Epistemic Logic for the Applied Pi Calculus

  • Rohit Chadha
  • Stéphanie Delaune
  • Steve Kremer
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5522)


We propose an epistemic logic for the applied pi calculus, which is a variant of the pi calculus with extensions for modeling cryptographic protocols. In such a calculus, the security guarantees are usually stated as equivalences. While process calculi provide a natural means to describe the protocols themselves, epistemic logics are often better suited for expressing certain security properties such as secrecy and anonymity.

We intend to bridge the gap between these two approaches: using the set of traces generated by a process as models, we define a logic which has constructs for reasoning about both intruder’s epistemic knowledge and the set of messages in possession of the intruder. As an example we consider two formalizations of privacy in electronic voting and study the relationship between them.


  1. 1.
    Abadi, M., Cortier, V.: Deciding knowledge in security protocols under equational theories. Theoretical Computer Science 387(1-2), 2–32 (2006)CrossRefMATHGoogle Scholar
  2. 2.
    Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: Proc. 28th Symposium on Principles of Programming Languages, pp. 104–115 (2001)Google Scholar
  3. 3.
    Backes, M., Maffei, M., Unruh, D.: Zero-knowledge in the applied pi-calculus and automated verification of the direct anonymous attestation protocol. In: Proc. 29th IEEE Symposium on Security and Privacy (2008)Google Scholar
  4. 4.
    Baskar, A., Ramanujam, R., Suresh, S.P.: Knowledge-based modelling of voting protocols. In: Proc. 11th Conference on Theoretical Aspects of Rationality and Knowledge, pp. 62–71 (2007)Google Scholar
  5. 5.
    Blanchet, B.: An Efficient Cryptographic Protocol Verifier Based on Prolog Rules. In: Proc. 14th Computer Security Foundations Workshop, pp. 82–96 (2001)Google Scholar
  6. 6.
    Blanchet, B.: From Secrecy to Authenticity in Security Protocols. In: 9th International Static Analysis Symposium, pp. 342–359 (2002)Google Scholar
  7. 7.
    Borgström, J., Kramer, S., Nestmann, U.: Calculus of Cryptographic Communication. In: Proc. Workshop on Foundations of Computer Security and Automated Reasoning for Security Protocol Analysis (2006)Google Scholar
  8. 8.
    Burrows, M., Abadi, M., Needham, R.M.: A logic of authentication. ACM Trans. Comput. Syst. 8(1), 18–36 (1990)CrossRefMATHGoogle Scholar
  9. 9.
    Chadha, R., Delaune, S., Kremer, S.: Epistemic logic for the applied pi-calculus. Research Report LSV-09-06, Laboratoire Spécification et Vérification, ENS Cachan, France (March 2009)Google Scholar
  10. 10.
    Chadha, R., Kremer, S., Scedrov, A.: Formal analysis of multi-party contract signing. Journal of Automated Reasoning 36(1-2), 39–83 (2006)CrossRefMATHGoogle Scholar
  11. 11.
    Cohen, M., Dam, M.: A complete axiomatization of knowledge and cryptography. In: Proc. 22nd IEEE Symposium on Logic in Computer Science, pp. 77–88 (2007)Google Scholar
  12. 12.
    Corin, R., Saptawijaya, A., Etalle, S.: PS-LTL for constraint-based security protocol analysis. In: Proc. 21st International Conference on Logic Programming, pp. 439–440 (2005)Google Scholar
  13. 13.
    Dechesne, F., Mousavi, M.R., Orzan, S.: Operational and epistemic approaches to protocol analysis: Bridging the gap. In: Proc. 14th International Conference on Logic for Programming, Artificial Intelligence, and Reasoning, pp. 226–241 (2007)Google Scholar
  14. 14.
    Delaune, S., Kremer, S., Ryan, M.D.: Verifying privacy-type properties of electronic voting protocols. Journal of Computer Security (2009) (to appear)Google Scholar
  15. 15.
    Fagin, R., Halpern, J.Y., Moses, Y., Vardi, M.Y.: Reasoning About Knowledge. MIT Press, Cambridge (1995)MATHGoogle Scholar
  16. 16.
    Halpern, J.Y., O’Neill, K.R.: Anonymity and information hiding in multiagent systems. Journal of Computer Security 13(3), 483–512 (2005)CrossRefGoogle Scholar
  17. 17.
    Hughes, D., Shmatikov, V.: Information hiding, anonymity and privacy: a modular approach. Journal of Computer Security 12(1), 3–36 (2004)CrossRefGoogle Scholar
  18. 18.
    Hüttel, H., Pedersen, M.D.: A logical characterisation of static equivalence. Electr. Notes Theor. Comput. Sci. 173, 139–157 (2007)CrossRefMATHGoogle Scholar
  19. 19.
    Jonker, H., Pieters, W.: Receipt-freeness as a special case of anonymity in epistemic logic. In: Proc. IAVoSS Workshop On Trustworthy Elections (2006)Google Scholar
  20. 20.
    van Eijck, J., Orzan, S.: Epistemic verification of anonymity. Electr. Notes Theor. Comput. Sci. 168, 159–174 (2007)CrossRefGoogle Scholar
  21. 21.
    Woo, T.Y.C., Lam, S.S.: A semantic model for authentication protocols. In: Proc. 14th IEEE Symposium on Security and Privacy (1993)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2009

Authors and Affiliations

  • Rohit Chadha
    • 1
  • Stéphanie Delaune
    • 2
  • Steve Kremer
    • 2
  1. 1.University of Illinois at Urbana-ChampaignUSA
  2. 2.LSV, ENS Cachan & CNRS & INRIA SaclayFrance

Personalised recommendations