Tracing the Man in the Middle in Monoidal Categories

  • Dusko Pavlovic
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7399)


Man-in-the-Middle (MM) is not only a ubiquitous attack pattern in security, but also an important paradigm of network computation and economics. Recognizing ongoing MM-attacks is an important security task; modeling MM-interactions is an interesting task for semantics of computation. Traced monoidal categories are a natural framework for MM-modelling, as the trace structure provides a tool to hide what happens in the middle. An effective analysis of what has been traced out seems to require an additional property of traces, called normality. We describe a modest model of network computation, based on partially ordered multisets (pomsets), where basic network interactions arise from the monoidal trace structure, and a normal trace structure arises from an iterative, i.e. coalgebraic structure over terms and messages used in computation and communication. The correspondence is established using a convenient monadic description of normally traced monoidal categories.


  1. 1.
    Abramsky, S.: Semantics of interaction: an introduction to game semantics. In: Dybjer, P., Pitts, A. (eds.) Proceedings of the 1996 CLiCS Summer School, Isaac Newton Institute, pp. 1–31. Cambridge University Press (1997)Google Scholar
  2. 2.
    Abramsky, S.: Interaction categories. In: Burn, G.L., Gay, S.J., Ryan, M. (eds.) Theory and Formal Methods, Workshops in Computing, pp. 57–69. Springer (1993)Google Scholar
  3. 3.
    Abramsky, S.: Algorithmic game semantics: A tutorial introduction. In: Schwichtenberg, H., Steinbrüggen, R. (eds.) Proceedings of the NATO Advanced Study Institute, Marktoberdorf, pp. 21–47. Kluwer Academic Publishers (2001)Google Scholar
  4. 4.
    Abramsky, S., Coecke, B.: A categorical semantics of quantum protocols. In: Proceedings of the 19th Annual IEEE Symposium on Logic in Computer Science (LICS). IEEE Computer Society (2004); Also arXiv:quant-ph/0402130Google Scholar
  5. 5.
    Abramsky, S., Jagadeesan, R.: New foundations for the geometry of interaction. Information and Computation 111(1), 53–119 (1994)MathSciNetMATHCrossRefGoogle Scholar
  6. 6.
    Aczel, P., Adamek, J., Milius, S., Velebil, J.: Infinite trees and completely iterative theories: a coalgebraic view. Theor. Comput. Sci. 300(1-3), 1–45 (2003)MathSciNetMATHCrossRefGoogle Scholar
  7. 7.
    Adamek, J.: Introduction to coalgebra. Theory and Applications of Categories 14, 157–199 (2005)MathSciNetMATHGoogle Scholar
  8. 8.
    Adamek, J., Milius, S., Velebil, J.: Free iterative theories: a coalgebraic view. Mathematical. Structures in Comp. Sci. 13(2), 259–320 (2003)MathSciNetMATHCrossRefGoogle Scholar
  9. 9.
    Alpern, B., Schneider, F.B.: Defining liveness. Information Processing Letters 21, 181–185 (1985)MathSciNetMATHCrossRefGoogle Scholar
  10. 10.
    Anlauff, M., Pavlovic, D., Waldinger, R., Westfold, S.: Proving authentication properties in the Protocol Derivation Assistant. In: Degano, P., Küsters, R., Vigano, L. (eds.) Proceedings of FCS-ARSPA 2006. ACM (2006)Google Scholar
  11. 11.
    Bloom, S.L., Elgot, C.C.: The existence and construction of free iterative theories. J. Comput. Syst. Sci. 12(3), 305–318 (1976)MathSciNetMATHCrossRefGoogle Scholar
  12. 12.
    Bloom, S.L., Esik, Z.: Iteration theories: the equational logic of iterative processes. Springer-Verlag New York, Inc., New York (1993)MATHGoogle Scholar
