On Bisimulations for the Spi Calculus*

  • Johannes Borgström
  • Uwe Nestmann
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2422)


The spi calculus is an extension of the pi calculus with cryptographic primitives, designed for the verification of cryptographic protocols. Due to the extension, the naive adaptation of labeled bisimulations for the pi calculus is too strong to be useful for the purpose of verification. Instead, as a viable alternative, several “environment-sensitive” bisimulations have been proposed. In this paper we formally study the differences between these bisimulations.


Operational Semantic Label Transition System Cryptographic Protocol Encrypt Message Process Pair 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [AG98]
    M. Abadi and A. D. Gordon. A Bisimulation Method for Cryptographic Protocols. Nordic Journal of Computing, 5(4):267–303, 1998.zbMATHMathSciNetGoogle Scholar
  2. [AG99]
    M. Abadi and A. D. Gordon. A Calculus for Cryptographic Protocols: The Spi Calculus. Journal of Information and Computation, 148:1–70, 1999.zbMATHCrossRefMathSciNetGoogle Scholar
  3. [BDP99]
    M. Boreale, R. De Nicola and R. Pugliese. Proof Techniques for Cryptographic Processes. In Proceedings of LICS’ 99, pages 157–166. IEEE, Computer Society Press, 1999.Google Scholar
  4. [BDP02]
    M. Boreale, R. De Nicola and R. Pugliese. Proof Techniques for Cryptographic Processes. SIAM Journal on Computing, 2002. To appear.Google Scholar
  5. [BN02]
    J. Borgström and U. Nestmann. On Bisimulation in the Spi Calculus. Draft full version, available from, 2002.
  6. [EHHO99]
    A. S. Elkjær, M. Höhle, H. Hüttel and K. Overgård. Towards Automatic Bisimilarity Checking in the Spi Calculus. In volume 21(3) of Australian Computer Science Communications, pages 175–189. Springer, 1999.Google Scholar
  7. [FHJ01]
    U. Frendrup, H. Hüttel and J. N. Jensen. Two Notions of Bisimilarity for Cryptographic Processes., 2001.
  8. [Mil99]
    R. Milner. Communicating and Mobile Systems: the π-Calculus. Cambridge University Press, 1999.Google Scholar
  9. [MS92]
    R. Milner and D. Sangiorgi. Barbed Bisimulation. In Proceedings of ICALP’ 92, volume 623 of LNCS, pages 685–695. Springer, 1992.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Johannes Borgström
    • 1
  • Uwe Nestmann
    • 2
  1. 1.KTHSweden
  2. 2.EPFLSwitzerland

Personalised recommendations