Skip to main content
SpringerLink
Log in

Representing the MSR cryptoprotocol specification language in an extension of rewriting logic with dependent types

  • Published:
Higher-Order and Symbolic Computation

Abstract

This paper presents a shallow and efficient embedding of the security protocol specification language MSR into an extension of rewriting logic with dependent types. The latter is an instance of the open calculus of constructions which integrates key concepts from equational logic, rewriting logic, and type theory. MSR is based on a form of first-order multiset rewriting extended with existential name generation and a flexible type infrastructure centered on dependent types with subsorting. The encoding presented in this paper has served as the basis for the implementation of an MSR specification and analysis environment using the first-order rewriting engine Maude.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Abadi, M., Blanchet, B.: Analyzing security protocols with secrecy types and logic programs. J. ACM 52(1), 102–146 (2005)

    Article  MathSciNet  Google Scholar 

  2. Abadi, M., Gordon, A.: A calculus for cryptographic protocols: The spi calculus. Inf. Comput. 148(1), 1–70 (1999)

    Article  MathSciNet  Google Scholar 

  3. Barendregt, H.P.: Lambda-calculi with types. In: Abramsky, S., Gabbay, D.M., Maibaum, T.S.E. (eds.) Background: Computational Structures, vol. 2 Handbook of Logic in Computer Science. Claredon Press, Oxford (1992)

  4. Berry, G., Boudol, G.: The chemical abstract machine. Theor. Comp. Sci. 96(1), 217–248 (1992)

    Article  MathSciNet  Google Scholar 

  5. Blanchet, B.: An efficient cryptographic protocol verifier based on Prolog rules. In: 14th IEEE Computer Security Foundations Workshop, pp. 82–96. IEEE Computer Society (2001)

  6. Blanchet, B.: ProVerif Automatic Cryptographic Protocol Verifier user Manual. CNRS, Département dInformatique, École Normale Supérieure, Paris (2005)

  7. Bouhoula, A., Jouannaud, J.-P., Meseguer, J.: Specification and proof in membership equational logic. Theor. Comp. Sci. 236, 35–132 (2000)

    Article  MATH  MathSciNet  Google Scholar 

  8. Brackin, S., Meadows, C., Millen, J.: CAPSL interface for the NRL protocol analyzer. In: 2nd IEEE Workshop on Application-Specific Software Engineering and Technology (ASSET ’99). IEEE Computer Society (1999)

  9. Butler, F., Cervesato, I., Jaggard, A.D., Scedrov, A.: A formal analysis of some properties of kerberos 5 using MSR. In: Fifteenth Computer Security Foundations Workshop, pp. 175–190. IEEE Computer Society Press (2002)

  10. Cervesato, I.: A specification language for crypto-protocols based on multiset rewriting, dependent types and subsorting. In: Workshop on Specification, Analysis and Validation for Emerging Technologies, pp. 1–22 (2001)

  11. Cervesato, I.: Typed MSR: Syntax and examples. In: 1st International Workshop on Mathematical Methods, Models and Architectures for Computer Networks Security, pp. 159–177. Springer-Verlag LNCS 2052 (2001)

  12. Cervesato, I.: Data access specification and the most powerful symbolic attacker in MSR. In: Software Security, Theories and Systems, volume 2609 of Lecture Notes in Computer Science, pp. 384–416. Springer-Verlag (2003)

  13. Cervesato, I.: MSR: Language definition and programming environment Nov. (2003). Draft available from http://theory.stanford.edu/ iliano/MSR/

  14. Cervesato, I., Durgin, N., Lincoln, P., Mitchell, J., Scedrov, A.: Relating strands and multiset rewriting for security protocol analysis. In: 13th IEEE Computer Security Foundations Workshop. IEEE Computer Society (2000)

  15. Cervesato, I., Durgin, N., Lincoln, P.D., Mitchell, J.C., Scedrov, A.: A meta-notation for protocol analysis. In: 12th Computer Security Foundations Workshop, pp. 55–69. IEEE Computer Society Press (1999)

  16. Cervesato, I.: The logical meeting point of multiset rewriting and process algebra: Progress report. Technical Memo CHACS-5540-153, Center for High Assurance Computer Systems, Naval Research Laboratory, Washington, DC (Sep. 2004)

  17. Clavel, M., Durán, F., Eker, S., Lincoln, P., Martí-Oliet, N., Meseguer, J., Quesada, J.F.: Maude: Specification and programming in rewriting logic. Theor. Comp. Sci. 285(2), 187–243 (2002)

    Article  Google Scholar 

  18. Denker, G.: Design of a CIL connector to Maude. In: Veith, H., Heintze, N., Clarke, E. (eds.) Workshop on Formal Methods and Computer Security (2000)

  19. Denker, G., Millen, J.K.: CAPSL intermediate language. In: Heintze, N., Clarke, E. (eds.) Proceedings of the Workshop on Formal Methods and Security Protocols—FMSP, Trento, Italy (1999)

