⊢α iff S; A∪{β} ⊢α and S; A∪{γ} ⊢α.
Left exists: S; A∪{∃x.β} ⊢α iff S∪{x}; A∪{β} ⊢α. (Caveats on S, A, β, α)
Left says: S; A∪{a says β} ⊢α iff S; A∪{β, a says β} ⊢α.
Enough to consider trim(B) = {t = u | t = u ∈ B} for a dc (T; B).
![Page 42: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/42.jpg)
Derivability ProblemS; A ⊢α iff all down-closures T; B derive α — T; B ⊢α iff T; trim(B) derives α
using the subsystem core = {ax, eq, ⊥, subst, proj, ∧i, ∨i, ∃i}.
Proofs in core have a normal form — can be decomposed into two parts:
Proofs of S; A ⊢eq µ(t)=µ(u) for each t = u ∈ E, and
A (linear in the size of α) proof of S; µ(E) ⊢α using only ∧i, ∨i, ∃i
where µ is the ‘substitution’ assigning witnesses for the quantifiers, and
E is a set of equalities that are subformulas of α.
For every down-closure’s trim, guess a down-closure, a set E, a substitution µ, and a
proof of S; µ(E) ⊢α.
![Page 43: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/43.jpg)
Derivability Problem
Problem of µ assigning unboundedly large terms for
witnesses for ∃i remains.
Adapt idea of ‘small substitutions’, as presented by
[RT03] for the terms-only system.
Key notion there: If the intruder can achieve the same
‘view’ with a smaller term, no need to use a larger term.
RT03: Rusinowitch, M.; Turuani, M.(2003), “Protocol insecurity with a finite number of sessions and composed keys is np-complete”, Theoretical Computer Science, 299(1- 3):451–475.
![Page 44: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/44.jpg)
Derivability ProblemProblem: Given µ and a set st, find a small ν such that if S; A ⊢eq µ(t) = µ(u) for t, u
∈ st, then S; A ⊢eq ν(t) = ν(u).
Choose st as the set of all subterms (of S, A and α).
Consider a minimal variable x: no other variables occur in µ(x)
Set ν(x) = µ(x) if either µ(x) ∈ st, or S; A ⊢eq µ(x) = µ(t) for t ∈ st.
Otherwise, set ν(x) to be some new random value nt where µ(x) = t.
Cascade to non-minimal variables, to preserve equations.
Can show that ν is a small substitution (polynomial in the size of st) preserving
derivability under ⊢eq.
![Page 45: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/45.jpg)
Derivability Problem
For every down-closure, need: a set of equalities E, a small
substitution µ, and a proof of S; µ(E) ⊢α).
Down-closure is linear in the size of S; A
E polynomial in the size of α (since subformulas)
µ polynomial in the size of S; A and α (since small)
A proof of S; µ(E) ⊢α linear in the size of α.
Can obtain a Π2, i.e. a coNPNP procedure.
![Page 46: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/46.jpg)
Derivability Problem
This bound is tight — the problem is Π2-complete.
Reduction from the validity problem for QBF formulas
of the form ∀p1…pm∃q1…qnψ.
Can define for each such formula S, A and α such that
S; A ⊢ α iff ∀p1…pm∃q1…qnψ is valid.