  13. 13.
    Cervesato, I., Meadows, C., Pavlovic, D.: An encapsulated authentication logic for reasoning about key distribution protocols. In: Guttman, J. (ed.) Proceedings of CSFW 2005, pp. 48–61. IEEE (2005)Google Scholar
  14. 14.
    Datta, A., Derek, A., Mitchell, J., Pavlovic, D.: Secure protocol composition. E. Notes in Theor. Comp. Sci., pp. 87–114 (2003)Google Scholar
  15. 15.
    Datta, A., Derek, A., Mitchell, J., Pavlovic, D.: A derivation system and compositional logic for security protocols. J. of Comp. Security 13, 423–482 (2005)Google Scholar
  16. 16.
    Datta, A., Derek, A., Mitchell, J.C., Pavlovic, D.: A derivation system for security protocols and its logical formalization. In: Volpano, D. (ed.) Proceedings of CSFW 2003, pp. 109–125. IEEE (2003)Google Scholar
  17. 17.
    Datta, A., Derek, A., Mitchell, J.C., Pavlovic, D.: Secure protocol composition (extended abstract). In: Backes, M., Basin, D., Waidner, M. (eds.) Proceedings of FMCS 2003, pp. 11–23. ACM (2003)Google Scholar
  18. 18.
    Datta, A., Derek, A., Mitchell, J.C., Pavlovic, D.: Abstraction and refinement in protocol derivation. In: Focardi, R. (ed.) Proceedings of CSFW 2004, pp. 30–47. IEEE (2004)Google Scholar
  19. 19.
    Diffie, W., van Oorschot, P.C., Wiener, M.J.: Authentication and authenticated key exchanges. Des. Codes Cryptography 2(2), 107–125 (1992)CrossRefGoogle Scholar
  20. 20.
    Doctorow, C.: Solving and creating captchas with free porn, (retrieved on January 2, 2012)
  21. 21.
    Durgin, N., Mitchell, J., Pavlovic, D.: A compositional logic for proving security properties of protocols. J. of Comp. Security 11(4), 677–721 (2004)Google Scholar
  22. 22.
    Durgin, N., Mitchell, J.C., Pavlovic, D.: A compositional logic for protocol correctness. In: Schneider, S. (ed.) Proceedings of CSFW 2001, pp. 241–255. IEEE (2001)Google Scholar
  23. 23.
    Pavlovic, D.: Geometry of abstraction in quantum computation. In: Mislove, M., Abramsky, S. (eds.) Clifford Lectures 2008, Proceedings of Symposia in Applied Mathematics, AMS, 28 p., (2012)Google Scholar
  24. 24.
    Fabrega, J.T., Herzog, J., Guttman, J.: Strand spaces: Proving security protocols correct. J. Comp. Security 7(2/3), 191–230 (1999)Google Scholar
  25. 25.
    Girard, J.-Y.: Towards a geometry of interaction. In: Gray, J.W., Scedrov, A. (eds.) Categories in Computer Science and Logic. Contemporary Mathematics, vol. 92, pp. 69–108. American Mathematical Society (1989)Google Scholar
  26. 26.
    Gischer, J.L.: The equational theory of pomsets. Theor. Comp. Sci. 61(2-3), 199–224 (1988)MathSciNetMATHCrossRefGoogle Scholar
  27. 27.
    Hasegawa, M.: The uniformity principle on traced monoidal categories. Electr. Notes Theor. Comput. Sci. 69, 137–155 (2002)CrossRefGoogle Scholar
  28. 28.
    Hyland, J.M.E., Luke Ong, C.-H.: On full abstraction for PCF: I, II, and III. Inf. Comput. 163(2), 285–408 (2000)MATHCrossRefGoogle Scholar
  29. 29.
    Joyal, A., Street, R., Verity, D.: Traced monoidal categories. Mathematical Proceedings of the Cambridge Philosophical Society 119(3), 447–468 (1996)MathSciNetMATHCrossRefGoogle Scholar
  30. 30.
    Kelsey, J., Schneier, B., Wagner, D.: Protocol Interactions and the Chosen Protocol Attack. In: Christianson, B., Crispo, B., Lomas, M., Roe, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 91–104. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  31. 31.
