A heory of Assertions for Dolev-Yao Modelsseminaire-dga.gforge.inria.fr/2017/20180608... ·...

A Theory of Assertions for Dolev-Yao Models

R Ramanujam

IMSc, Chennai

Vaishnavi Sundararajan

CMI, Chennai

S P Suresh

CMI, Chennai

IRISA, Rennes

8th June 2018

IntroductionSecurity protocol: a pattern of communications to achieve a security goal

in an insecure environment.

Each communication is of the form A B: m.

A and B are agents participating in the protocol, and m is some message.

Malicious intruder can play havoc when many messages are being

communicated, by mixing-and-matching (even without breaking

cryptography).

Need formal analysis of protocols to guarantee security goals!

Dolev-Yao Model

Framework for analysis of security protocols.

Messages are abstract terms rather than bitstrings.

Encryption, hashing etc. abstract functions on terms.

Cryptography assumed to be perfect, no cryptanalysis!

Formalize properties, verify.

Dolev-Yao Model: IntruderIntruder I cannot break encryption, but can

see any message

block any message

redirect any message

generate messages — according to set rules!

send messages in someone else’s name

initiate new communication according to the protocol

Dolev-Yao Model: ActionsTwo types of actions, send and receive.

Each communication A B separated out into a send action

(+A) and a ‘corresponding’ receive action (-B).

Every sent term assumed to be received by I.

Each received term assumed to come from I.

Ties in well with intuition of I being the network!

Dolev-Yao model: Term derivation system

= � � ( , ) � ( , ′) � ( , , )

∈N

�

∈

�

�

� ( )

� �

� ( , )

� ( , )

�

� ( , )

�

� �

� ( , )

� ( , ) �

�

� � �

� ( , , )

� ( , , ) � ( )

�

<latexit sha1_base64="qHwYZ7a9ajbNdfXO/0nVDrkaZ3U=">AAAKc3ictVbdbtNIFDZll4DZBcpecjOi/KRSieyCoFx0xQokEKKrrqBQKbaik/E4GWLPmJlxSOX18+wD7NPsg3DPGacJcRJCS1lblj3nZ873nXM8M90s4dp43n/n1s7/9POFxsVL7uVffr1y9dr69bda5oqyAyoTqQ67oFnCBTsw3CTsMFMM0m7C3nUHT63+3ZApzaV4Y44yFqbQEzzmFAyKOusX/gnaxJBdkpIg5REJDBuZIhs0B5tlTQJclU3TKbxyi+DLLzdn1ZoJimpU3a3JYSJXW2SAmtB1gy7rcVEYQIhlux+6AWXCMMVFzw10CkkyY5InoMrib4p36QZ9y9K9EwQTixRMv5wMMiVlbBRjpStIwPGxagpJ8WfZKTK0e59rg9yZJockGEag+wStco2hx3g5Es27aMlENDtfNR4Hu/Ot2KaKfbg0mpmPBqOVwZBpxfbExKeRBkvjT6pbNm0x5ogPSnIm4l9Y2i4hwYccIjIr9JeXYEWDzSG0Jv9Pur6KYXkZxwTr6GJtztY43w/GXwCjRbS6mt+fKjNf2XxFVafrQr5QzUr1IxNWi3USiAt/o47Yakhnyhre06GqD1f9rfNL6NwC8qOzOB9uFubYgouhXT9OuMCdLqWVYrLuT0e4Ubidaxtey3uw/fCxR7zW/cc7Dz2f+C2vuqYfG87xtd9ZX/s3iCTNU9xdaAJat30vM2EBynBqZ0SkLAM6gB5rR0OeaQEp02ExqnbVktxGfURiqfARhlTSWacCUq2P0i5aWip6XlfxW6Jr5ybeCTGNWW5ssqtAcZ4QI4ndoknEFaMmOcIPoIojXEL7oIDiLlmPMpPSWoQ98RqBySSskqyzqgYzflaqdKzr0lFiRkYBCiMWQ54YyztmYHLFdLEHWYaV3cXC3rPFRTPNTApcWLN2WPwRyS4jL5nQUpB9JScGCMBaNF/hkUNsPeM9bvRm+zVuzGx3Dwztv5IfmaJ4iPn2HM+R6+Brzntc8Inb7YmfSounfchAKUi+zIinDA2imlOfCgo6plLIUzoKqfBgwzUbgsKGSvWYFhcf+9wwjQVg2J2eF9o2X2jqxY+32y3fa/l/bW882Tlu+IvODeem03R855HzxHnh7DsHDm1caTxo7DZ+v/TJveHedG+NTdfOHfv85tQu995nZom06Q==</latexit><latexit sha1_base64="qHwYZ7a9ajbNdfXO/0nVDrkaZ3U=">AAAKc3ictVbdbtNIFDZll4DZBcpecjOi/KRSieyCoFx0xQokEKKrrqBQKbaik/E4GWLPmJlxSOX18+wD7NPsg3DPGacJcRJCS1lblj3nZ873nXM8M90s4dp43n/n1s7/9POFxsVL7uVffr1y9dr69bda5oqyAyoTqQ67oFnCBTsw3CTsMFMM0m7C3nUHT63+3ZApzaV4Y44yFqbQEzzmFAyKOusX/gnaxJBdkpIg5REJDBuZIhs0B5tlTQJclU3TKbxyi+DLLzdn1ZoJimpU3a3JYSJXW2SAmtB1gy7rcVEYQIhlux+6AWXCMMVFzw10CkkyY5InoMrib4p36QZ9y9K9EwQTixRMv5wMMiVlbBRjpStIwPGxagpJ8WfZKTK0e59rg9yZJockGEag+wStco2hx3g5Es27aMlENDtfNR4Hu/Ot2KaKfbg0mpmPBqOVwZBpxfbExKeRBkvjT6pbNm0x5ogPSnIm4l9Y2i4hwYccIjIr9JeXYEWDzSG0Jv9Pur6KYXkZxwTr6GJtztY43w/GXwCjRbS6mt+fKjNf2XxFVafrQr5QzUr1IxNWi3USiAt/o47Yakhnyhre06GqD1f9rfNL6NwC8qOzOB9uFubYgouhXT9OuMCdLqWVYrLuT0e4Ubidaxtey3uw/fCxR7zW/cc7Dz2f+C2vuqYfG87xtd9ZX/s3iCTNU9xdaAJat30vM2EBynBqZ0SkLAM6gB5rR0OeaQEp02ExqnbVktxGfURiqfARhlTSWacCUq2P0i5aWip6XlfxW6Jr5ybeCTGNWW5ssqtAcZ4QI4ndoknEFaMmOcIPoIojXEL7oIDiLlmPMpPSWoQ98RqBySSskqyzqgYzflaqdKzr0lFiRkYBCiMWQ54YyztmYHLFdLEHWYaV3cXC3rPFRTPNTApcWLN2WPwRyS4jL5nQUpB9JScGCMBaNF/hkUNsPeM9bvRm+zVuzGx3Dwztv5IfmaJ4iPn2HM+R6+Brzntc8Inb7YmfSounfchAKUi+zIinDA2imlOfCgo6plLIUzoKqfBgwzUbgsKGSvWYFhcf+9wwjQVg2J2eF9o2X2jqxY+32y3fa/l/bW882Tlu+IvODeem03R855HzxHnh7DsHDm1caTxo7DZ+v/TJveHedG+NTdfOHfv85tQu995nZom06Q==</latexit><latexit sha1_base64="qHwYZ7a9ajbNdfXO/0nVDrkaZ3U=">AAAKc3ictVbdbtNIFDZll4DZBcpecjOi/KRSieyCoFx0xQokEKKrrqBQKbaik/E4GWLPmJlxSOX18+wD7NPsg3DPGacJcRJCS1lblj3nZ873nXM8M90s4dp43n/n1s7/9POFxsVL7uVffr1y9dr69bda5oqyAyoTqQ67oFnCBTsw3CTsMFMM0m7C3nUHT63+3ZApzaV4Y44yFqbQEzzmFAyKOusX/gnaxJBdkpIg5REJDBuZIhs0B5tlTQJclU3TKbxyi+DLLzdn1ZoJimpU3a3JYSJXW2SAmtB1gy7rcVEYQIhlux+6AWXCMMVFzw10CkkyY5InoMrib4p36QZ9y9K9EwQTixRMv5wMMiVlbBRjpStIwPGxagpJ8WfZKTK0e59rg9yZJockGEag+wStco2hx3g5Es27aMlENDtfNR4Hu/Ot2KaKfbg0mpmPBqOVwZBpxfbExKeRBkvjT6pbNm0x5ogPSnIm4l9Y2i4hwYccIjIr9JeXYEWDzSG0Jv9Pur6KYXkZxwTr6GJtztY43w/GXwCjRbS6mt+fKjNf2XxFVafrQr5QzUr1IxNWi3USiAt/o47Yakhnyhre06GqD1f9rfNL6NwC8qOzOB9uFubYgouhXT9OuMCdLqWVYrLuT0e4Ubidaxtey3uw/fCxR7zW/cc7Dz2f+C2vuqYfG87xtd9ZX/s3iCTNU9xdaAJat30vM2EBynBqZ0SkLAM6gB5rR0OeaQEp02ExqnbVktxGfURiqfARhlTSWacCUq2P0i5aWip6XlfxW6Jr5ybeCTGNWW5ssqtAcZ4QI4ndoknEFaMmOcIPoIojXEL7oIDiLlmPMpPSWoQ98RqBySSskqyzqgYzflaqdKzr0lFiRkYBCiMWQ54YyztmYHLFdLEHWYaV3cXC3rPFRTPNTApcWLN2WPwRyS4jL5nQUpB9JScGCMBaNF/hkUNsPeM9bvRm+zVuzGx3Dwztv5IfmaJ4iPn2HM+R6+Brzntc8Inb7YmfSounfchAKUi+zIinDA2imlOfCgo6plLIUzoKqfBgwzUbgsKGSvWYFhcf+9wwjQVg2J2eF9o2X2jqxY+32y3fa/l/bW882Tlu+IvODeem03R855HzxHnh7DsHDm1caTxo7DZ+v/TJveHedG+NTdfOHfv85tQu995nZom06Q==</latexit><latexit sha1_base64="qHwYZ7a9ajbNdfXO/0nVDrkaZ3U=">AAAKc3ictVbdbtNIFDZll4DZBcpecjOi/KRSieyCoFx0xQokEKKrrqBQKbaik/E4GWLPmJlxSOX18+wD7NPsg3DPGacJcRJCS1lblj3nZ873nXM8M90s4dp43n/n1s7/9POFxsVL7uVffr1y9dr69bda5oqyAyoTqQ67oFnCBTsw3CTsMFMM0m7C3nUHT63+3ZApzaV4Y44yFqbQEzzmFAyKOusX/gnaxJBdkpIg5REJDBuZIhs0B5tlTQJclU3TKbxyi+DLLzdn1ZoJimpU3a3JYSJXW2SAmtB1gy7rcVEYQIhlux+6AWXCMMVFzw10CkkyY5InoMrib4p36QZ9y9K9EwQTixRMv5wMMiVlbBRjpStIwPGxagpJ8WfZKTK0e59rg9yZJockGEag+wStco2hx3g5Es27aMlENDtfNR4Hu/Ot2KaKfbg0mpmPBqOVwZBpxfbExKeRBkvjT6pbNm0x5ogPSnIm4l9Y2i4hwYccIjIr9JeXYEWDzSG0Jv9Pur6KYXkZxwTr6GJtztY43w/GXwCjRbS6mt+fKjNf2XxFVafrQr5QzUr1IxNWi3USiAt/o47Yakhnyhre06GqD1f9rfNL6NwC8qOzOB9uFubYgouhXT9OuMCdLqWVYrLuT0e4Ubidaxtey3uw/fCxR7zW/cc7Dz2f+C2vuqYfG87xtd9ZX/s3iCTNU9xdaAJat30vM2EBynBqZ0SkLAM6gB5rR0OeaQEp02ExqnbVktxGfURiqfARhlTSWacCUq2P0i5aWip6XlfxW6Jr5ybeCTGNWW5ssqtAcZ4QI4ndoknEFaMmOcIPoIojXEL7oIDiLlmPMpPSWoQ98RqBySSskqyzqgYzflaqdKzr0lFiRkYBCiMWQ54YyztmYHLFdLEHWYaV3cXC3rPFRTPNTApcWLN2WPwRyS4jL5nQUpB9JScGCMBaNF/hkUNsPeM9bvRm+zVuzGx3Dwztv5IfmaJ4iPn2HM+R6+Brzntc8Inb7YmfSounfchAKUi+zIinDA2imlOfCgo6plLIUzoKqfBgwzUbgsKGSvWYFhcf+9wwjQVg2J2eF9o2X2jqxY+32y3fa/l/bW882Tlu+IvODeem03R855HzxHnh7DsHDm1caTxo7DZ+v/TJveHedG+NTdfOHfv85tQu995nZom06Q==</latexit>

