Asymmetric Unification: A New Unification Paradigm for Cryptographic Protocol Analysis

  • Serdar Erbatur
  • Santiago Escobar
  • Deepak Kapur
  • Zhiqiang Liu
  • Christopher A. Lynch
  • Catherine Meadows
  • José Meseguer
  • Paliath Narendran
  • Sonia Santiago
  • Ralf Sasse
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7898)


We present a new paradigm for unification arising out of a technique commonly used in cryptographic protocol analysis tools that employ unification modulo equational theories. This paradigm relies on: (i) a decomposition of an equational theory into (R,E) where R is confluent, terminating, and coherent modulo E, and (ii) on reducing unification problems to a set of problems \(s =_{}^{?} t\) under the constraint that t remains R/E-irreducible. We call this method asymmetric unification. We first present a general-purpose generic asymmetric unification algorithm. and then outline an approach for converting special-purpose conventional unification algorithms to asymmetric ones, demonstrating it for exclusive-or with uninterpreted function symbols. We demonstrate how asymmetric unification can improve performanceby running the algorithm on a set of benchmark problems. We also give results on the complexity and decidability of asymmetric unification.


Inference Rule Equational Theory Support Variable Cryptographic Protocol Irreducible Variant 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    IEEE 802.11 Local and Metropolitan Area Networks: Wireless LAN Medium Access Control (MAC) and Physical (PHY) Specifications (1999)Google Scholar
  2. 2.
    Basin, D., Mödersheim, S., Viganò, L.: An on-the-fly model-checker for security protocol analysis. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 253–270. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  3. 3.
    Blanchet, B.: An efficient cryptographic protocol verifier based on Prolog rules. In: CSFW, pp. 82–96. IEEE Computer Society (2001)Google Scholar
  4. 4.
    Bürckert, H.-J., Herold, A., Schmidt-Schauß, M.: On equational theories, unification, and (un)decidability. Journal of Symbolic Computation 8(1/2), 3–49 (1989)MathSciNetzbMATHCrossRefGoogle Scholar
  5. 5.
    Comon-Lundh, H., Delaune, S.: The finite variant property: How to get rid of some algebraic properties. In: Giesl, J. (ed.) RTA 2005. LNCS, vol. 3467, pp. 294–307. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  6. 6.
    Durán, F., Meseguer, J.: A Maude coherence checker tool for conditional order-sorted rewrite theories. In: Ölveczky, P.C. (ed.) WRLA 2010. LNCS, vol. 6381, pp. 86–103. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  7. 7.
    Erbatur, S., Escobar, S., Kapur, D., Liu, Z., Lynch, C., Meadows, C., Meseguer, J., Narendran, P., Santiago, S., Sasse, R.: Effective symbolic protocol analysis via equational irreducibility conditions. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 73–90. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  8. 8.
    Erbatur, S., Escobar, S., Kapur, D., Liu, Z., Lynch, C., Meadows, C., Meseguer, J., Narendran, P., Sasse, R.: Asymmetric unification: A new unification paradigm for cryptographic protocol analysis. In: UNIF 2011 (2011),
  9. 9.
    Escobar, S., Sasse, R., Meseguer, J.: Folding variant narrowing and optimal variant termination. J. Log. Algebr. Program. 81(7-8), 898–928 (2012)MathSciNetzbMATHCrossRefGoogle Scholar
  10. 10.
    Harju, T., Karhumäki, J., Krob, D.: Remarks on generalized post correspondence problem. In: Puech, C., Reischuk, R. (eds.) STACS 1996. LNCS, vol. 1046, pp. 39–48. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  11. 11.
    Hopcroft, J.E., Motwani, R., Ullman, J.D.: Introduction to automata theory, languages, and computation - international edition, 2nd edn. Addison-Wesley (2003)Google Scholar
  12. 12.
    Jouannaud, J.-P., Kirchner, H.: Completion of a set of rules modulo a set of equations. SIAM J. Comput. 15(4), 1155–1194 (1986)MathSciNetzbMATHCrossRefGoogle Scholar
  13. 13.
    Liu, Z., Lynch, C.: Efficient general unification for XOR with homomorphism. In: Bjørner, N., Sofronie-Stokkermans, V. (eds.) CADE 2011. LNCS, vol. 6803, pp. 407–421. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  14. 14.
    Liu, Z.: Dealing Efficiently with Exclusive OR, Abelian Groups and Homomorphism in Cryptographic Protocol Analysis. PhD thesis, Clarkson University (2012),
  15. 15.
    Lowe, G., Roscoe, A.W.R.: Using CSP to detect errors in the TMN protocol. IEEE Transactions on Software Engineering 23, 659–669 (1997)CrossRefGoogle Scholar
  16. 16.
    Meseguer, J.: Conditional rewriting logic as a united model of concurrency. Theor. Comput. Sci. 96(1), 73–155 (1992)MathSciNetzbMATHCrossRefGoogle Scholar
  17. 17.
    Schmidt, B., Meier, S., Cremers, C.J.F., Basin, D.A.: Automated analysis of Diffie-Hellman protocols and advanced security properties. In: Proc. CSF 2012, pp. 78–94. IEEE (2012)Google Scholar
  18. 18.
    Tatebayashi, M., Matsuzaki, N., Newman Jr., D.B.: Key distribution protocol for digital mobile communication systems. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 324–334. Springer, Heidelberg (1990)Google Scholar
  19. 19.
    TeReSe, editor. Term Rewriting Systems. Cambridge University Press (2003)Google Scholar
  20. 20.
    Viry, P.: Equational rules for rewriting logic. Theor. Comp. Sci. 285(2), 487–517 (2002)MathSciNetzbMATHCrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Serdar Erbatur
    • 1
  • Santiago Escobar
    • 3
  • Deepak Kapur
    • 4
  • Zhiqiang Liu
    • 5
  • Christopher A. Lynch
    • 5
  • Catherine Meadows
    • 6
  • José Meseguer
    • 7
  • Paliath Narendran
    • 2
  • Sonia Santiago
    • 3
  • Ralf Sasse
    • 8
  1. 1.Università degli Studi di VeronaItaly
  2. 2.University at Albany-SUNYAlbanyUSA
  3. 3.DSIC-ELPUniversitat Politècnica de ValènciaSpain
  4. 4.University of New MexicoAlbuquerqueUSA
  5. 5.Clarkson UniversityPotsdamUSA
  6. 6.Naval Research LaboratoryWashingtonUSA
  7. 7.University of IllinoisUrbana-ChampaignUSA
  8. 8.Institute of Information SecurityETH ZurichSwitzerland

Personalised recommendations