![Page 47: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/47.jpg)
Derivability Problem= { , � ≤ ≤ } ∪ { , � ≤ ≤ } ∪ { ( , ) � ≤ ≤ }
= {∃ ∶ [ = ( , ) ∧ ( = ∨ = )] � ≤ ≤
= ∃ . . . . . . � �, [⋅]
∶= = ( , )
¬ ∶= = ( , )
∶= =
¬ ∶= =
∧ ∶= ∧
∨ ∶= ∨
; � ∀�∃�<latexit sha1_base64="hunP7tPJ1naOk1jjWildVM3zkGk=">AAAHuHiclVVtb9s2EFZTb+68t6b7uC+HpR2SwTPkrOjSDAZadMCGoQEyZGkLWIJGUZTFhCIVkrKdCvqB+wMD9m92lOzUThwUIWCRfHj33PH4kI4LwY31/f/ubd3vfPJp98Fnvc+/+PKrrx9uP3pjVKkpO6VKKP0uJoYJLtmp5Vawd4VmJI8Fexufv3Lrb6dMG67kX/ayYGFOJpKnnBKLULR9/99gDCcwgqACEvE+xBGHIOcJDCEQDHjzzSGoIaBl4cxodNaHJDpbNTtrvnLVLLBsbivDJK13G+bzvduIwx4m8bJNImBz3LWBecQvMZVDGIPFfrTGN3d8uIyMgsjEUaXWoWhH3AZw29BOcT+B5pPM7kG4MX4TPCCiyIiL0oav3kfVsA5EotpxXtczhywhnEicxHwixoHCArv6V0FheAPqsL/Id5YxzeDxqhFFhjp8DNxAwlKEEuAyKanlUyYugRhIlRBqZgZtaWI24bIigk/kD3XvA1ERVbxGk4uSJPD94Wgxsg6+Vi/isD68dx3WLFhhCYRUtqrvQBbfTnaxmWW2YKFNvyn8RxyTDY5Y6/aMUADtZH8Dw02HeqmZayuN9+YISt81AMpvA38vYDK5Okmnu5NfUPfBNCEmW2qwLTXwNAVkSpUmQqAJo1VRX92OZn6Bc6S+8jAwRe6kkU30cMcf+E/3nz33wR/89PzgmT+E4cBv2tVgx1u042h7658gUbTMmbRUEGPGQ7+wYUW05VQwzL00rCD0nEzYOJnywkiSMxNW8+YRquEJricoXY0/aaFBV50qkhtzmcdomRObmetrDty0Ni5tehBWXBaldfprAqWlAKvAvWiQcM2oxZuTcEI1x3SBZkQTavHdW4tSaKVSq9n6bqq8FJZrNXNHshL3SJ5gukqEVZNTweg1N0S1Sc06Ohd2bjVBEC83QWZXjZQRW2pmqiNSFFxORnhiP7pTQzPDbE64dGbjsHqZqJjBH0waJeFYq6UBJuAsdl/juy37v/IJt2ZvfEKJYKMjYmn2Ws2YpvhP8HGO37AC57c5H3HJl25Pln46r15lpCAaxfiBEYVpiGw4zZ1SQcdcSXVHR6l0jvo2bEo0yiw37ba4nGXcMoMHwFCzvh/2UPw3pH5z8GZ/MPQHwz/3d14cLK7BA+9b7ztv1xt6P3svvN+9Y+/Uo51Rh3ZEJ+8edv/uTrq8Nd26t/D5xltrXf0/ywOvSQ==</latexit><latexit sha1_base64="hunP7tPJ1naOk1jjWildVM3zkGk=">AAAHuHiclVVtb9s2EFZTb+68t6b7uC+HpR2SwTPkrOjSDAZadMCGoQEyZGkLWIJGUZTFhCIVkrKdCvqB+wMD9m92lOzUThwUIWCRfHj33PH4kI4LwY31/f/ubd3vfPJp98Fnvc+/+PKrrx9uP3pjVKkpO6VKKP0uJoYJLtmp5Vawd4VmJI8Fexufv3Lrb6dMG67kX/ayYGFOJpKnnBKLULR9/99gDCcwgqACEvE+xBGHIOcJDCEQDHjzzSGoIaBl4cxodNaHJDpbNTtrvnLVLLBsbivDJK13G+bzvduIwx4m8bJNImBz3LWBecQvMZVDGIPFfrTGN3d8uIyMgsjEUaXWoWhH3AZw29BOcT+B5pPM7kG4MX4TPCCiyIiL0oav3kfVsA5EotpxXtczhywhnEicxHwixoHCArv6V0FheAPqsL/Id5YxzeDxqhFFhjp8DNxAwlKEEuAyKanlUyYugRhIlRBqZgZtaWI24bIigk/kD3XvA1ERVbxGk4uSJPD94Wgxsg6+Vi/isD68dx3WLFhhCYRUtqrvQBbfTnaxmWW2YKFNvyn8RxyTDY5Y6/aMUADtZH8Dw02HeqmZayuN9+YISt81AMpvA38vYDK5Okmnu5NfUPfBNCEmW2qwLTXwNAVkSpUmQqAJo1VRX92OZn6Bc6S+8jAwRe6kkU30cMcf+E/3nz33wR/89PzgmT+E4cBv2tVgx1u042h7658gUbTMmbRUEGPGQ7+wYUW05VQwzL00rCD0nEzYOJnywkiSMxNW8+YRquEJricoXY0/aaFBV50qkhtzmcdomRObmetrDty0Ni5tehBWXBaldfprAqWlAKvAvWiQcM2oxZuTcEI1x3SBZkQTavHdW4tSaKVSq9n6bqq8FJZrNXNHshL3SJ5gukqEVZNTweg1N0S1Sc06Ohd2bjVBEC83QWZXjZQRW2pmqiNSFFxORnhiP7pTQzPDbE64dGbjsHqZqJjBH0waJeFYq6UBJuAsdl/juy37v/IJt2ZvfEKJYKMjYmn2Ws2YpvhP8HGO37AC57c5H3HJl25Pln46r15lpCAaxfiBEYVpiGw4zZ1SQcdcSXVHR6l0jvo2bEo0yiw37ba4nGXcMoMHwFCzvh/2UPw3pH5z8GZ/MPQHwz/3d14cLK7BA+9b7ztv1xt6P3svvN+9Y+/Uo51Rh3ZEJ+8edv/uTrq8Nd26t/D5xltrXf0/ywOvSQ==</latexit><latexit