More about Dolev-Yao

Dolev-Yao treats all messages as “terms”.

What if protocol involves certificates? For

authorization, delegation etc.

Encoded as terms in Dolev-Yao — bit commitment,

protocol-specific tagging etc.

Not always concise/readable!

ExampleA sends to B a nonce m encrypted in some key k, along with a

disjunctive certificate about the value of m being a or b.

Need to encode this certificate as a term in Dolev-Yao algebra.

Uses 1-out-of-2 encryption: For a given {m}k, show that it is of

the form {mi}k where mi ∈ {m0, m1}, without revealing i.

Needs multiplication, exponentiation, and hashing!

Not obvious that the end result stands for {m = a or m = b}.

ZKP Terms [BHM08]

Extend the Dolev-Yao model with “zero-knowledge proof terms”.

Zero-knowledge proof term: ZKp,q(P1,…,Pp ; Q1,…,Qq ; F).

Ps: private; Qs: public; F defines relationship between Ps and

Qs.

Presents the certificate in a more readable format than encoding

into terms.

BHM08: Backes, M.; Hritcu, C.; Matteo, M. (2008) “Type-checking zero-knowledge.” In Proc. CCS ’08, 357–370.

→ ∶,� , ;{ } , , ; = ( , ) ∧ ( = ∨ = )�

<latexit sha1_base64="PXdadgSz/yz2v0WtssY9V2l5vlI=">AAAFJniclVTbbtNAEHVogBJuLTzysqKqlEgmsp1eQZV6QSqCRiqUXkQcRevN2lllL2Z33SayzPfwNbwhhHjhU1g7aWmaItR9Gp05Z3ZmZ2aDmBKlHedn6dZM+fadu7P3KvcfPHz0eG7+yZESiUT4EAkq5EkAFaaE40NNNMUnscSQBRQfB/2d3H98iqUign/Uwxi3GYw4CQmC2kCduV9bwJck6mkopTgD2+Al8DUe6PTTu6yTejZoZH5AIloFqV/clrJhYJg8A8wG/ezLq0uOSGJsHH7KfCPuZzaANggmOTFNmKEEWMOOCzZGtxGdYo6yqg9p3DO4DcaWVwM+hbwLLly5pBB7xiMkmMIbtTw8iWStM7fg1J0lb2XdAU69sb624rjArTvFuTAWrPHZ78zPNPyuQAnDXCMKlWq5TqzbKZSaIIqzip8oHEPUhxFuGZNDhlU7LUrLwKJBuiA0OYWCa1CglxUpZEoNWWCYDOqeuurLwet8rUSHa+2U8DjR+SsVF4UJBVqAvKWgSyRGmg6NAZEkJleAelBCpE3jr83ZBt1TEqtx/oNRAZUJapMfmFwFbadFQjFGE+UXqFShmkQHVA+0hAbs4hAmVOdPEWKoE4lV2oRxTHi0YVr+Im+7oSmsGSQ8p7Xa6VZXBBi8xVwJDvalOCeYBHJGdc9MLbdfk4hoVWsdIEjxRhNq1NsTZ1giswf/j7FrhrT/L3GTcHIuWzzXSZbu9GBsNgTSvxEhpQryIqa6USpGyAQXNxRyIRk0HwI+hdLMGFOjsgg/6xGNlWkANtPqOO1K8fbmO5hc1/TD7naWut6avbJke9lV0mh1RyTPtZdd212eIhW7O+Ksera3bLsNQzJrNrVU08aRV3eduvt+aWFze7xws9Yz67lVtVxr1dq03lj71qGFSlulqBSXPpe/lr+Vv5d/jKi3SmPNU2vilH//Aa43wso=</latexit><latexit sha1_base64="PXdadgSz/yz2v0WtssY9V2l5vlI=">AAAFJniclVTbbtNAEHVogBJuLTzysqKqlEgmsp1eQZV6QSqCRiqUXkQcRevN2lllL2Z33SayzPfwNbwhhHjhU1g7aWmaItR9Gp05Z3ZmZ2aDmBKlHedn6dZM+fadu7P3KvcfPHz0eG7+yZESiUT4EAkq5EkAFaaE40NNNMUnscSQBRQfB/2d3H98iqUign/Uwxi3GYw4CQmC2kCduV9bwJck6mkopTgD2+Al8DUe6PTTu6yTejZoZH5AIloFqV/clrJhYJg8A8wG/ezLq0uOSGJsHH7KfCPuZzaANggmOTFNmKEEWMOOCzZGtxGdYo6yqg9p3DO4DcaWVwM+hbwLLly5pBB7xiMkmMIbtTw8iWStM7fg1J0lb2XdAU69sb624rjArTvFuTAWrPHZ78zPNPyuQAnDXCMKlWq5TqzbKZSaIIqzip8oHEPUhxFuGZNDhlU7LUrLwKJBuiA0OYWCa1CglxUpZEoNWWCYDOqeuurLwet8rUSHa+2U8DjR+SsVF4UJBVqAvKWgSyRGmg6NAZEkJleAelBCpE3jr83ZBt1TEqtx/oNRAZUJapMfmFwFbadFQjFGE+UXqFShmkQHVA+0hAbs4hAmVOdPEWKoE4lV2oRxTHi0YVr+Im+7oSmsGSQ8p7Xa6VZXBBi8xVwJDvalOCeYBHJGdc9MLbdfk4hoVWsdIEjxRhNq1NsTZ1giswf/j7FrhrT/L3GTcHIuWzzXSZbu9GBsNgTSvxEhpQryIqa6USpGyAQXNxRyIRk0HwI+hdLMGFOjsgg/6xGNlWkANtPqOO1K8fbmO5hc1/TD7naWut6avbJke9lV0mh1RyTPtZdd212eIhW7O+Ksera3bLsNQzJrNrVU08aRV3eduvt+aWFze7xws9Yz67lVtVxr1dq03lj71qGFSlulqBSXPpe/lr+Vv5d/jKi3SmPNU2vilH//Aa43wso=</latexit><latexit sha1_base64="PXdadgSz/yz2v0WtssY9V2l5vlI=">AAAFJniclVTbbtNAEHVogBJuLTzysqKqlEgmsp1eQZV6QSqCRiqUXkQcRevN2lllL2Z33SayzPfwNbwhhHjhU1g7aWmaItR9Gp05Z3ZmZ2aDmBKlHedn6dZM+fadu7P3KvcfPHz0eG7+yZESiUT4EAkq5EkAFaaE40NNNMUnscSQBRQfB/2d3H98iqUign/Uwxi3GYw4CQmC2kCduV9bwJck6mkopTgD2+Al8DUe6PTTu6yTejZoZH5AIloFqV/clrJhYJg8A8wG/ezLq0uOSGJsHH7KfCPuZzaANggmOTFNmKEEWMOOCzZGtxGdYo6yqg9p3DO4DcaWVwM+hbwLLly5pBB7xiMkmMIbtTw8iWStM7fg1J0lb2XdAU69sb624rjArTvFuTAWrPHZ78zPNPyuQAnDXCMKlWq5TqzbKZSaIIqzip8oHEPUhxFuGZNDhlU7LUrLwKJBuiA0OYWCa1CglxUpZEoNWWCYDOqeuurLwet8rUSHa+2U8DjR+SsVF4UJBVqAvKWgSyRGmg6NAZEkJleAelBCpE3jr83ZBt1TEqtx/oNRAZUJapMfmFwFbadFQjFGE+UXqFShmkQHVA+0hAbs4hAmVOdPEWKoE4lV2oRxTHi0YVr+Im+7oSmsGSQ8p7Xa6VZXBBi8xVwJDvalOCeYBHJGdc9MLbdfk4hoVWsdIEjxRhNq1NsTZ1giswf/j7FrhrT/L3GTcHIuWzzXSZbu9GBsNgTSvxEhpQryIqa6USpGyAQXNxRyIRk0HwI+hdLMGFOjsgg/6xGNlWkANtPqOO1K8fbmO5hc1/TD7naWut6avbJke9lV0mh1RyTPtZdd212eIhW7O+Ksera3bLsNQzJrNrVU08aRV3eduvt+aWFze7xws9Yz67lVtVxr1dq03lj71qGFSlulqBSXPpe/lr+Vv5d/jKi3SmPNU2vilH//Aa43wso=</latexit><latexit sha1_base64="PXdadgSz/yz2v0WtssY9V2l5vlI=">AAAFJniclVTbbtNAEHVogBJuLTzysqKqlEgmsp1eQZV6QSqCRiqUXkQcRevN2lllL2Z33SayzPfwNbwhhHjhU1g7aWmaItR9Gp05Z3ZmZ2aDmBKlHedn6dZM+fadu7P3KvcfPHz0eG7+yZESiUT4EAkq5EkAFaaE40NNNMUnscSQBRQfB/2d3H98iqUign/Uwxi3GYw4CQmC2kCduV9bwJck6mkopTgD2+Al8DUe6PTTu6yTejZoZH5AIloFqV/clrJhYJg8A8wG/ezLq0uOSGJsHH7KfCPuZzaANggmOTFNmKEEWMOOCzZGtxGdYo6yqg9p3DO4DcaWVwM+hbwLLly5pBB7xiMkmMIbtTw8iWStM7fg1J0lb2XdAU69sb624rjArTvFuTAWrPHZ78zPNPyuQAnDXCMKlWq5TqzbKZSaIIqzip8oHEPUhxFuGZNDhlU7LUrLwKJBuiA0OYWCa1CglxUpZEoNWWCYDOqeuurLwet8rUSHa+2U8DjR+SsVF4UJBVqAvKWgSyRGmg6NAZEkJleAelBCpE3jr83ZBt1TEqtx/oNRAZUJapMfmFwFbadFQjFGE+UXqFShmkQHVA+0hAbs4hAmVOdPEWKoE4lV2oRxTHi0YVr+Im+7oSmsGSQ8p7Xa6VZXBBi8xVwJDvalOCeYBHJGdc9MLbdfk4hoVWsdIEjxRhNq1NsTZ1giswf/j7FrhrT/L3GTcHIuWzzXSZbu9GBsNgTSvxEhpQryIqa6USpGyAQXNxRyIRk0HwI+hdLMGFOjsgg/6xGNlWkANtPqOO1K8fbmO5hc1/TD7naWut6avbJke9lV0mh1RyTPtZdd212eIhW7O+Ksera3bLsNQzJrNrVU08aRV3eduvt+aWFze7xws9Yz67lVtVxr1dq03lj71qGFSlulqBSXPpe/lr+Vv5d/jKi3SmPNU2vilH//Aa43wso=</latexit>

ZKP Terms (Contd.)

