POR for Security Protocol Equivalences: Beyond Action-Determinism
This work addresses the need for more efficient verification of privacy properties like anonymity in security protocols, representing an incremental advancement over existing methods.
The paper tackled the problem of verifying trace equivalence for security protocols without relying on action-determinism, by recasting it as a reachability problem and applying partial-order reduction techniques, resulting in a prototype implementation that improves the tool DeepSec.
Formal methods have proved effective to automatically analyze protocols. Over the past years, much research has focused on verifying trace equivalence on protocols, which is notably used to model many interesting privacy properties, e.g., anonymity or unlinkability. Many tools for checking trace equivalence rely on a naive and expensive exploration of all interleavings of concurrent actions, which calls for partial-order reduction (POR) techniques. In this paper, we present the first POR technique for protocol equivalences that does not rely on an action-determinism assumption: we recast the trace equivalence problem as a reachability problem, to which persistent and sleep set techniques can be applied, and we show how to effectively apply these results in the context of symbolic executions. We report on a prototype implementation, improving the tool DeepSec.