Abstract :
The combination of first-order epistemic logic with formal cryptography offers a potentially powerful framework for security protocol verification. In this paper, cryptography is modelled using private constants and one-way computable operations, as in the applied Pi-calculus. To give the concept of knowledge a computational justification, we propose a generalized Kripke semantics that uses permutations on the underlying domain of cryptographic messages to reflect agents´ limited resources. This interpretation links the logic tightly to static equivalence, another important concept of knowledge that has recently been examined in the security protocol literature, and for which there are strong computational soundness results. We exhibit an axiomatization which is sound and complete relative to the underlying theory of terms, and to an omega-rule for quantifiers. Besides standard axioms and rules, the axiomatization includes novel axioms for the interaction between knowledge and cryptography. As protocol examples we use mixes, a Crowds-style protocol, and electronic payments. Furthermore, we provide embedding results for BAN and SVO.
Keywords :
cryptographic protocols; Crowds-style protocol; applied Pi-calculus; first-order epistemic logic; formal cryptography; generalized Kripke semantics; knowledge complete axiomatization; security protocol verification; Body sensor networks; Computer science; Computer security; Cryptographic protocols; Cryptography; Equations; Logic; Multiagent systems; Observability; Testing;