Sounds great! So why reinvent the wheel?

Consider two certificates as follows: {m = a or m = b}

and {m = a or m = c}, with b ≠ c.

Ideally, should be able to derive m = a from these two.

One cannot do derivations on ZKP terms. Cannot

infer m = a from these certificates in this system.

Overall Idea

Extend the Dolev-Yao model with a class of abstract

objects called ‘assertions’ which capture certification.

Protocol descriptions are readable. Assertions are distinct

from terms, and clearly specify the statements of the

certificates they model.

Inference on assertions is possible, independent of

underlying implementation.

Assertions

The says connective allows agents to “sign” an assertion as coming

from them.

P is any application-specific predicate.

Existential quantification lets agents hide witnesses.

Earlier example now looks as follows:

Assertions have the following syntax.

∶= = � ( ) � ∧ � ∨ � ∃ . �<latexit sha1_base64="mzxs69VYpBl8GvGw66VVljVj7dQ=">AAAEPHiclVPLbtNAFJ00PEp4tbBgwWagqtRKENmhKi1SpZYigVAjBZU+pMSKbibXyajzsGbGbSKr/ABfwM/wH+zZIRZsWDN2kkJaEOosrOtzz7lzr+9xJxHcuiD4UpopX7l67frsjcrNW7fv3J2bv7dvdWoY7jEttDnsgEXBFe457gQeJgZBdgQedI628/zBMRrLtXrvhglGEnqKx5yB81B77mMLRNIH+mKDunZI82eNtiTv0saSWx5FI4rPtgSos9fahaQ253M48BNYOqh+GF9TwFu05XDgm82ohaGlpxPZ3EJQDVZqq+sBDarP1tdWg5CG1aA4Z8ECGZ9Ge37mU6urWSpROSbA2mYYJC7KwDjOBJ5WWqnFBNgR9LDpQwUSbZQVX+2ULnqkS2PfdayVowX6pyIDae1QdjxTguvb87kc/Fuumbp4Lcq4SlKHio0uilNBnab5CmiXG2RODH0AzHDfK2V9MMCcX1RlqlRd7foOtIiy4poE2dRQBWpsbKfRgXADZ8CDXYwhFS4fMEZwqUGb1SFJuOpt+B08zffgaRadBK5yWjPKtrq6g/QtKqsVbRg9IfgGcsbSjveOevKK97izy81dBgI36uBYf0efoGHejf+v8dogHv1LXOeKT2SLE52R2XYfEjAGxO+KIIQFVdS0l2rFC6VW+pJCpY0E/1viMRjvHGlHY3F10ucOrV8Aeg8GQVTxZr5g3YvBfq0aBtXw3crC5suxrWfJQ/KYLJGQPCeb5A1pkD3CyI/SgxItPSp/Ln8tfyt/H1FnSmPNfTJ1yj9/AQIybFw=</latexit><latexit sha1_base64="mzxs69VYpBl8GvGw66VVljVj7dQ=">AAAEPHiclVPLbtNAFJ00PEp4tbBgwWagqtRKENmhKi1SpZYigVAjBZU+pMSKbibXyajzsGbGbSKr/ABfwM/wH+zZIRZsWDN2kkJaEOosrOtzz7lzr+9xJxHcuiD4UpopX7l67frsjcrNW7fv3J2bv7dvdWoY7jEttDnsgEXBFe457gQeJgZBdgQedI628/zBMRrLtXrvhglGEnqKx5yB81B77mMLRNIH+mKDunZI82eNtiTv0saSWx5FI4rPtgSos9fahaQ253M48BNYOqh+GF9TwFu05XDgm82ohaGlpxPZ3EJQDVZqq+sBDarP1tdWg5CG1aA4Z8ECGZ9Ge37mU6urWSpROSbA2mYYJC7KwDjOBJ5WWqnFBNgR9LDpQwUSbZQVX+2ULnqkS2PfdayVowX6pyIDae1QdjxTguvb87kc/Fuumbp4Lcq4SlKHio0uilNBnab5CmiXG2RODH0AzHDfK2V9MMCcX1RlqlRd7foOtIiy4poE2dRQBWpsbKfRgXADZ8CDXYwhFS4fMEZwqUGb1SFJuOpt+B08zffgaRadBK5yWjPKtrq6g/QtKqsVbRg9IfgGcsbSjveOevKK97izy81dBgI36uBYf0efoGHejf+v8dogHv1LXOeKT2SLE52R2XYfEjAGxO+KIIQFVdS0l2rFC6VW+pJCpY0E/1viMRjvHGlHY3F10ucOrV8Aeg8GQVTxZr5g3YvBfq0aBtXw3crC5suxrWfJQ/KYLJGQPCeb5A1pkD3CyI/SgxItPSp/Ln8tfyt/H1FnSmPNfTJ1yj9/AQIybFw=</latexit><latexit sha1_base64="mzxs69VYpBl8GvGw66VVljVj7dQ=">AAAEPHiclVPLbtNAFJ00PEp4tbBgwWagqtRKENmhKi1SpZYigVAjBZU+pMSKbibXyajzsGbGbSKr/ABfwM/wH+zZIRZsWDN2kkJaEOosrOtzz7lzr+9xJxHcuiD4UpopX7l67frsjcrNW7fv3J2bv7dvdWoY7jEttDnsgEXBFe457gQeJgZBdgQedI628/zBMRrLtXrvhglGEnqKx5yB81B77mMLRNIH+mKDunZI82eNtiTv0saSWx5FI4rPtgSos9fahaQ253M48BNYOqh+GF9TwFu05XDgm82ohaGlpxPZ3EJQDVZqq+sBDarP1tdWg5CG1aA4Z8ECGZ9Ge37mU6urWSpROSbA2mYYJC7KwDjOBJ5WWqnFBNgR9LDpQwUSbZQVX+2ULnqkS2PfdayVowX6pyIDae1QdjxTguvb87kc/Fuumbp4Lcq4SlKHio0uilNBnab5CmiXG2RODH0AzHDfK2V9MMCcX1RlqlRd7foOtIiy4poE2dRQBWpsbKfRgXADZ8CDXYwhFS4fMEZwqUGb1SFJuOpt+B08zffgaRadBK5yWjPKtrq6g/QtKqsVbRg9IfgGcsbSjveOevKK97izy81dBgI36uBYf0efoGHejf+v8dogHv1LXOeKT2SLE52R2XYfEjAGxO+KIIQFVdS0l2rFC6VW+pJCpY0E/1viMRjvHGlHY3F10ucOrV8Aeg8GQVTxZr5g3YvBfq0aBtXw3crC5suxrWfJQ/KYLJGQPCeb5A1pkD3CyI/SgxItPSp/Ln8tfyt/H1FnSmPNfTJ1yj9/AQIybFw=</latexit><latexit sha1_base64="mzxs69VYpBl8GvGw66VVljVj7dQ=">AAAEPHiclVPLbtNAFJ00PEp4tbBgwWagqtRKENmhKi1SpZYigVAjBZU+pMSKbibXyajzsGbGbSKr/ABfwM/wH+zZIRZsWDN2kkJaEOosrOtzz7lzr+9xJxHcuiD4UpopX7l67frsjcrNW7fv3J2bv7dvdWoY7jEttDnsgEXBFe457gQeJgZBdgQedI628/zBMRrLtXrvhglGEnqKx5yB81B77mMLRNIH+mKDunZI82eNtiTv0saSWx5FI4rPtgSos9fahaQ253M48BNYOqh+GF9TwFu05XDgm82ohaGlpxPZ3EJQDVZqq+sBDarP1tdWg5CG1aA4Z8ECGZ9Ge37mU6urWSpROSbA2mYYJC7KwDjOBJ5WWqnFBNgR9LDpQwUSbZQVX+2ULnqkS2PfdayVowX6pyIDae1QdjxTguvb87kc/Fuumbp4Lcq4SlKHio0uilNBnab5CmiXG2RODH0AzHDfK2V9MMCcX1RlqlRd7foOtIiy4poE2dRQBWpsbKfRgXADZ8CDXYwhFS4fMEZwqUGb1SFJuOpt+B08zffgaRadBK5yWjPKtrq6g/QtKqsVbRg9IfgGcsbSjveOevKK97izy81dBgI36uBYf0efoGHejf+v8dogHv1LXOeKT2SLE52R2XYfEjAGxO+KIIQFVdS0l2rFC6VW+pJCpY0E/1viMRjvHGlHY3F10ucOrV8Aeg8GQVTxZr5g3YvBfq0aBtXw3crC5suxrWfJQ/KYLJGQPCeb5A1pkD3CyI/SgxItPSp/Ln8tfyt/H1FnSmPNfTJ1yj9/AQIybFw=</latexit>