    Lamport, L.: Proving the correctness of multiprocess programs. IEEE Trans. Software Eng. 3(2), 125–143 (1977)MathSciNetMATHCrossRefGoogle Scholar
  32. 32.
    Lamport, L.: Time, clocks, and the ordering of events in a distributed system. Commun. ACM 21(7), 558–565 (1978)MATHCrossRefGoogle Scholar
  33. 33.
    Lawvere, B.: Functorial semantics of algebraic theories. Proceedings of the National Academy of Sciences of the United States of America 50(1), 869–872 (1963)MathSciNetMATHCrossRefGoogle Scholar
  34. 34.
    MacLane, S.: Categories for the Working Mathematician, 2nd edn. Graduate Texts in Mathematics, vol. 5. Springer (1997)Google Scholar
  35. 35.
    Meadows, C., Pavlovic, D.: Deriving, Attacking and Defending the GDOI Protocol. In: Samarati, P., Ryan, P.Y.A., Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, pp. 53–72. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  36. 36.
    Meadows, C., Poovendran, R., Pavlovic, D., Chang, L., Syverson, P.: Distance bounding protocols: authentication logic analysis and collusion attacks. In: Poovendran, R., Wang, C., Roy, S. (eds.) Secure Localization and Time Synchronization in Wireless Ad Hoc and Sensor Networks. Springer (2006)Google Scholar
  37. 37.
    Milner, R.: Action Calculi, or Syntactic Action Structures. In: Borzyszkowski, A.M., Sokolowski, S. (eds.) MFCS 1993. LNCS, vol. 711, pp. 105–121. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  38. 38.
    Milner, R.: Calculi for interaction. Acta Informatica 33(8), 707–737 (1996)MathSciNetCrossRefGoogle Scholar
  39. 39.
    Moss, L.S.: Parametric corecursion. Theor. Comp. Sci. 260(1-2), 139–163 (2001)MathSciNetMATHCrossRefGoogle Scholar
  40. 40.
    Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Commun. ACM 21, 993–999 (1978)MATHCrossRefGoogle Scholar
  41. 41.
    Pavlovic, D.: Categorical logic of names and abstraction in action calculus. Math. Structures in Comp. Sci. 7, 619–637 (1997)MathSciNetMATHCrossRefGoogle Scholar
  42. 42.
    Pavlovic, D.: Network as a Computer: Ranking Paths to Find Flows. In: Hirsch, E.A., Razborov, A.A., Semenov, A., Slissenko, A. (eds.) CSR 2008. LNCS, vol. 5010, pp. 384–397. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  43. 43.
    Pavlovic, D., Abramsky, S.: Specifying Interaction Categories. In: Moggi, E., Rosolini, G. (eds.) CTCS 1997. LNCS, vol. 1290, pp. 147–158. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  44. 44.
    Pavlovic, D., Meadows, C.: Deriving Secrecy in Key Establishment Protocols. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 384–403. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  45. 45.
    Pavlovic, D., Meadows, C.: Actor-Network Procedures. In: Ramanujam, R., Ramaswamy, S. (eds.) ICDCIT 2012. LNCS, vol. 7154, pp. 7–26. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  46. 46.
    Pratt, V.: Modelling concurrency with partial orders. Internat. J. Parallel Programming 15, 33–71 (1987)MathSciNetCrossRefGoogle Scholar
  47. 47.
    Rivest, R.L., Shamir, A.: How to expose an eavesdropper. Commun. ACM 27, 393–394 (1984)CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2012

Authors and Affiliations

  • Dusko Pavlovic
    • 1
    • 2
  1. 1.Royal Holloway, University of LondonUK
  2. 2.University of TwenteThe Netherlands

Personalised recommendations