Abstract
This paper presents a shallow and efficient embedding of the security protocol specification language MSR into an extension of rewriting logic with dependent types. The latter is an instance of the open calculus of constructions which integrates key concepts from equational logic, rewriting logic, and type theory. MSR is based on a form of first-order multiset rewriting extended with existential name generation and a flexible type infrastructure centered on dependent types with subsorting. The encoding presented in this paper has served as the basis for the implementation of an MSR specification and analysis environment using the first-order rewriting engine Maude.
Similar content being viewed by others
References
Abadi, M., Blanchet, B.: Analyzing security protocols with secrecy types and logic programs. J. ACM 52(1), 102–146 (2005)
Abadi, M., Gordon, A.: A calculus for cryptographic protocols: The spi calculus. Inf. Comput. 148(1), 1–70 (1999)
Barendregt, H.P.: Lambda-calculi with types. In: Abramsky, S., Gabbay, D.M., Maibaum, T.S.E. (eds.) Background: Computational Structures, vol. 2 Handbook of Logic in Computer Science. Claredon Press, Oxford (1992)
Berry, G., Boudol, G.: The chemical abstract machine. Theor. Comp. Sci. 96(1), 217–248 (1992)
Blanchet, B.: An efficient cryptographic protocol verifier based on Prolog rules. In: 14th IEEE Computer Security Foundations Workshop, pp. 82–96. IEEE Computer Society (2001)
Blanchet, B.: ProVerif Automatic Cryptographic Protocol Verifier user Manual. CNRS, Département dInformatique, École Normale Supérieure, Paris (2005)
Bouhoula, A., Jouannaud, J.-P., Meseguer, J.: Specification and proof in membership equational logic. Theor. Comp. Sci. 236, 35–132 (2000)
Brackin, S., Meadows, C., Millen, J.: CAPSL interface for the NRL protocol analyzer. In: 2nd IEEE Workshop on Application-Specific Software Engineering and Technology (ASSET ’99). IEEE Computer Society (1999)
Butler, F., Cervesato, I., Jaggard, A.D., Scedrov, A.: A formal analysis of some properties of kerberos 5 using MSR. In: Fifteenth Computer Security Foundations Workshop, pp. 175–190. IEEE Computer Society Press (2002)
Cervesato, I.: A specification language for crypto-protocols based on multiset rewriting, dependent types and subsorting. In: Workshop on Specification, Analysis and Validation for Emerging Technologies, pp. 1–22 (2001)
Cervesato, I.: Typed MSR: Syntax and examples. In: 1st International Workshop on Mathematical Methods, Models and Architectures for Computer Networks Security, pp. 159–177. Springer-Verlag LNCS 2052 (2001)
Cervesato, I.: Data access specification and the most powerful symbolic attacker in MSR. In: Software Security, Theories and Systems, volume 2609 of Lecture Notes in Computer Science, pp. 384–416. Springer-Verlag (2003)
Cervesato, I.: MSR: Language definition and programming environment Nov. (2003). Draft available from http://theory.stanford.edu/ iliano/MSR/
Cervesato, I., Durgin, N., Lincoln, P., Mitchell, J., Scedrov, A.: Relating strands and multiset rewriting for security protocol analysis. In: 13th IEEE Computer Security Foundations Workshop. IEEE Computer Society (2000)
Cervesato, I., Durgin, N., Lincoln, P.D., Mitchell, J.C., Scedrov, A.: A meta-notation for protocol analysis. In: 12th Computer Security Foundations Workshop, pp. 55–69. IEEE Computer Society Press (1999)
Cervesato, I.: The logical meeting point of multiset rewriting and process algebra: Progress report. Technical Memo CHACS-5540-153, Center for High Assurance Computer Systems, Naval Research Laboratory, Washington, DC (Sep. 2004)
Clavel, M., Durán, F., Eker, S., Lincoln, P., Martí-Oliet, N., Meseguer, J., Quesada, J.F.: Maude: Specification and programming in rewriting logic. Theor. Comp. Sci. 285(2), 187–243 (2002)
Denker, G.: Design of a CIL connector to Maude. In: Veith, H., Heintze, N., Clarke, E. (eds.) Workshop on Formal Methods and Computer Security (2000)