→ ∶ { } ,∃ .[{ } = { } ∧ ( = ∨ = )]<latexit sha1_base64="SqCVkoNJv1DKd0cC4KT05Wi/hsg=">AAAEIniclVPbahRBEO1kvcR4S/TRl8YQSCAus1FiIgRyERTJQiTmAjPDUttbs9tsT/fQ3ZPMMuRv/AOf/QHfxCfBN1/1H6zZbNQ1iqRgoOZUnbrNmXampPNB8Hlisnbl6rXrUzemb966fefuzOy9A2dyK3BfGGXsURscKqlx30uv8CizCGlb4WG7v13FD4/ROmn0Gz/IME6hq2UiBXiCWjOHUcg3eWRlt+fBWnPCt57xqEyj01Z/iUdY0AiOF4N6OAL5OoUL8gY8UqA7fKEgCOjFWF657cWYR3FrZi6oB0+WV9YCHtQfr62uBA3eqAdD++nMsZHttmYn30UdI/IUtRcKnAsbQebjEqyXQuHpdJQ7zED0oYth51hmTkOKLi6L4RFO+TzFOzyhKRKjPR+iv5NKSJ0bpG3KTMH33J+xCvxbLMx9shqXUme5Ry3OGiW54t7w6qK8Iy0KrwbkgLCSxuWiBxaEp7uPdcmsMYm3SNuMdWjqPRrMqLgcds9QjK07RK1L3DhaKF94CwR2MIFc+WrvBMHnFl3ZhCyTurvusXhEj6c0hz4Fqau0MC43O6aN/BVqZzTfteY8gQaoMhZ2SCF66bnsSu8Wwz0BCteb4EVvx5ygFaS5/9d4Qbv2/0VuSi3PafPnPJuW2z3ISIqgflUEpRzoYU13qVGImBptLknUxqZAPx8egyVBpe5sLalPetKjow+ApM4giKdJ5hdEfdE5WK43gnrj9fLcxtZI8FPsAXvIFliDPWUb7CXbZftMsPfsK/vGvtfe1j7UPtY+naVOTow499mY1b78AAp+Zlw=</latexit><latexit sha1_base64="SqCVkoNJv1DKd0cC4KT05Wi/hsg=">AAAEIniclVPbahRBEO1kvcR4S/TRl8YQSCAus1FiIgRyERTJQiTmAjPDUttbs9tsT/fQ3ZPMMuRv/AOf/QHfxCfBN1/1H6zZbNQ1iqRgoOZUnbrNmXampPNB8Hlisnbl6rXrUzemb966fefuzOy9A2dyK3BfGGXsURscKqlx30uv8CizCGlb4WG7v13FD4/ROmn0Gz/IME6hq2UiBXiCWjOHUcg3eWRlt+fBWnPCt57xqEyj01Z/iUdY0AiOF4N6OAL5OoUL8gY8UqA7fKEgCOjFWF657cWYR3FrZi6oB0+WV9YCHtQfr62uBA3eqAdD++nMsZHttmYn30UdI/IUtRcKnAsbQebjEqyXQuHpdJQ7zED0oYth51hmTkOKLi6L4RFO+TzFOzyhKRKjPR+iv5NKSJ0bpG3KTMH33J+xCvxbLMx9shqXUme5Ry3OGiW54t7w6qK8Iy0KrwbkgLCSxuWiBxaEp7uPdcmsMYm3SNuMdWjqPRrMqLgcds9QjK07RK1L3DhaKF94CwR2MIFc+WrvBMHnFl3ZhCyTurvusXhEj6c0hz4Fqau0MC43O6aN/BVqZzTfteY8gQaoMhZ2SCF66bnsSu8Wwz0BCteb4EVvx5ygFaS5/9d4Qbv2/0VuSi3PafPnPJuW2z3ISIqgflUEpRzoYU13qVGImBptLknUxqZAPx8egyVBpe5sLalPetKjow+ApM4giKdJ5hdEfdE5WK43gnrj9fLcxtZI8FPsAXvIFliDPWUb7CXbZftMsPfsK/vGvtfe1j7UPtY+naVOTow499mY1b78AAp+Zlw=</latexit><latexit sha1_base64="SqCVkoNJv1DKd0cC4KT05Wi/hsg=">AAAEIniclVPbahRBEO1kvcR4S/TRl8YQSCAus1FiIgRyERTJQiTmAjPDUttbs9tsT/fQ3ZPMMuRv/AOf/QHfxCfBN1/1H6zZbNQ1iqRgoOZUnbrNmXampPNB8Hlisnbl6rXrUzemb966fefuzOy9A2dyK3BfGGXsURscKqlx30uv8CizCGlb4WG7v13FD4/ROmn0Gz/IME6hq2UiBXiCWjOHUcg3eWRlt+fBWnPCt57xqEyj01Z/iUdY0AiOF4N6OAL5OoUL8gY8UqA7fKEgCOjFWF657cWYR3FrZi6oB0+WV9YCHtQfr62uBA3eqAdD++nMsZHttmYn30UdI/IUtRcKnAsbQebjEqyXQuHpdJQ7zED0oYth51hmTkOKLi6L4RFO+TzFOzyhKRKjPR+iv5NKSJ0bpG3KTMH33J+xCvxbLMx9shqXUme5Ry3OGiW54t7w6qK8Iy0KrwbkgLCSxuWiBxaEp7uPdcmsMYm3SNuMdWjqPRrMqLgcds9QjK07RK1L3DhaKF94CwR2MIFc+WrvBMHnFl3ZhCyTurvusXhEj6c0hz4Fqau0MC43O6aN/BVqZzTfteY8gQaoMhZ2SCF66bnsSu8Wwz0BCteb4EVvx5ygFaS5/9d4Qbv2/0VuSi3PafPnPJuW2z3ISIqgflUEpRzoYU13qVGImBptLknUxqZAPx8egyVBpe5sLalPetKjow+ApM4giKdJ5hdEfdE5WK43gnrj9fLcxtZI8FPsAXvIFliDPWUb7CXbZftMsPfsK/vGvtfe1j7UPtY+naVOTow499mY1b78AAp+Zlw=</latexit><latexit sha1_base64="SqCVkoNJv1DKd0cC4KT05Wi/hsg=">AAAEIniclVPbahRBEO1kvcR4S/TRl8YQSCAus1FiIgRyERTJQiTmAjPDUttbs9tsT/fQ3ZPMMuRv/AOf/QHfxCfBN1/1H6zZbNQ1iqRgoOZUnbrNmXampPNB8Hlisnbl6rXrUzemb966fefuzOy9A2dyK3BfGGXsURscKqlx30uv8CizCGlb4WG7v13FD4/ROmn0Gz/IME6hq2UiBXiCWjOHUcg3eWRlt+fBWnPCt57xqEyj01Z/iUdY0AiOF4N6OAL5OoUL8gY8UqA7fKEgCOjFWF657cWYR3FrZi6oB0+WV9YCHtQfr62uBA3eqAdD++nMsZHttmYn30UdI/IUtRcKnAsbQebjEqyXQuHpdJQ7zED0oYth51hmTkOKLi6L4RFO+TzFOzyhKRKjPR+iv5NKSJ0bpG3KTMH33J+xCvxbLMx9shqXUme5Ry3OGiW54t7w6qK8Iy0KrwbkgLCSxuWiBxaEp7uPdcmsMYm3SNuMdWjqPRrMqLgcds9QjK07RK1L3DhaKF94CwR2MIFc+WrvBMHnFl3ZhCyTurvusXhEj6c0hz4Fqau0MC43O6aN/BVqZzTfteY8gQaoMhZ2SCF66bnsSu8Wwz0BCteb4EVvx5ygFaS5/9d4Qbv2/0VuSi3PafPnPJuW2z3ISIqgflUEpRzoYU13qVGImBptLknUxqZAPx8egyVBpe5sLalPetKjow+ApM4giKdJ5hdEfdE5WK43gnrj9fLcxtZI8FPsAXvIFliDPWUb7CXbZftMsPfsK/vGvtfe1j7UPtY+naVOTow499mY1b78AAp+Zlw=</latexit>

Existential Quantification

When exactly can one existentially quantify out a term

from an assertion?

m from m = t? m from {m}k = t?

Quantification becomes complicated in the presence of

encryption!

Abstractability

A position p is ‘abstractable’ inside a term t if we can

replace the subterm at p with something else and build

the rest of t back up.

We can also consider a notion of abstractability w.r.t. a set

of terms S, if we can use (some of the) terms in S to build

the relevant parts of t.

abs(S, t): Set of abstractable positions of t w.r.t S.

AbstractabilityX = {m, r, p, pair(senc(pair(m, x), k), n)}

t = pair(aenc(m, r, p), pair(senc(pair(m, x), k), n))

