Reducing Equational Theories for the Decision of Static Equivalence

  • Steve Kremer
  • Antoine Mercier
  • Ralf Treinen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5913)


Static equivalence is a well established notion of indistinguishability of sequences of terms which is useful in the symbolic analysis of cryptographic protocols. Static equivalence modulo equational theories allows a more accurate representation of cryptographic primitives by modelling properties of operators by equational axioms. We develop a method that allows in some cases to simplify the task of deciding static equivalence in a multi-sorted setting, by removing a symbol from the term signature and reducing the problem to several simpler equational theories. We illustrate our technique at hand of bilinear pairings.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abadi, M., Blanchet, B., Fournet, C.: Verification of selected equivalences for security protocols. Journal of Logic and Algebraic Programming 75(1), 3–51 (2008)MATHCrossRefMathSciNetGoogle Scholar
  2. 2.
    Abadi, M., Cortier, V.: Deciding knowledge in security protocols under equational theories. Theoretical Computer Science 367(1), 2–32 (2006)MATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: Proceedings of the 28th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages(POPL 2001), pp. 104–115. ACM Press, New York (2001)CrossRefGoogle Scholar
  4. 4.
    Arnaud, M., Cortier, V., Delaune, S.: Combining algorithms for deciding knowledge in security protocols. In: Konev, B., Wolter, F. (eds.) FroCos 2007. LNCS (LNAI), vol. 4720, pp. 103–117. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  5. 5.
    Baudet, M.: Deciding security of protocols against off-line guessing attacks. In: Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS 2005), pp. 16–25. ACM Press, New York (2005)CrossRefGoogle Scholar
  6. 6.
    Baudet, M., Cortier, V., Kremer, S.: Computationally sound implementations of equational theories against passive adversaries. Information and Computation 207(4), 496–520 (2009)MATHCrossRefMathSciNetGoogle Scholar
  7. 7.
    Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Common, H.: Inductionless induction. In: Handbook of Automated Reasoning, Elsevier, Amsterdam (2001)Google Scholar
  9. 9.
    Ricardo, C., Jeroen, D., Sandro, E.: Analysing password protocol security against off-line dictionary attacks. In: Proceedings of the 2nd International Workshop on Security Issues with Petri Nets and other Computational Models (WISP 2004). ENTCS, vol. 121, pp. 47–63. Elsevier, Amsterdam (2004)Google Scholar
  10. 10.
    Cortier, V., Delaune, S., Lafourcade, P.: A survey of algebraic properties used in cryptographic protocols. Journal of Computer Security 14(1), 1–43 (2006)Google Scholar
  11. 11.
    Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Transactions on Information Theory 29(2), 198–208 (1983)MATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    Joux, A.: A one round protocol for tripartite Diffie-Hellman. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, pp. 385–394. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  13. 13.
    Kremer, S., Mazaré, L.: Adaptive soundness of static equivalence. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 610–625. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  14. 14.
    Kremer, S., Mazaré, L.: Computationally sound analysis of protocols using bilinear pairings. Journal of Computer Security (to appear, 2009)Google Scholar
  15. 15.
    Kremer, S., Mercier, A., Treinen, R.: Reducing equational theories for the decision of static equivalence. Research Report LSV-09-19, LSV, ENS Cachan, France (May 2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Steve Kremer
    • 1
  • Antoine Mercier
    • 1
  • Ralf Treinen
    • 2
  1. 1.LSVENS Cachan, CNRS, INRIAFrance
  2. 2.PPSUniversité Paris Diderot, CNRSFrance

Personalised recommendations