Advertisement

Types for Secure Pattern Matching with Local Knowledge in Universal Concurrent Constraint Programming

  • Thomas Hildebrandt
  • Hugo A. López
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5649)

Abstract

The fundamental primitives of Concurrent Constraint Programming (CCP), \({\mathit{tell}}\) and \({\mathit {ask}}\), respectively adds knowledge to and infers knowledge from a shared constraint store. These features, and the elegant use of the constraint system to represent the abilities of attackers, make concurrent constraint programming and timed CCP (tcc) interesting candidates for modeling and reasoning about security protocols. However, they lack primitives for the communication of secrets (or local names as in the π-calculus) between agents. The recently proposed \({\mathit{universal}} {\mathtt{tcc}}\) (utcc) introduces a universally quantified ask operation that makes it possible to infer knowledge which is local to other agents. However, it allows agents to guess knowledge even if it is encrypted or communicated on secret channels, simply by quantifying over both the encryption key (or channel) and the message simultaneously. We present a secure utcc (utcc s ) based on: (i) a simple type system for constraints allowing to distinguish between restricted (secure) and non-restricted (universally quantifiable) variables in constraints, and (ii) a generalization of the universally quantified ask operation to allow the assumption of local knowledge. We illustrate the use of the utcc s calculus with examples on communication of local names (as in the π-calculus) and for giving semantics to secure pattern matching in a prototypical security language.

Keywords

Concurrent Constraint Programming Process Calculi Type systems Mobility Security 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: POPL 2001 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pp. 104–115. ACM Press, New York (2001)Google Scholar
  2. 2.
    Abadi, M., Gordon, A.D.: A Calculus for Cryptographic Protocols: The SPi Calculus. Inf. Comput. 148(1), 1–70 (1999)MathSciNetCrossRefzbMATHGoogle Scholar
  3. 3.
    Blanchet, B.: An Efficient Cryptographic Protocol Verifier Based on Prolog Rules. In: 14th IEEE Computer Security Foundations Workshop (CSFW-14), Cape Breton, Nova Scotia, Canada, June 2001, pp. 82–96. IEEE Computer Society, Los Alamitos (2001)Google Scholar
  4. 4.
    Buchholtz, M., Riis Nielson, H., Nielson, F.: A calculus for control flow analysis of security protocols. International Journal of Information Security 2(3), 145–167 (2004)CrossRefzbMATHGoogle Scholar
  5. 5.
    Corin, R., Etalle, S.: An improved constraint-based system for the verification of security protocols. In: Hermenegildo, M.V., Puebla, G. (eds.) SAS 2002. LNCS, vol. 2477, pp. 326–341. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  6. 6.
    Crazzolara, F., Winskel, G.: Events in security protocols. In: ACM Conference on Computer and Communications Security, pp. 96–105 (2001)Google Scholar
  7. 7.
    Dolev, D., Yao, A.C.: On the security of public key protocols. Technical report, Dept. of Computer Science, Stanford University, Stanford, CA, USA (1981)Google Scholar
  8. 8.
    Fiore, M., Abadi, M.: Computing symbolic models for verifying cryptographic protocols. In: Proc. 14th IEEE Computer Security Foundations Workshop, pp. 160–173 (2001)Google Scholar
  9. 9.
    López, H.A., Pérez, J.A., Palamidessi, C., Rueda, C., Valencia, F.D.: A declarative framework for security: Secure concurrent constraint programming. In: Etalle, S., Truszczyński, M. (eds.) ICLP 2006. LNCS, vol. 4079, pp. 449–450. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  10. 10.
    Lowe, G.: An attack on the needham-schroeder public-key authentication protocol. Inf. Process. Lett. 56(3), 131–133 (1995)CrossRefzbMATHGoogle Scholar
  11. 11.
    Miller, D.: Encryption as an abstract data type: An Extended Abstract. In: Foundations of Computer Security (FCS). Electronic Notes in Theoretical Computer Science, vol. 84, pp. 3–15. Springer, Heidelberg (2003)Google Scholar
  12. 12.
    Milner, R., Parrow, J., Walker, D.: A calculus of mobile processes, parts I and II. Journal of Information and Computation 100, 1–77 (1992)CrossRefzbMATHGoogle Scholar
  13. 13.
    Olarte, C.A., Valencia, F.D.: The expressivity of universal timed ccp. In: 10th International ACM SIGPLAN Symposium on Principles and Practice of Declarative Programming, Valencia, Spain, July 2008. ACM Press, New York (2008)Google Scholar
  14. 14.
    Olarte, C.A., Valencia, F.D.: Universal concurrent constraint programming: Symbolic semantics and applications to security. In: 23rd Annual ACM Symposium on Applied Computing (2008)Google Scholar
  15. 15.
    Palamidessi, C., Saraswat, V., Valencia, F., Victor, B.: On the Expressiveness of Linearity vs Persistence in the Asychronous Pi-Calculus. In: Proceedings of the 21st Annual IEEE Symposium on Logic in Computer Science, pp. 59–68. IEEE Computer Society, Washington (2006)Google Scholar
  16. 16.
    Saraswat, V., Jagadeesan, R., Gupta, V.: Foundations of timed concurrent constraint programming. In: Proceedings, Symposium on Logic in Computer Science, 1994. LICS 1994, pp. 71–80 (1994)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Thomas Hildebrandt
    • 1
  • Hugo A. López
    • 1
  1. 1.Programming, Logic and Semantics GroupIT University of CopenhagenCopenhagen SDenmark

Personalised recommendations