POR for Security Protocol Equivalences: Beyond Action-Determinism
David Baelde, St\'ephanie Delaune, Lucca Hirschi
TL;DR
This paper introduces a novel partial-order reduction technique for verifying protocol trace equivalences without relying on action-determinism, enhancing the efficiency of security protocol analysis tools.
Contribution
It presents the first POR method for protocol equivalences that works beyond action-determinism assumptions, recasting the problem as reachability for symbolic execution.
Findings
Improves verification efficiency for privacy properties.
Enhances the DeepSec tool with new POR capabilities.
Demonstrates effectiveness through prototype implementation.
Abstract
Formal methods have proved effective to automatically analyze protocols. Over the past years, much research has focused on verifying trace equivalence on protocols, which is notably used to model many interesting privacy properties, e.g., anonymity or unlinkability. Many tools for checking trace equivalence rely on a naive and expensive exploration of all interleavings of concurrent actions, which calls for partial-order reduction (POR) techniques. In this paper, we present the first POR technique for protocol equivalences that does not rely on an action-determinism assumption: we recast the trace equivalence problem as a reachability problem, to which persistent and sleep set techniques can be applied, and we show how to effectively apply these results in the context of symbolic executions. We report on a prototype implementation, improving the tool DeepSec.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSecurity and Verification in Computing · Digital Rights Management and Security · Formal Methods in Verification