sha1_base64="hunP7tPJ1naOk1jjWildVM3zkGk=">AAAHuHiclVVtb9s2EFZTb+68t6b7uC+HpR2SwTPkrOjSDAZadMCGoQEyZGkLWIJGUZTFhCIVkrKdCvqB+wMD9m92lOzUThwUIWCRfHj33PH4kI4LwY31/f/ubd3vfPJp98Fnvc+/+PKrrx9uP3pjVKkpO6VKKP0uJoYJLtmp5Vawd4VmJI8Fexufv3Lrb6dMG67kX/ayYGFOJpKnnBKLULR9/99gDCcwgqACEvE+xBGHIOcJDCEQDHjzzSGoIaBl4cxodNaHJDpbNTtrvnLVLLBsbivDJK13G+bzvduIwx4m8bJNImBz3LWBecQvMZVDGIPFfrTGN3d8uIyMgsjEUaXWoWhH3AZw29BOcT+B5pPM7kG4MX4TPCCiyIiL0oav3kfVsA5EotpxXtczhywhnEicxHwixoHCArv6V0FheAPqsL/Id5YxzeDxqhFFhjp8DNxAwlKEEuAyKanlUyYugRhIlRBqZgZtaWI24bIigk/kD3XvA1ERVbxGk4uSJPD94Wgxsg6+Vi/isD68dx3WLFhhCYRUtqrvQBbfTnaxmWW2YKFNvyn8RxyTDY5Y6/aMUADtZH8Dw02HeqmZayuN9+YISt81AMpvA38vYDK5Okmnu5NfUPfBNCEmW2qwLTXwNAVkSpUmQqAJo1VRX92OZn6Bc6S+8jAwRe6kkU30cMcf+E/3nz33wR/89PzgmT+E4cBv2tVgx1u042h7658gUbTMmbRUEGPGQ7+wYUW05VQwzL00rCD0nEzYOJnywkiSMxNW8+YRquEJricoXY0/aaFBV50qkhtzmcdomRObmetrDty0Ni5tehBWXBaldfprAqWlAKvAvWiQcM2oxZuTcEI1x3SBZkQTavHdW4tSaKVSq9n6bqq8FJZrNXNHshL3SJ5gukqEVZNTweg1N0S1Sc06Ohd2bjVBEC83QWZXjZQRW2pmqiNSFFxORnhiP7pTQzPDbE64dGbjsHqZqJjBH0waJeFYq6UBJuAsdl/juy37v/IJt2ZvfEKJYKMjYmn2Ws2YpvhP8HGO37AC57c5H3HJl25Pln46r15lpCAaxfiBEYVpiGw4zZ1SQcdcSXVHR6l0jvo2bEo0yiw37ba4nGXcMoMHwFCzvh/2UPw3pH5z8GZ/MPQHwz/3d14cLK7BA+9b7ztv1xt6P3svvN+9Y+/Uo51Rh3ZEJ+8edv/uTrq8Nd26t/D5xltrXf0/ywOvSQ==</latexit><latexit sha1_base64="hunP7tPJ1naOk1jjWildVM3zkGk=">AAAHuHiclVVtb9s2EFZTb+68t6b7uC+HpR2SwTPkrOjSDAZadMCGoQEyZGkLWIJGUZTFhCIVkrKdCvqB+wMD9m92lOzUThwUIWCRfHj33PH4kI4LwY31/f/ubd3vfPJp98Fnvc+/+PKrrx9uP3pjVKkpO6VKKP0uJoYJLtmp5Vawd4VmJI8Fexufv3Lrb6dMG67kX/ayYGFOJpKnnBKLULR9/99gDCcwgqACEvE+xBGHIOcJDCEQDHjzzSGoIaBl4cxodNaHJDpbNTtrvnLVLLBsbivDJK13G+bzvduIwx4m8bJNImBz3LWBecQvMZVDGIPFfrTGN3d8uIyMgsjEUaXWoWhH3AZw29BOcT+B5pPM7kG4MX4TPCCiyIiL0oav3kfVsA5EotpxXtczhywhnEicxHwixoHCArv6V0FheAPqsL/Id5YxzeDxqhFFhjp8DNxAwlKEEuAyKanlUyYugRhIlRBqZgZtaWI24bIigk/kD3XvA1ERVbxGk4uSJPD94Wgxsg6+Vi/isD68dx3WLFhhCYRUtqrvQBbfTnaxmWW2YKFNvyn8RxyTDY5Y6/aMUADtZH8Dw02HeqmZayuN9+YISt81AMpvA38vYDK5Okmnu5NfUPfBNCEmW2qwLTXwNAVkSpUmQqAJo1VRX92OZn6Bc6S+8jAwRe6kkU30cMcf+E/3nz33wR/89PzgmT+E4cBv2tVgx1u042h7658gUbTMmbRUEGPGQ7+wYUW05VQwzL00rCD0nEzYOJnywkiSMxNW8+YRquEJricoXY0/aaFBV50qkhtzmcdomRObmetrDty0Ni5tehBWXBaldfprAqWlAKvAvWiQcM2oxZuTcEI1x3SBZkQTavHdW4tSaKVSq9n6bqq8FJZrNXNHshL3SJ5gukqEVZNTweg1N0S1Sc06Ohd2bjVBEC83QWZXjZQRW2pmqiNSFFxORnhiP7pTQzPDbE64dGbjsHqZqJjBH0waJeFYq6UBJuAsdl/juy37v/IJt2ZvfEKJYKMjYmn2Ws2YpvhP8HGO37AC57c5H3HJl25Pln46r15lpCAaxfiBEYVpiGw4zZ1SQcdcSXVHR6l0jvo2bEo0yiw37ba4nGXcMoMHwFCzvh/2UPw3pH5z8GZ/MPQHwz/3d14cLK7BA+9b7ztv1xt6P3svvN+9Y+/Uo51Rh3ZEJ+8edv/uTrq8Nd26t/D5xltrXf0/ywOvSQ==</latexit>