abs(X, t) = {ε, 0, 00, 01, 02, 1, 10, 11}

<latexit sha1_base64="CyKMVZkSiEt2QxwuFNFIpEX83tg=">AAAK+nicrVbbbttGEGWSNg7ZW9w89mVRy4ADqAYpX+qgEJAiRVsUMeAidRKAEowlOZIWXu4SuytLKsuf6VvR135H3/s3nSWpO103RQlIWu2cOXNmdoZklHGmje//de/+g/fef7jzyPU++PCjjz95vPvpay3HKobLWHKp3kZUA2cCLg0zHN5mCmgacXgTXb+w9jc3oDST4iczy6Cf0qFgAxZTg1tXuw//7EUwZCI37PrnjMVmrKAIOdwAJwmGpyIG0iWBn6Z9j5CehWkz45AjRM2IkAkU3TBRdNIVUkDbCiETlphR1z882vKqmAN00SxC7HARpXtax9jfgnea4Ecnt5AfNaGDOdoKPoCnJO8ZmJo8o0wVBRoIiUeMJ6Rc5tUPXiXcX8ApiLiGzz22Ytly1dHIOplbsVm6Vtpa0NRhwgi4nKC3fxikKZED4vttUlb2W6lAm+8UgOjnvr/w/M9KFpkFVotqFZuWBjFBo5jgfxTTsWKyfyWm0yimsxSzdoIhjeQNrBE0+JO8ruxKP2y0QyU02GifpfnW1Ds29SVuhdGtuiJYNpmumsx164503dx+rQrw/S0Jc0Ale/4vX6zmYZbt51aht6trQXV9FCRtsjLTiOjn1l4siIs7Q68JLztu2iq2rY1CgjuEBE1CSjYOA1OS+ScLtjvILENB3HnpbeU3C1/Kv25txFJsONoMdofyUnhhSbz6HLaaNGic/6DuUrf+ubXnjstxq5qnUl+KF6X4jYL785CNUx4EpVCsTBWYLP/805A1cZE8WB2yZkdoEtHq3VAFmWZcYgqu9xVWrgciWXt0XT3ew2SOO6fPfKQ7enZ26gckOPTLa7HYc+rr4mr3wZNeIuNxCsLEnGodBn5m+jlVhsUcCq831pDR+JoOIUxuWKYFTUH382n58C3IPtoTMpAKP8KQcnfVKaep1rM0QmRKzUhv2uxmky0cm8FZP2ciGxt7QygDDcacGEnskxxPWkFs+AwXNFYM5eIAUkVjg8/7tSi2QFUidsVZpKiaYYZKTnRbj2gG+jAdc8MyzLpNUIpi0zbJpGb2LQHbatu7dhuCTAHhcTumPC68tQzOxStMXPJ+XmaXQbxWznJX6YFe351yMzWK4mYCA4qybF0HQO356vycZhkK6uK97wt7/0MYCkspExYW9vOvExkB+QGEloJcKDkHoACLOHiJbz6i/Q0bMqOfhq9QNnTPqYlHL+UEVIzvUndz2I68vs35nAk2d9uf+6k0f4EVw5pTvmSknGsqSk79TlLQMZVCvqOjkCql+FIJOEjYsKmu0mJiMmIGNB4AhPbe3vdwjLaGZnvxunMY4Mz+eLz3/KweqEfOZ87nzoETOF86z53vnQvn0ol3TnbCnWQHvF+8X73fvN8r6P17tc8TZ+3y/vgbppJZ0w==</latexit><latexit sha1_base64="CyKMVZkSiEt2QxwuFNFIpEX83tg=">AAAK+nicrVbbbttGEGWSNg7ZW9w89mVRy4ADqAYpX+qgEJAiRVsUMeAidRKAEowlOZIWXu4SuytLKsuf6VvR135H3/s3nSWpO103RQlIWu2cOXNmdoZklHGmje//de/+g/fef7jzyPU++PCjjz95vPvpay3HKobLWHKp3kZUA2cCLg0zHN5mCmgacXgTXb+w9jc3oDST4iczy6Cf0qFgAxZTg1tXuw//7EUwZCI37PrnjMVmrKAIOdwAJwmGpyIG0iWBn6Z9j5CehWkz45AjRM2IkAkU3TBRdNIVUkDbCiETlphR1z882vKqmAN00SxC7HARpXtax9jfgnea4Ecnt5AfNaGDOdoKPoCnJO8ZmJo8o0wVBRoIiUeMJ6Rc5tUPXiXcX8ApiLiGzz22Ytly1dHIOplbsVm6Vtpa0NRhwgi4nKC3fxikKZED4vttUlb2W6lAm+8UgOjnvr/w/M9KFpkFVotqFZuWBjFBo5jgfxTTsWKyfyWm0yimsxSzdoIhjeQNrBE0+JO8ruxKP2y0QyU02GifpfnW1Ds29SVuhdGtuiJYNpmumsx164503dx+rQrw/S0Jc0Ale/4vX6zmYZbt51aht6trQXV9FCRtsjLTiOjn1l4siIs7Q68JLztu2iq2rY1CgjuEBE1CSjYOA1OS+ScLtjvILENB3HnpbeU3C1/Kv25txFJsONoMdofyUnhhSbz6HLaaNGic/6DuUrf+ubXnjstxq5qnUl+KF6X4jYL785CNUx4EpVCsTBWYLP/805A1cZE8WB2yZkdoEtHq3VAFmWZcYgqu9xVWrgciWXt0XT3ew2SOO6fPfKQ7enZ26gckOPTLa7HYc+rr4mr3wZNeIuNxCsLEnGodBn5m+jlVhsUcCq831pDR+JoOIUxuWKYFTUH382n58C3IPtoTMpAKP8KQcnfVKaep1rM0QmRKzUhv2uxmky0cm8FZP2ciGxt7QygDDcacGEnskxxPWkFs+AwXNFYM5eIAUkVjg8/7tSi2QFUidsVZpKiaYYZKTnRbj2gG+jAdc8MyzLpNUIpi0zbJpGb2LQHbatu7dhuCTAHhcTumPC68tQzOxStMXPJ+XmaXQbxWznJX6YFe351yMzWK4mYCA4qybF0HQO356vycZhkK6uK97wt7/0MYCkspExYW9vOvExkB+QGEloJcKDkHoACLOHiJbz6i/Q0bMqOfhq9QNnTPqYlHL+UEVIzvUndz2I68vs35nAk2d9uf+6k0f4EVw5pTvmSknGsqSk79TlLQMZVCvqOjkCql+FIJOEjYsKmu0mJiMmIGNB4AhPbe3vdwjLaGZnvxunMY4Mz+eLz3/KweqEfOZ87nzoETOF86z53vnQvn0ol3TnbCnWQHvF+8X73fvN8r6P17tc8TZ+3y/vgbppJZ0w==</latexit><latexit sha1_base64="CyKMVZkSiEt2QxwuFNFIpEX83tg=">AAAK+nicrVbbbttGEGWSNg7ZW9w89mVRy4ADqAYpX+qgEJAiRVsUMeAidRKAEowlOZIWXu4SuytLKsuf6VvR135H3/s3nSWpO103RQlIWu2cOXNmdoZklHGmje//de/+g/fef7jzyPU++PCjjz95vPvpay3HKobLWHKp3kZUA2cCLg0zHN5mCmgacXgTXb+w9jc3oDST4iczy6Cf0qFgAxZTg1tXuw//7EUwZCI37PrnjMVmrKAIOdwAJwmGpyIG0iWBn6Z9j5CehWkz45AjRM2IkAkU3TBRdNIVUkDbCiETlphR1z882vKqmAN00SxC7HARpXtax9jfgnea4Ecnt5AfNaGDOdoKPoCnJO8ZmJo8o0wVBRoIiUeMJ6Rc5tUPXiXcX8ApiLiGzz22Ytly1dHIOplbsVm6Vtpa0NRhwgi4nKC3fxikKZED4vttUlb2W6lAm+8UgOjnvr/w/M9KFpkFVotqFZuWBjFBo5jgfxTTsWKyfyWm0yimsxSzdoIhjeQNrBE0+JO8ruxKP2y0QyU02GifpfnW1Ds29SVuhdGtuiJYNpmumsx164503dx+rQrw/S0Jc0Ale/4vX6zmYZbt51aht6trQXV9FCRtsjLTiOjn1l4siIs7Q68JLztu2iq2rY1CgjuEBE1CSjYOA1OS+ScLtjvILENB3HnpbeU3C1/Kv25txFJsONoMdofyUnhhSbz6HLaaNGic/6DuUrf+ubXnjstxq5qnUl+KF6X4jYL785CNUx4EpVCsTBWYLP/805A1cZE8WB2yZkdoEtHq3VAFmWZcYgqu9xVWrgciWXt0XT3ew2SOO6fPfKQ7enZ26gckOPTLa7HYc+rr4mr3wZNeIuNxCsLEnGodBn5m+jlVhsUcCq831pDR+JoOIUxuWKYFTUH382n58C3IPtoTMpAKP8KQcnfVKaep1rM0QmRKzUhv2uxmky0cm8FZP2ciGxt7QygDDcacGEnskxxPWkFs+AwXNFYM5eIAUkVjg8/7tSi2QFUidsVZpKiaYYZKTnRbj2gG+jAdc8MyzLpNUIpi0zbJpGb2LQHbatu7dhuCTAHhcTumPC68tQzOxStMXPJ+XmaXQbxWznJX6YFe351yMzWK4mYCA4qybF0HQO356vycZhkK6uK97wt7/0MYCkspExYW9vOvExkB+QGEloJcKDkHoACLOHiJbz6i/Q0bMqOfhq9QNnTPqYlHL+UEVIzvUndz2I68vs35nAk2d9uf+6k0f4EVw5pTvmSknGsqSk79TlLQMZVCvqOjkCql+FIJOEjYsKmu0mJiMmIGNB4AhPbe3vdwjLaGZnvxunMY4Mz+eLz3/KweqEfOZ87nzoETOF86z53vnQvn0ol3TnbCnWQHvF+8X73fvN8r6P17tc8TZ+3y/vgbppJZ0w==</latexit><latexit sha1_base64="CyKMVZkSiEt2QxwuFNFIpEX83tg=">AAAK+nicrVbbbttGEGWSNg7ZW9w89mVRy4ADqAYpX+qgEJAiRVsUMeAidRKAEowlOZIWXu4SuytLKsuf6VvR135H3/s3nSWpO103RQlIWu2cOXNmdoZklHGmje//de/+g/fef7jzyPU++PCjjz95vPvpay3HKobLWHKp3kZUA2cCLg0zHN5mCmgacXgTXb+w9jc3oDST4iczy6Cf0qFgAxZTg1tXuw//7EUwZCI37PrnjMVmrKAIOdwAJwmGpyIG0iWBn6Z9j5CehWkz45AjRM2IkAkU3TBRdNIVUkDbCiETlphR1z882vKqmAN00SxC7HARpXtax9jfgnea4Ecnt5AfNaGDOdoKPoCnJO8ZmJo8o0wVBRoIiUeMJ6Rc5tUPXiXcX8ApiLiGzz22Ytly1dHIOplbsVm6Vtpa0NRhwgi4nKC3fxikKZED4vttUlb2W6lAm+8UgOjnvr/w/M9KFpkFVotqFZuWBjFBo5jgfxTTsWKyfyWm0yimsxSzdoIhjeQNrBE0+JO8ruxKP2y0QyU02GifpfnW1Ds29SVuhdGtuiJYNpmumsx164503dx+rQrw/S0Jc0Ale/4vX6zmYZbt51aht6trQXV9FCRtsjLTiOjn1l4siIs7Q68JLztu2iq2rY1CgjuEBE1CSjYOA1OS+ScLtjvILENB3HnpbeU3C1/Kv25txFJsONoMdofyUnhhSbz6HLaaNGic/6DuUrf+ubXnjstxq5qnUl+KF6X4jYL785CNUx4EpVCsTBWYLP/805A1cZE8WB2yZkdoEtHq3VAFmWZcYgqu9xVWrgciWXt0XT3ew2SOO6fPfKQ7enZ26gckOPTLa7HYc+rr4mr3wZNeIuNxCsLEnGodBn5m+jlVhsUcCq831pDR+JoOIUxuWKYFTUH382n58C3IPtoTMpAKP8KQcnfVKaep1rM0QmRKzUhv2uxmky0cm8FZP2ciGxt7QygDDcacGEnskxxPWkFs+AwXNFYM5eIAUkVjg8/7tSi2QFUidsVZpKiaYYZKTnRbj2gG+jAdc8MyzLpNUIpi0zbJpGb2LQHbatu7dhuCTAHhcTumPC68tQzOxStMXPJ+XmaXQbxWznJX6YFe351yMzWK4mYCA4qybF0HQO356vycZhkK6uK97wt7/0MYCkspExYW9vOvExkB+QGEloJcKDkHoACLOHiJbz6i/Q0bMqOfhq9QNnTPqYlHL+UEVIzvUndz2I68vs35nAk2d9uf+6k0f4EVw5pTvmSknGsqSk79TlLQMZVCvqOjkCql+FIJOEjYsKmu0mJiMmIGNB4AhPbe3vdwjLaGZnvxunMY4Mz+eLz3/KweqEfOZ87nzoETOF86z53vnQvn0ol3TnbCnWQHvF+8X73fvN8r6P17tc8TZ+3y/vgbppJZ0w==</latexit>

Abstractability: Assertions

Can provide a similar definition of abstractability for

assertions.

A term-position p is abstractable from an assertion α if

we can replace the term at p with something else and

build the rest of α back up.

abs(S, α): Set of abstractable positions of α w.r.t S.