  20. Escobar, S., Meadows, C., Meseguer J.: A rewriting-based inference system for the NRL Protocol Analyzer: Grammar generation. In: Küsters, R., Mitchell, J. (eds.) Proceedings of the 2005 ACM Workshop on Formal Methods in Security Engineering—FMSE 2005. Alexandria, VA, ACM. To appear (Nov. 2005)

  21. Holzmann, G.J.: The Spin Model Checker—Primer and Reference Manual. Addison-Wesley (2003)

  22. Lowe, G.: Breaking and fixing the needham-schroeder public-key protocol using FDR. In: Proceedings of TACAS, vol. 1055 of Lecture Notes in Computer Science, pp. 147–166. Springer-Verlag (1996)

  23. Meadows, C.: The NRL protocol analyzer: an overview. J. Logic Progr. 26(2), 113–131 (1996)

    Article  Google Scholar 

  24. Meseguer, J.: Conditional rewriting logic as a unified model of concurrency. Theor. Comp. Sci. 96, 73–155 (1992)

    Article  MATH  MathSciNet  Google Scholar 

  25. Millen, J.: A CAPSL connector to Athena. In: Veith, H., Heintze, N., Clarke, E. (eds.) Workshop of Formal Methods and Computer Security (2000)

  26. Millen, J., Denker, G.: CAPSL and MuCAPSL. J. Telecommun. Info. Technol. (4), 16–27 (2002)

  27. Millen, J., Shmatikov, V.: Constraint solving for bounded-process cryptographic protocol analysis. In: 8th ACM Conference on Computer and Communication Security, pp. 166–175. ACM SIGSAC (2001)

  28. Milner, R.: Communicating and Mobile Systems: The Pi-Calculus. Cambridge University Press (1999)

  29. Mitchell, J.C., Mitchell, M., Stern, U.: Automated analysis of cryptographic protocols using murφ. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 141–153. IEEE Computer Society Press (1997)

  30. Otway, D., Rees, O.: Efficient and timely mutual authentication. Oper. Sys. Rew. 21(1), 8–10 (1987)

    Article  Google Scholar 

  31. Paulson, L.: The inductive approach to verifying cryptographic protocols. J. Comp. Security 6(1), 85–128 (1998)

    Google Scholar 

  32. Reich, S.: Implementing and Extending the MSR Crypto-Protocol Specification Language. Diplomarbeit. Universität Hamburg, Fachbereich Informatik (April 2006)

  33. Stehr, M.-O.: CINNI—A generic calculus of explicit substitutions and its application to λ-, σ- and π-calculi. In: Futatsugi, K. (ed.) 3rd International Workshop on Rewriting Logic and its Applications, vol. 36 of ENTCS, pp. 71–92. Elsevier (2000) http//www.elsevier.nl/locate/entcs/volume36.html

  34. Stehr, M.-O.: Programming, Specification, and Interactive Theorem Proving—Towards a Unified Language based on Equational Logic, Rewriting Logic, and Type Theory. Doctoral Thesis, Universität Hamburg, Fachbereich Informatik, Germany (2002), http://www.sub.uni-hamburg.de/disse/810/

  35. Stehr, M.-O.: The open calculus of constructions (part i): An equational type theory with dependent types for programming, specification, and interactive theorem proving. Fundamenta Informaticae 68(1–2), 131–174 (2005)

    MATH  Google Scholar 

  36. Stehr, M.-O.: The open calculus of constructions (part ii): An equational type theory with dependent types for programming, specification, and interactive theorem proving. Fundamenta Informaticae 68(3), 249–288 (2005)

    Google Scholar 

  37. Stehr, M.-O., Meseguer, J.: Pure type systems in rewriting logic. In: From Object-Orientation to Formal Methods: Essays in Memory of Ole-Johan Dahl, vol. 2635 of LNCS. Springer-Varlag (2004)

  38. Thayer, J., Herzog, J., Guttman, J.: Strand spaces: Why is a security protocol correct? In: 1998 IEEE Symposium on Security and Privacy, pp. 160–171. IEEE Computer Society (1998)

  39. Watkins, K., Cervesato, I., Pfenning, F., Walker, D.: A concurrent logical framework I: Judgments and properties. Technical Report CMU-CS-02-101, Department of Computer Science, Carnegie Mellon University (2003)

Download references

Author information

Authors and Affiliations

  1. Carnegie Mellon University, Qatar Campus, P.O. Box 42866, Doha, Qatar

    Iliano Cervesato

  2. Computer Science Laboratory, SRI International, 333 Ravenswood Avenue, Menlo Park, CA, 94025, USA

    Mark-Oliver Stehr

Authors
  1. Iliano Cervesato
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mark-Oliver Stehr
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Iliano Cervesato.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Cervesato, I., Stehr, MO. Representing the MSR cryptoprotocol specification language in an extension of rewriting logic with dependent types. Higher-Order Symb Comput 20, 3–35 (2007). https://doi.org/10.1007/s10990-007-9003-3

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10990-007-9003-3

Keywords

Search

Navigation