We give a recursion-theoretic characterization of FP which describes polynomial time computation independently of any externally imposed resource bounds. In particular, this syntactic characterization avoids the explicit size bounds on recursion (and the initial function 2 |x||y| ) of Cobham.

We prove properties of a process calculus that is designed for analyzing security protocols. Our long-term goal is to develop a form of protocol analysis, consistent with standard cryptographic assumptions, that provides a language for expressing probabilistic polynomial-time protocol steps, a specification method based on a compositional form of equivalence, and a logical basis for reasoning about equivalence. The process calculus is a variant of CCS, with bounded replication and probabilistic polynomial-time expressions allowed in messages and boolean tests. To avoid inconsistency between security and nondeterminism, messages are scheduled probabilistically instead of nondeterministically. We prove that evaluation of any process expression halts in probabilistic polynomial time and define a form of asymptotic protocol equivalence that allows security properties to be expressed using observational equivalence, a standard relation from programming language theory that involves quantifying over possible environments that might interact with the protocol. We develop a form of probabilistic bisimulation and use it to establish the soundness of an equational proof system based on observational equivalences. The proof system is illustrated by a formation derivation of the assertion, well-known in cryptography, that ElGamal encryption’s semantic security is equivalent to the (computational) Decision Diffie-Hellman assumption. This example demonstrates the power of probabilistic bisimulation and equational reasoning for protocol security.

Abstract not found

Abstract. We prove properties of a process calculus that is designed for analysing security protocols. Our long-term goal is to develop a form of protocol analysis, consistent with standard cryptographic assumptions, that provides a language for expressing probabilistic polynomial-time protocol steps, a specification method based on a compositional form of equivalence, and a logical basis for reasoning about equivalence. The process calculus is a variant of CCS, with bounded replication and probabilistic polynomial-time expressions allowed in messages and boolean tests. To avoid inconsistency between security and nondeterminism, messages are scheduled probabilistically instead of nondeterministically. We prove that evaluation of any process expression halts in probabilistic polynomial time and define a form of asymptotic protocol equivalence that allows security properties to be expressed using observational equivalence, a standard relation from programming language theory that involves quantifying over all possible environments that might interact with the protocol. We develop a form of probabilistic bisimulation and use it to establish the soundness of an equational proof system based on observational equivalences. The proof system is illustrated by a formation derivation of the assertion, well-known in cryptography, that El Gamal encryption’s semantic security is equivalent to the (computational) Decision Diffie-Hellman assumption. This example demonstrates the power of probabilistic bisimulation and equational reasoning for protocol security.

We present a higher-order functional notation for polynomial-time computation with an arbitrary 0, 1-valued oracle. This formulation provides a linguistic characterization for classes such as NP and BPP, as well as a notation for probabilistic polynomialtime functions. The language is derived from Hofmann 's adaptation of Bellantoni-Cook safe recursion, extended to oracle computation via work derived from that of Kapron and Cook. Like Hofmann's language, ours is an applied typed lambda calculus with complexity bounds enforced by a type system. The type system uses a modal operator to distinguish between two sorts of numerical expressions. Recursion can take place on only one of these sorts. The proof that the language captures precisely oracle polynomial time is model-theoretic, using adaptations of various techniques from category theory.

Using a probabilistic polynomial-time process calculus designed for specifying security properties as observational equivalences, we develop a form of bisimulation that justifies an equational proof system.

Abstract. The main results of this paper are recursion-theoretic characterizations of two parallel complexity classes: the functions computable by uniform bounded fan-in circuit families of log and polylog depth (or equivalently, the functions bitwise computable by alternating Turing machines in log and polylog time). The present characterizations avoid the complex base functions, function constructors, and a priori size or depth bounds typical of previous work on these classes. This simplicity is achieved by extending the \tiered recursion " techniques of Leivant and Bellantoni&Cook. Key words. Circuit complexity � subrecursion. Subject classi cations. 68Q15, 03D20, 94C99. 1.

. This paper introduces a simply-typed lambda calculus with both modal and linear function types. Through the use of subtyping extra term formers associated with modality and linearity are avoided. We study the basic metatheory of this system including existence and inference of principal types. The system serves as a platform for certain higher-order generalisations of Bellantoni-Cook's function algebra capturing polynomial time using a separation of the variables into "safe" and "normal" ones. The distinction between and the syntactic restrictions involved with the safe and normal variables in the Bellantoni-Cook framework are captured by the modal function space and the associated typing rules. The linear function spaces on the other hand are used to enable a certain form of primitive recursion with functional result type which is conservative over polynomial time. The proofs associated with these applications are based on an interpretation of the lambda calculus in a category-theor...

Abstract. Traditional results in subrecursion theory are integrated with the recent work in “predicative recursion ” by defining a simple ranking ρ of all primitive recursive functions. The hierarchy defined by this ranking coincides with the Grzegorczyk hierarchy at and above the linearspace level. Thus, the result is like an extension of the Schwichtenberg/Müller theorems. When primitive recursion is replaced by recursion on notation, the same series of classes is obtained except with the polynomial time computable functions at the first level.

Abstract. We are concerned with first order theories of operations, based on combinatory logic and extended with the type W of binary words. The theories include forms of “positive ” and “bounded ” induction on W and naturally characterize primitive recursive and polytime functions (respectively). We prove that the recursive content of the theories under investigation (i.e. the associated class of provably total functions on W) is invariant under addition of 1. an axiom of choice for operations and a uniformity principle, restricted to positive conditions; 2. a (form of) self-referential truth, providing a fixed point theorem for predicates. As to the proof methods, we apply a kind of internal forcing semantics, non-standard variants of realizability and cut-elimination. §1. Introduction. In this paper, we deal with theories of abstract computable operations, underlying the so-called explicit mathematics, introduced by Feferman in the midseventies as a logical frame to formalize Bishop’s style constructive mathematics ([18], [19]). Following a common usage, these theories