Abstractability: For assertions

( , =′) = { ⋅ � ∈ ( , )} ∪ { ⋅ � ∈ ( , )}

( , ∧ ) = ( , ∨ ) = { ⋅ � ∈ ( , )} ∪ { ⋅ � ∈ ( , )}

( ,∃ . ) = { ⋅ � ∈ ( ∪ { }, ), ∉ ( � )}

( , ) = { } ∪ { ⋅ � ∈ ( , )}<latexit sha1_base64="zqydxWYmnzy0Kb+u4Bb6NbjCgS8=">AAAF6HiclVRdTxQxFB1WV3H9An30pRGIbIKbWTAIDyQYNBrDJhjkI9nZkDudu7uVTjtpO7BrHX6Db0bjk7/EV/0H/hs7+wGuQIAmM9Pce869p9PThgln2vj+n7HCtevFGzfHb5Vu37l77/7E5INtLVNFcYtKLtVuCBo5E7hlmOG4myiEOOS4E+6v5fmdA1SaSfHedBNsxNASrMkoGBfamywslIIQW0xYZjBmHzErBfmMTAcGO8ZCqLPZzTliyAoxT8ruHVg/oJE0JCFBzKL8wwQZQZtykJGApi5lq5cBT5/dNACetCHgICIn0kCv/ZkIqU4AF+vrs64isl/9fKHYcVulbSerDGpfSsiwfSfIhprmAhKQDgmENEMwM/YAlMPbPib7tGeTrEzOVQNHQ56Grs6ORiVdftHk+D+5RiiiY4vsTUz5Ff/Z/OKyT/zKwvLSol8l1YrfG8eTKW8wNpzNvgeRpGmMwlAOWterfmIaFpRhlOeeSzUmQPehhfXogCVaQIy6YTs9h2dkxuUj0pTKPcKQXvRfkoVY624cOmQMpq3/z+XBs3L11DSXGpaJJDUoaL9RM+XESJIfFxIxhdTwrpsAVczJJbQNCqhxh6o0UqomNp0CyRu21yZBOrKuXlTpph6NdrjpGAUuGGETUm7yBTYRTKpQ2xokCROtFbctT/OtcTCNJgYmcli9YV9EMkTyFoWWgmwoOQQ4ATlidt2dczH3krWY0eX6JgWOKzUwtL0uD1FRd3NcXOO1Qtw/j1xjgg1pM0Oeiu1aGxJQCvhJReBcg+jV1FeS4oixFPKKRCFVDO4KRXd6nHNi3V8WE4dtZ2TtNgCdDX2/UXJ+PuXe05Pt+UrVr1TfzU+tvho4e9x75D32Zr2q99xb9d54G96WRwvfCj8Lvwq/ix+Kn4tfil/70MLYgPPQGxnFH38B9vEEvw==</latexit><latexit sha1_base64="zqydxWYmnzy0Kb+u4Bb6NbjCgS8=">AAAF6HiclVRdTxQxFB1WV3H9An30pRGIbIKbWTAIDyQYNBrDJhjkI9nZkDudu7uVTjtpO7BrHX6Db0bjk7/EV/0H/hs7+wGuQIAmM9Pce869p9PThgln2vj+n7HCtevFGzfHb5Vu37l77/7E5INtLVNFcYtKLtVuCBo5E7hlmOG4myiEOOS4E+6v5fmdA1SaSfHedBNsxNASrMkoGBfamywslIIQW0xYZjBmHzErBfmMTAcGO8ZCqLPZzTliyAoxT8ruHVg/oJE0JCFBzKL8wwQZQZtykJGApi5lq5cBT5/dNACetCHgICIn0kCv/ZkIqU4AF+vrs64isl/9fKHYcVulbSerDGpfSsiwfSfIhprmAhKQDgmENEMwM/YAlMPbPib7tGeTrEzOVQNHQ56Grs6ORiVdftHk+D+5RiiiY4vsTUz5Ff/Z/OKyT/zKwvLSol8l1YrfG8eTKW8wNpzNvgeRpGmMwlAOWterfmIaFpRhlOeeSzUmQPehhfXogCVaQIy6YTs9h2dkxuUj0pTKPcKQXvRfkoVY624cOmQMpq3/z+XBs3L11DSXGpaJJDUoaL9RM+XESJIfFxIxhdTwrpsAVczJJbQNCqhxh6o0UqomNp0CyRu21yZBOrKuXlTpph6NdrjpGAUuGGETUm7yBTYRTKpQ2xokCROtFbctT/OtcTCNJgYmcli9YV9EMkTyFoWWgmwoOQQ4ATlidt2dczH3krWY0eX6JgWOKzUwtL0uD1FRd3NcXOO1Qtw/j1xjgg1pM0Oeiu1aGxJQCvhJReBcg+jV1FeS4oixFPKKRCFVDO4KRXd6nHNi3V8WE4dtZ2TtNgCdDX2/UXJ+PuXe05Pt+UrVr1TfzU+tvho4e9x75D32Zr2q99xb9d54G96WRwvfCj8Lvwq/ix+Kn4tfil/70MLYgPPQGxnFH38B9vEEvw==</latexit><latexit sha1_base64="zqydxWYmnzy0Kb+u4Bb6NbjCgS8=">AAAF6HiclVRdTxQxFB1WV3H9An30pRGIbIKbWTAIDyQYNBrDJhjkI9nZkDudu7uVTjtpO7BrHX6Db0bjk7/EV/0H/hs7+wGuQIAmM9Pce869p9PThgln2vj+n7HCtevFGzfHb5Vu37l77/7E5INtLVNFcYtKLtVuCBo5E7hlmOG4myiEOOS4E+6v5fmdA1SaSfHedBNsxNASrMkoGBfamywslIIQW0xYZjBmHzErBfmMTAcGO8ZCqLPZzTliyAoxT8ruHVg/oJE0JCFBzKL8wwQZQZtykJGApi5lq5cBT5/dNACetCHgICIn0kCv/ZkIqU4AF+vrs64isl/9fKHYcVulbSerDGpfSsiwfSfIhprmAhKQDgmENEMwM/YAlMPbPib7tGeTrEzOVQNHQ56Grs6ORiVdftHk+D+5RiiiY4vsTUz5Ff/Z/OKyT/zKwvLSol8l1YrfG8eTKW8wNpzNvgeRpGmMwlAOWterfmIaFpRhlOeeSzUmQPehhfXogCVaQIy6YTs9h2dkxuUj0pTKPcKQXvRfkoVY624cOmQMpq3/z+XBs3L11DSXGpaJJDUoaL9RM+XESJIfFxIxhdTwrpsAVczJJbQNCqhxh6o0UqomNp0CyRu21yZBOrKuXlTpph6NdrjpGAUuGGETUm7yBTYRTKpQ2xokCROtFbctT/OtcTCNJgYmcli9YV9EMkTyFoWWgmwoOQQ4ATlidt2dczH3krWY0eX6JgWOKzUwtL0uD1FRd3NcXOO1Qtw/j1xjgg1pM0Oeiu1aGxJQCvhJReBcg+jV1FeS4oixFPKKRCFVDO4KRXd6nHNi3V8WE4dtZ2TtNgCdDX2/UXJ+PuXe05Pt+UrVr1TfzU+tvho4e9x75D32Zr2q99xb9d54G96WRwvfCj8Lvwq/ix+Kn4tfil/70MLYgPPQGxnFH38B9vEEvw==</latexit><latexit sha1_base64="zqydxWYmnzy0Kb+u4Bb6NbjCgS8=">AAAF6HiclVRdTxQxFB1WV3H9An30pRGIbIKbWTAIDyQYNBrDJhjkI9nZkDudu7uVTjtpO7BrHX6Db0bjk7/EV/0H/hs7+wGuQIAmM9Pce869p9PThgln2vj+n7HCtevFGzfHb5Vu37l77/7E5INtLVNFcYtKLtVuCBo5E7hlmOG4myiEOOS4E+6v5fmdA1SaSfHedBNsxNASrMkoGBfamywslIIQW0xYZjBmHzErBfmMTAcGO8ZCqLPZzTliyAoxT8ruHVg/oJE0JCFBzKL8wwQZQZtykJGApi5lq5cBT5/dNACetCHgICIn0kCv/ZkIqU4AF+vrs64isl/9fKHYcVulbSerDGpfSsiwfSfIhprmAhKQDgmENEMwM/YAlMPbPib7tGeTrEzOVQNHQ56Grs6ORiVdftHk+D+5RiiiY4vsTUz5Ff/Z/OKyT/zKwvLSol8l1YrfG8eTKW8wNpzNvgeRpGmMwlAOWterfmIaFpRhlOeeSzUmQPehhfXogCVaQIy6YTs9h2dkxuUj0pTKPcKQXvRfkoVY624cOmQMpq3/z+XBs3L11DSXGpaJJDUoaL9RM+XESJIfFxIxhdTwrpsAVczJJbQNCqhxh6o0UqomNp0CyRu21yZBOrKuXlTpph6NdrjpGAUuGGETUm7yBTYRTKpQ2xokCROtFbctT/OtcTCNJgYmcli9YV9EMkTyFoWWgmwoOQQ4ATlidt2dczH3krWY0eX6JgWOKzUwtL0uD1FRd3NcXOO1Qtw/j1xjgg1pM0Oeiu1aGxJQCvhJReBcg+jV1FeS4oixFPKKRCFVDO4KRXd6nHNi3V8WE4dtZ2TtNgCdDX2/UXJ+PuXe05Pt+UrVr1TfzU+tvho4e9x75D32Zr2q99xb9d54G96WRwvfCj8Lvwq/ix+Kn4tfil/70MLYgPPQGxnFH38B9vEEvw==</latexit>

Abstractability: AssertionsX = {senc(m, k), k}

α = ∃x.[senc(x, k) = senc(m, k)]