Denker, G., Millen, J.K.: CAPSL intermediate language. In: Heintze, N., Clarke, E. (eds.) Proceedings of the Workshop on Formal Methods and Security Protocols—FMSP, Trento, Italy (1999)
Escobar, S., Meadows, C., Meseguer J.: A rewriting-based inference system for the NRL Protocol Analyzer: Grammar generation. In: Küsters, R., Mitchell, J. (eds.) Proceedings of the 2005 ACM Workshop on Formal Methods in Security Engineering—FMSE 2005. Alexandria, VA, ACM. To appear (Nov. 2005)
Holzmann, G.J.: The Spin Model Checker—Primer and Reference Manual. Addison-Wesley (2003)
Lowe, G.: Breaking and fixing the needham-schroeder public-key protocol using FDR. In: Proceedings of TACAS, vol. 1055 of Lecture Notes in Computer Science, pp. 147–166. Springer-Verlag (1996)
Meadows, C.: The NRL protocol analyzer: an overview. J. Logic Progr. 26(2), 113–131 (1996)
Meseguer, J.: Conditional rewriting logic as a unified model of concurrency. Theor. Comp. Sci. 96, 73–155 (1992)
Millen, J.: A CAPSL connector to Athena. In: Veith, H., Heintze, N., Clarke, E. (eds.) Workshop of Formal Methods and Computer Security (2000)
Millen, J., Denker, G.: CAPSL and MuCAPSL. J. Telecommun. Info. Technol. (4), 16–27 (2002)
Millen, J., Shmatikov, V.: Constraint solving for bounded-process cryptographic protocol analysis. In: 8th ACM Conference on Computer and Communication Security, pp. 166–175. ACM SIGSAC (2001)
Milner, R.: Communicating and Mobile Systems: The Pi-Calculus. Cambridge University Press (1999)
Mitchell, J.C., Mitchell, M., Stern, U.: Automated analysis of cryptographic protocols using murφ. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 141–153. IEEE Computer Society Press (1997)
Otway, D., Rees, O.: Efficient and timely mutual authentication. Oper. Sys. Rew. 21(1), 8–10 (1987)
Paulson, L.: The inductive approach to verifying cryptographic protocols. J. Comp. Security 6(1), 85–128 (1998)
Reich, S.: Implementing and Extending the MSR Crypto-Protocol Specification Language. Diplomarbeit. Universität Hamburg, Fachbereich Informatik (April 2006)
Stehr, M.-O.: CINNI—A generic calculus of explicit substitutions and its application to λ-, σ- and π-calculi. In: Futatsugi, K. (ed.) 3rd International Workshop on Rewriting Logic and its Applications, vol. 36 of ENTCS, pp. 71–92. Elsevier (2000) http//www.elsevier.nl/locate/entcs/volume36.html
Stehr, M.-O.: Programming, Specification, and Interactive Theorem Proving—Towards a Unified Language based on Equational Logic, Rewriting Logic, and Type Theory. Doctoral Thesis, Universität Hamburg, Fachbereich Informatik, Germany (2002), http://www.sub.uni-hamburg.de/disse/810/
Stehr, M.-O.: The open calculus of constructions (part i): An equational type theory with dependent types for programming, specification, and interactive theorem proving. Fundamenta Informaticae 68(1–2), 131–174 (2005)
Stehr, M.-O.: The open calculus of constructions (part ii): An equational type theory with dependent types for programming, specification, and interactive theorem proving. Fundamenta Informaticae 68(3), 249–288 (2005)
Stehr, M.-O., Meseguer, J.: Pure type systems in rewriting logic. In: From Object-Orientation to Formal Methods: Essays in Memory of Ole-Johan Dahl, vol. 2635 of LNCS. Springer-Varlag (2004)
Thayer, J., Herzog, J., Guttman, J.: Strand spaces: Why is a security protocol correct? In: 1998 IEEE Symposium on Security and Privacy, pp. 160–171. IEEE Computer Society (1998)
Watkins, K., Cervesato, I., Pfenning, F., Walker, D.: A concurrent logical framework I: Judgments and properties. Technical Report CMU-CS-02-101, Department of Computer Science, Carnegie Mellon University (2003)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Cervesato, I., Stehr, MO. Representing the MSR cryptoprotocol specification language in an extension of rewriting logic with dependent types. Higher-Order Symb Comput 20, 3–35 (2007). https://doi.org/10.1007/s10990-007-9003-3
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10990-007-9003-3