![Page 48: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/48.jpg)
Insecurity Problem
For the derivability problem, just one substitution µ for
the witnesses for ∃i. Here, the intruder can inject terms,
so a σ for the terms in (S; A) as well as µ.
Can get small ν instead of µ as earlier. But not yet clear
how to do that for σ.
Solve the insecurity problem for finitely many sessions
and bounded substitutions.
![Page 49: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/49.jpg)
Insecurity Problem
Input: protocol Pr, bound k on the number of sessions,
bound n on the size of σ.
Σ3 algorithm: Guess a suitable σ of size ≤n, and a run with ≤k
sessions — both polynomial in input. Verifying enabledness
for actions uses Π2 algorithm for the derivability problem.
Tight bound: similar reduction as earlier from validity of
QBF formulas of the form ∃r1…rl∀p1…pm∃q1…qnψ.
![Page 50: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/50.jpg)
Future Work
Procedure to obtain a small equivalent for the σ in the
insecurity problem; remove that parameter from input.
Implementation and tool support.
Derivability problem in the presence of non-trivial
equational theories.
![Page 51: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/51.jpg)
Conclusion
Presented an abstract model for security protocols
involving certification.
Extended the Dolev-Yao model with assertions, and
modelled the FOO e-voting protocol in this system.
Provided algorithms and complexity results for the
verification problems of interest.
![Page 52: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/52.jpg)
References
Existential Assertions for Voting Protocols
R Ramanujam, Vaishnavi Sundararajan and S P Suresh
Proc. FC 2017 Workshops (Voting '17), Springer LNCS vol. 10323, 337–352.
The complexity of disjunction in intuitionistic logic
R Ramanujam, Vaishnavi Sundararajan and S P Suresh
Proc. LFCS 2016, Springer LNCS vol. 9537, 349–363.
Extending Dolev-Yao with assertions
R Ramanujam, Vaishnavi Sundararajan and S P Suresh
Proc. ICISS 2014, Springer LNCS vol. 8880, 50–68.
![Page 53: A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... · 2018-09-20 · A position p is ‘abstratable’ inside a term t if we can replace the](https://reader034.vdocuments.net/reader034/viewer/2022042109/5e89468ee61e0e7fd33441e9/html5/thumbnails/53.jpg)
Thank you!