abs(X, α) = {001, 01, 010, 011}

∃

<latexit sha1_base64="02JoJoPEeZZoHrlomJStyT+EEdQ=">AAAJL3icnVbdbts2FFabebO8nzbt5W6IxQVSwDMkZ8UKDAa6dtiGoQEydGkL2EJAUcc2Z4oUSDq2J+gderu9xZ5m2M2w273FDmUriWI7a0cgNn34fed855CHTJwJbmwQ/Hnr9t57jfc/aPqtDz/6+JM7d/fvvTRqphmcMiWUfh1TA4JLOLXcCnidaaBpLOBVPH3m1l+dgzZcyZ/sMoMopWPJR5xRi6az/cbeMIYxl7nl018yzuxMQzEQcA6CJBieSgakT8JemkYtQoYOZuxSQI4QvSRSJVD0B4mm875UEjoWFrYfC8qmHaeJzHliJ/2ge7ThYBUkRLbhMWLHFwH7jx7tQPe2oY92oY+2oXvBDvQX29BhhXaJHsJDkreHsMBVQxbtAhcIYRMuElJO89VXOUpCgAQyxAIOSdHyK3A5yyuo76+gDjt05csNSFYUl64caEWsmfL6z8qN89OuxNVXBzEINUc5QTdMU6JGBOEdUu6ehqRDrmwZAqIcl6/5+d+yQidr+taywrWsb5UGY7/TANLJCW+Q41/UHQ/wyNb93Zxl5cYnBakFIJsJ1nYZKav8wm2751+pj78ujF9VJCw3Km0XV81bShEGW0sRBhXxbWLVqn9DrO1lD8N6rMtR+tF8PKmXe4eb62xyYdjhZ+2mvE8ikq9TXn1up0CNgt16TjVkhgsl24Xf+oqQ1hBkUrvvzu4eBN2gHGRzEq4nB956nJzt790fJorNUpCWCWrMIAwyG+VUW84EFK3hzECGAugYBsk5z4ykKZgoX5Q3dkEe4HpCRkrjn7SktF4l5TQ1ZpnGiEypnZjra864bW0ws6PHUc5lNrPuGJaBRjNBrCLu+seLTQOzYokTyjRHuXjCqabM4iNRi+IKtErEzQSPNdVLzFCruemYCc3AdNOZsDzDrDsEpWi+6JBMGe6eFrxFN9lr2hhUCghnHUYFK1q1DI7lC0xciSgvs8uA1cpZWrUZmbp1IezCaorGBEYUZbm6joC6/TX5Mc0yFNTH/vzc9SjCUFhKuXSwQZR/nagYyA8gjZLkRKsKgAIc4vA5Ppey8w0fc2seDl6gbOgfU8smz9UcNMMH+L99uC6Y7iIfc8kr2oOKp9P8GVYMa07FpUcqhKGy9GneSQoSUyXVOxKl0inF/0QAGwkPbGpWaXE5n3ALBjcA8PQHQdTCNgqvN83m5GWvG2K3/tg7ePJ03VBN71PvM+/QC70vvSfe996Jd+qxxs+NN41fG781f2/+0fyr+fcKevvWmnPfq43mP/8CLxbPNA==</latexit><latexit sha1_base64="02JoJoPEeZZoHrlomJStyT+EEdQ=">AAAJL3icnVbdbts2FFabebO8nzbt5W6IxQVSwDMkZ8UKDAa6dtiGoQEydGkL2EJAUcc2Z4oUSDq2J+gderu9xZ5m2M2w273FDmUriWI7a0cgNn34fed855CHTJwJbmwQ/Hnr9t57jfc/aPqtDz/6+JM7d/fvvTRqphmcMiWUfh1TA4JLOLXcCnidaaBpLOBVPH3m1l+dgzZcyZ/sMoMopWPJR5xRi6az/cbeMIYxl7nl018yzuxMQzEQcA6CJBieSgakT8JemkYtQoYOZuxSQI4QvSRSJVD0B4mm875UEjoWFrYfC8qmHaeJzHliJ/2ge7ThYBUkRLbhMWLHFwH7jx7tQPe2oY92oY+2oXvBDvQX29BhhXaJHsJDkreHsMBVQxbtAhcIYRMuElJO89VXOUpCgAQyxAIOSdHyK3A5yyuo76+gDjt05csNSFYUl64caEWsmfL6z8qN89OuxNVXBzEINUc5QTdMU6JGBOEdUu6ehqRDrmwZAqIcl6/5+d+yQidr+taywrWsb5UGY7/TANLJCW+Q41/UHQ/wyNb93Zxl5cYnBakFIJsJ1nYZKav8wm2751+pj78ujF9VJCw3Km0XV81bShEGW0sRBhXxbWLVqn9DrO1lD8N6rMtR+tF8PKmXe4eb62xyYdjhZ+2mvE8ikq9TXn1up0CNgt16TjVkhgsl24Xf+oqQ1hBkUrvvzu4eBN2gHGRzEq4nB956nJzt790fJorNUpCWCWrMIAwyG+VUW84EFK3hzECGAugYBsk5z4ykKZgoX5Q3dkEe4HpCRkrjn7SktF4l5TQ1ZpnGiEypnZjra864bW0ws6PHUc5lNrPuGJaBRjNBrCLu+seLTQOzYokTyjRHuXjCqabM4iNRi+IKtErEzQSPNdVLzFCruemYCc3AdNOZsDzDrDsEpWi+6JBMGe6eFrxFN9lr2hhUCghnHUYFK1q1DI7lC0xciSgvs8uA1cpZWrUZmbp1IezCaorGBEYUZbm6joC6/TX5Mc0yFNTH/vzc9SjCUFhKuXSwQZR/nagYyA8gjZLkRKsKgAIc4vA5Ppey8w0fc2seDl6gbOgfU8smz9UcNMMH+L99uC6Y7iIfc8kr2oOKp9P8GVYMa07FpUcqhKGy9GneSQoSUyXVOxKl0inF/0QAGwkPbGpWaXE5n3ALBjcA8PQHQdTCNgqvN83m5GWvG2K3/tg7ePJ03VBN71PvM+/QC70vvSfe996Jd+qxxs+NN41fG781f2/+0fyr+fcKevvWmnPfq43mP/8CLxbPNA==</latexit><latexit sha1_base64="02JoJoPEeZZoHrlomJStyT+EEdQ=">AAAJL3icnVbdbts2FFabebO8nzbt5W6IxQVSwDMkZ8UKDAa6dtiGoQEydGkL2EJAUcc2Z4oUSDq2J+gderu9xZ5m2M2w273FDmUriWI7a0cgNn34fed855CHTJwJbmwQ/Hnr9t57jfc/aPqtDz/6+JM7d/fvvTRqphmcMiWUfh1TA4JLOLXcCnidaaBpLOBVPH3m1l+dgzZcyZ/sMoMopWPJR5xRi6az/cbeMIYxl7nl018yzuxMQzEQcA6CJBieSgakT8JemkYtQoYOZuxSQI4QvSRSJVD0B4mm875UEjoWFrYfC8qmHaeJzHliJ/2ge7ThYBUkRLbhMWLHFwH7jx7tQPe2oY92oY+2oXvBDvQX29BhhXaJHsJDkreHsMBVQxbtAhcIYRMuElJO89VXOUpCgAQyxAIOSdHyK3A5yyuo76+gDjt05csNSFYUl64caEWsmfL6z8qN89OuxNVXBzEINUc5QTdMU6JGBOEdUu6ehqRDrmwZAqIcl6/5+d+yQidr+taywrWsb5UGY7/TANLJCW+Q41/UHQ/wyNb93Zxl5cYnBakFIJsJ1nYZKav8wm2751+pj78ujF9VJCw3Km0XV81bShEGW0sRBhXxbWLVqn9DrO1lD8N6rMtR+tF8PKmXe4eb62xyYdjhZ+2mvE8ikq9TXn1up0CNgt16TjVkhgsl24Xf+oqQ1hBkUrvvzu4eBN2gHGRzEq4nB956nJzt790fJorNUpCWCWrMIAwyG+VUW84EFK3hzECGAugYBsk5z4ykKZgoX5Q3dkEe4HpCRkrjn7SktF4l5TQ1ZpnGiEypnZjra864bW0ws6PHUc5lNrPuGJaBRjNBrCLu+seLTQOzYokTyjRHuXjCqabM4iNRi+IKtErEzQSPNdVLzFCruemYCc3AdNOZsDzDrDsEpWi+6JBMGe6eFrxFN9lr2hhUCghnHUYFK1q1DI7lC0xciSgvs8uA1cpZWrUZmbp1IezCaorGBEYUZbm6joC6/TX5Mc0yFNTH/vzc9SjCUFhKuXSwQZR/nagYyA8gjZLkRKsKgAIc4vA5Ppey8w0fc2seDl6gbOgfU8smz9UcNMMH+L99uC6Y7iIfc8kr2oOKp9P8GVYMa07FpUcqhKGy9GneSQoSUyXVOxKl0inF/0QAGwkPbGpWaXE5n3ALBjcA8PQHQdTCNgqvN83m5GWvG2K3/tg7ePJ03VBN71PvM+/QC70vvSfe996Jd+qxxs+NN41fG781f2/+0fyr+fcKevvWmnPfq43mP/8CLxbPNA==</latexit><latexit sha1_base64="02JoJoPEeZZoHrlomJStyT+EEdQ=">AAAJL3icnVbdbts2FFabebO8nzbt5W6IxQVSwDMkZ8UKDAa6dtiGoQEydGkL2EJAUcc2Z4oUSDq2J+gderu9xZ5m2M2w273FDmUriWI7a0cgNn34fed855CHTJwJbmwQ/Hnr9t57jfc/aPqtDz/6+JM7d/fvvTRqphmcMiWUfh1TA4JLOLXcCnidaaBpLOBVPH3m1l+dgzZcyZ/sMoMopWPJR5xRi6az/cbeMIYxl7nl018yzuxMQzEQcA6CJBieSgakT8JemkYtQoYOZuxSQI4QvSRSJVD0B4mm875UEjoWFrYfC8qmHaeJzHliJ/2ge7ThYBUkRLbhMWLHFwH7jx7tQPe2oY92oY+2oXvBDvQX29BhhXaJHsJDkreHsMBVQxbtAhcIYRMuElJO89VXOUpCgAQyxAIOSdHyK3A5yyuo76+gDjt05csNSFYUl64caEWsmfL6z8qN89OuxNVXBzEINUc5QTdMU6JGBOEdUu6ehqRDrmwZAqIcl6/5+d+yQidr+taywrWsb5UGY7/TANLJCW+Q41/UHQ/wyNb93Zxl5cYnBakFIJsJ1nYZKav8wm2751+pj78ujF9VJCw3Km0XV81bShEGW0sRBhXxbWLVqn9DrO1lD8N6rMtR+tF8PKmXe4eb62xyYdjhZ+2mvE8ikq9TXn1up0CNgt16TjVkhgsl24Xf+oqQ1hBkUrvvzu4eBN2gHGRzEq4nB956nJzt790fJorNUpCWCWrMIAwyG+VUW84EFK3hzECGAugYBsk5z4ykKZgoX5Q3dkEe4HpCRkrjn7SktF4l5TQ1ZpnGiEypnZjra864bW0ws6PHUc5lNrPuGJaBRjNBrCLu+seLTQOzYokTyjRHuXjCqabM4iNRi+IKtErEzQSPNdVLzFCruemYCc3AdNOZsDzDrDsEpWi+6JBMGe6eFrxFN9lr2hhUCghnHUYFK1q1DI7lC0xciSgvs8uA1cpZWrUZmbp1IezCaorGBEYUZbm6joC6/TX5Mc0yFNTH/vzc9SjCUFhKuXSwQZR/nagYyA8gjZLkRKsKgAIc4vA5Ppey8w0fc2seDl6gbOgfU8smz9UcNMMH+L99uC6Y7iIfc8kr2oOKp9P8GVYMa07FpUcqhKGy9GneSQoSUyXVOxKl0inF/0QAGwkPbGpWaXE5n3ALBjcA8PQHQdTCNgqvN83m5GWvG2K3/tg7ePJ03VBN71PvM+/QC70vvSfe996Jd+qxxs+NN41fG781f2/+0fyr+fcKevvWmnPfq43mP/8CLxbPNA==</latexit>

Inference system for Assertions

Sequents now of the form S; A ⊢ α.

Simple equality rule: if t derivable from S, can state t = t.

Some rules for manipulating equality make use of

abstractability.

Inference system for AssertionsAbstractability used by projection, substitution,

existential introduction etc.

Can go from α(t) to α(u) if all occurrences of t

abstractable from α w.r.t. the set of terms S.

Restricted contradiction rule: two terms t and u such

that the structure of t and u can be determined (maybe

using abstractability!) to be different, but S; A ⊢ t = u.

