Results 1 
3 of
3
Proving Security Protocols With Model Checkers By Data Independence Techniques
, 1999
"... Model checkers such as FDR have been extremely effective in checking for, and finding, attacks on cryptographic protocols  see, for example [16, 20] and many of the papers in [7]. Their use in proving protocols has, on the other hand, generally been limited to showing that a given small instanc ..."
Abstract

Cited by 59 (9 self)
 Add to MetaCart
Model checkers such as FDR have been extremely effective in checking for, and finding, attacks on cryptographic protocols  see, for example [16, 20] and many of the papers in [7]. Their use in proving protocols has, on the other hand, generally been limited to showing that a given small instance, usually restricted by the finiteness of some set of resources such as keys and nonces, is free of attacks. While for specific protocols there are frequently good reasons for supposing that this will find any attack, it leaves a substantial gap in the method. The purpose of this paper is to show how techniques borrowed from data independence and related fields can be used to achieve the illusion that nodes can call upon an infinite supply of different nonces, keys, etc., even though the actual types used for these things remain finite. It is thus possible to create models of protocols in which nodes do not have to stop after a small number of runs, and to claim that a finitestate r...
Prelogical Relations
, 1999
"... this paper but which have some intriguing connections to some of our results and techniques, are [32] and [20]. We believe that the concept of prelogical relation would have a beneficial impact on the presentation and understanding of their results ..."
Abstract

Cited by 26 (5 self)
 Add to MetaCart
this paper but which have some intriguing connections to some of our results and techniques, are [32] and [20]. We believe that the concept of prelogical relation would have a beneficial impact on the presentation and understanding of their results
The Impact of seq on Free TheoremsBased Program Transformations
 Fundamenta Informaticae
, 2006
"... Parametric polymorphism constrains the behavior of pure functional programs in a way that allows the derivation of interesting theorems about them solely from their types, i.e., virtually for free. Unfortunately, standard parametricity results — including socalled free theorems — fail for nonstrict ..."
Abstract

Cited by 14 (5 self)
 Add to MetaCart
Parametric polymorphism constrains the behavior of pure functional programs in a way that allows the derivation of interesting theorems about them solely from their types, i.e., virtually for free. Unfortunately, standard parametricity results — including socalled free theorems — fail for nonstrict languages supporting a polymorphic strict evaluation primitive such as Haskell’s seq. A folk theorem maintains that such results hold for a subset of Haskell corresponding to a GirardReynolds calculus with fixpoints and algebraic datatypes even when seq is present provided the relations which appear in their derivations are required to be bottomreflecting and admissible. In this paper we show that this folklore is incorrect, but that parametricity results can be recovered in the presence of seq by restricting attention to leftclosed, total, and admissible relations instead. The key novelty of our approach is the asymmetry introduced by leftclosedness, which leads to “inequational” versions of standard parametricity results together with preconditions guaranteeing their validity even when seq is present. We use these results to derive criteria ensuring that both equational and inequational versions of short cut fusion and related program transformations based on free theorems hold in the presence of seq.