; ∪ { } �

�

; � =

; � ( , . . , ) = ( , . . , )[ , ]

; � =

; � =

� [ � � ]; �

; � [ ] ; � =

[ , � ]; � [ ]

<latexit sha1_base64="9C2DlkkDbrq6LpZRHDXhFP/fzTY=">AAAKlHicrVbrbuNEFPYW2CzmtgWJP/wZUaVqpRKcgpauoNKuCgKhLSoK7a4Um2hsj5PZjMfuXNpEw/SleAlegbfh2LG7SRonFOEo8syc23fO+WbGYc6oVJ7394Ott95+52Hr0bvue+9/8OFHj7c/vpCZFhE5jzKWiVchloRRTs4VVYy8ygXBacjIy3B8UshfXhEhacZ/U9OcBCkecprQCCtYGmw//MuXKWbM9UMypNwoHGqGhTV/RPCzrj8qPLt+qpmiEE6n3ByWUmus768W1M5SrEa2nuQiyxIlCIGV11oqAEEkcnvfoufIj3SOfONjlo+wb5F/FWM5QrM58rWkfIh8RSaQocET8EB4vOCxmM/CwaQBVol3ls9uMVwPslehGJg6cDy1Fql59DPwM7AKHcN/CSu5XIt1dyOIuQClT5mYxO6pgenaA+SzOFN59TpAsCrsPsCY09QrNXWp2ZjJwFALbnT5dquUbssA8F5bW8r8S41j1FcDWvikN6WKwaFUAkdAJUbQdUd0VMfe9IJ1hYB27N6vO0uV103JLHEozFSNGhp8UdmXy3otwvYCoPZdRO0GwoyreHdBgZcGzGUZ87HdG+/f1M4knkp7s3pLlDJwtwS//V+pVu1E21fBwJzZFRmUNUdNRb+115X9ElwNDHnDnrW0Ae6ihsqub9gipdrF+F/0cC6J8crSNzdtZWc0B+MNrWnv3hPZ/38SNCW1dBS0N58FvvH8CHwjOBK61Qj5KY2LFyOXSBTne8EAomBWO0qg+zbYUKeihbM+VrdSIatvrMHjHa/jfX345KmHvM5XT4+eeF3U7XjlczvYcarnbLC99acfZ5FOCVcRw1L2u16uAoMF3BysIJOWJMfRGA9JP76iueQ4JTIwk/LatagN8hglmYA/V6hcnTcyOJVymoagWSQgl2VlVitkfa2So8BQnmtFeDQLlGiGVIaKOxzFVJBIsSkMcCQowEXRCBd7B276hShzlVyIcMp7ACxjQVlamZNoId1yVchELq5OmJrAFoXFmCQYbtgi74RgpQWR5hTnOZDjGDr6RdFVUIMep5jyQq0fmOdxFhL0M+Ey4+hMZLUCACg09l7ANwk/+J4OqZL7/V6EGTk+xSoavciuiYjgK2ezjx8h13GT8SnltDZr13YiNScjnGMhMHvjET6JJOalT3kvKGCYZjy7pyHPBHyFUUmusABCpXKWFuXXI6qIhAYQYKfnBS7Q/A6p7w4uDjtdr9P99XDn2VFF+EfOZ87nzp7Tdb5xnjk/OWfOuRO1vmydt35vDdxP3e/cE/eHmerWg8rmE2fhcX/5B6hywtw=</latexit><latexit sha1_base64="9C2DlkkDbrq6LpZRHDXhFP/fzTY=">AAAKlHicrVbrbuNEFPYW2CzmtgWJP/wZUaVqpRKcgpauoNKuCgKhLSoK7a4Um2hsj5PZjMfuXNpEw/SleAlegbfh2LG7SRonFOEo8syc23fO+WbGYc6oVJ7394Ott95+52Hr0bvue+9/8OFHj7c/vpCZFhE5jzKWiVchloRRTs4VVYy8ygXBacjIy3B8UshfXhEhacZ/U9OcBCkecprQCCtYGmw//MuXKWbM9UMypNwoHGqGhTV/RPCzrj8qPLt+qpmiEE6n3ByWUmus768W1M5SrEa2nuQiyxIlCIGV11oqAEEkcnvfoufIj3SOfONjlo+wb5F/FWM5QrM58rWkfIh8RSaQocET8EB4vOCxmM/CwaQBVol3ls9uMVwPslehGJg6cDy1Fql59DPwM7AKHcN/CSu5XIt1dyOIuQClT5mYxO6pgenaA+SzOFN59TpAsCrsPsCY09QrNXWp2ZjJwFALbnT5dquUbssA8F5bW8r8S41j1FcDWvikN6WKwaFUAkdAJUbQdUd0VMfe9IJ1hYB27N6vO0uV103JLHEozFSNGhp8UdmXy3otwvYCoPZdRO0GwoyreHdBgZcGzGUZ87HdG+/f1M4knkp7s3pLlDJwtwS//V+pVu1E21fBwJzZFRmUNUdNRb+115X9ElwNDHnDnrW0Ae6ihsqub9gipdrF+F/0cC6J8crSNzdtZWc0B+MNrWnv3hPZ/38SNCW1dBS0N58FvvH8CHwjOBK61Qj5KY2LFyOXSBTne8EAomBWO0qg+zbYUKeihbM+VrdSIatvrMHjHa/jfX345KmHvM5XT4+eeF3U7XjlczvYcarnbLC99acfZ5FOCVcRw1L2u16uAoMF3BysIJOWJMfRGA9JP76iueQ4JTIwk/LatagN8hglmYA/V6hcnTcyOJVymoagWSQgl2VlVitkfa2So8BQnmtFeDQLlGiGVIaKOxzFVJBIsSkMcCQowEXRCBd7B276hShzlVyIcMp7ACxjQVlamZNoId1yVchELq5OmJrAFoXFmCQYbtgi74RgpQWR5hTnOZDjGDr6RdFVUIMep5jyQq0fmOdxFhL0M+Ey4+hMZLUCACg09l7ANwk/+J4OqZL7/V6EGTk+xSoavciuiYjgK2ezjx8h13GT8SnltDZr13YiNScjnGMhMHvjET6JJOalT3kvKGCYZjy7pyHPBHyFUUmusABCpXKWFuXXI6qIhAYQYKfnBS7Q/A6p7w4uDjtdr9P99XDn2VFF+EfOZ87nzp7Tdb5xnjk/OWfOuRO1vmydt35vDdxP3e/cE/eHmerWg8rmE2fhcX/5B6hywtw=</latexit><latexit sha1_base64="9C2DlkkDbrq6LpZRHDXhFP/fzTY=">AAAKlHicrVbrbuNEFPYW2CzmtgWJP/wZUaVqpRKcgpauoNKuCgKhLSoK7a4Um2hsj5PZjMfuXNpEw/SleAlegbfh2LG7SRonFOEo8syc23fO+WbGYc6oVJ7394Ott95+52Hr0bvue+9/8OFHj7c/vpCZFhE5jzKWiVchloRRTs4VVYy8ygXBacjIy3B8UshfXhEhacZ/U9OcBCkecprQCCtYGmw//MuXKWbM9UMypNwoHGqGhTV/RPCzrj8qPLt+qpmiEE6n3ByWUmus768W1M5SrEa2nuQiyxIlCIGV11oqAEEkcnvfoufIj3SOfONjlo+wb5F/FWM5QrM58rWkfIh8RSaQocET8EB4vOCxmM/CwaQBVol3ls9uMVwPslehGJg6cDy1Fql59DPwM7AKHcN/CSu5XIt1dyOIuQClT5mYxO6pgenaA+SzOFN59TpAsCrsPsCY09QrNXWp2ZjJwFALbnT5dquUbssA8F5bW8r8S41j1FcDWvikN6WKwaFUAkdAJUbQdUd0VMfe9IJ1hYB27N6vO0uV103JLHEozFSNGhp8UdmXy3otwvYCoPZdRO0GwoyreHdBgZcGzGUZ87HdG+/f1M4knkp7s3pLlDJwtwS//V+pVu1E21fBwJzZFRmUNUdNRb+115X9ElwNDHnDnrW0Ae6ihsqub9gipdrF+F/0cC6J8crSNzdtZWc0B+MNrWnv3hPZ/38SNCW1dBS0N58FvvH8CHwjOBK61Qj5KY2LFyOXSBTne8EAomBWO0qg+zbYUKeihbM+VrdSIatvrMHjHa/jfX345KmHvM5XT4+eeF3U7XjlczvYcarnbLC99acfZ5FOCVcRw1L2u16uAoMF3BysIJOWJMfRGA9JP76iueQ4JTIwk/LatagN8hglmYA/V6hcnTcyOJVymoagWSQgl2VlVitkfa2So8BQnmtFeDQLlGiGVIaKOxzFVJBIsSkMcCQowEXRCBd7B276hShzlVyIcMp7ACxjQVlamZNoId1yVchELq5OmJrAFoXFmCQYbtgi74RgpQWR5hTnOZDjGDr6RdFVUIMep5jyQq0fmOdxFhL0M+Ey4+hMZLUCACg09l7ANwk/+J4OqZL7/V6EGTk+xSoavciuiYjgK2ezjx8h13GT8SnltDZr13YiNScjnGMhMHvjET6JJOalT3kvKGCYZjy7pyHPBHyFUUmusABCpXKWFuXXI6qIhAYQYKfnBS7Q/A6p7w4uDjtdr9P99XDn2VFF+EfOZ87nzp7Tdb5xnjk/OWfOuRO1vmydt35vDdxP3e/cE/eHmerWg8rmE2fhcX/5B6hywtw=</latexit><latexit sha1_base64="9C2DlkkDbrq6LpZRHDXhFP/fzTY=">AAAKlHicrVbrbuNEFPYW2CzmtgWJP/wZUaVqpRKcgpauoNKuCgKhLSoK7a4Um2hsj5PZjMfuXNpEw/SleAlegbfh2LG7SRonFOEo8syc23fO+WbGYc6oVJ7394Ott95+52Hr0bvue+9/8OFHj7c/vpCZFhE5jzKWiVchloRRTs4VVYy8ygXBacjIy3B8UshfXhEhacZ/U9OcBCkecprQCCtYGmw//MuXKWbM9UMypNwoHGqGhTV/RPCzrj8qPLt+qpmiEE6n3ByWUmus768W1M5SrEa2nuQiyxIlCIGV11oqAEEkcnvfoufIj3SOfONjlo+wb5F/FWM5QrM58rWkfIh8RSaQocET8EB4vOCxmM/CwaQBVol3ls9uMVwPslehGJg6cDy1Fql59DPwM7AKHcN/CSu5XIt1dyOIuQClT5mYxO6pgenaA+SzOFN59TpAsCrsPsCY09QrNXWp2ZjJwFALbnT5dquUbssA8F5bW8r8S41j1FcDWvikN6WKwaFUAkdAJUbQdUd0VMfe9IJ1hYB27N6vO0uV103JLHEozFSNGhp8UdmXy3otwvYCoPZdRO0GwoyreHdBgZcGzGUZ87HdG+/f1M4knkp7s3pLlDJwtwS//V+pVu1E21fBwJzZFRmUNUdNRb+115X9ElwNDHnDnrW0Ae6ihsqub9gipdrF+F/0cC6J8crSNzdtZWc0B+MNrWnv3hPZ/38SNCW1dBS0N58FvvH8CHwjOBK61Qj5KY2LFyOXSBTne8EAomBWO0qg+zbYUKeihbM+VrdSIatvrMHjHa/jfX345KmHvM5XT4+eeF3U7XjlczvYcarnbLC99acfZ5FOCVcRw1L2u16uAoMF3BysIJOWJMfRGA9JP76iueQ4JTIwk/LatagN8hglmYA/V6hcnTcyOJVymoagWSQgl2VlVitkfa2So8BQnmtFeDQLlGiGVIaKOxzFVJBIsSkMcCQowEXRCBd7B276hShzlVyIcMp7ACxjQVlamZNoId1yVchELq5OmJrAFoXFmCQYbtgi74RgpQWR5hTnOZDjGDr6RdFVUIMep5jyQq0fmOdxFhL0M+Ey4+hMZLUCACg09l7ANwk/+J4OqZL7/V6EGTk+xSoavciuiYjgK2ezjx8h13GT8SnltDZr13YiNScjnGMhMHvjET6JJOalT3kvKGCYZjy7pyHPBHyFUUmusABCpXKWFuXXI6qIhAYQYKfnBS7Q/A6p7w4uDjtdr9P99XDn2VFF+EfOZ87nzp7Tdb5xnjk/OWfOuRO1vmydt35vDdxP3e/cE/eHmerWg8rmE2fhcX/5B6hywtw=</latexit>

Inference system for Assertions

A says is essentially a signature with A’s private key, can

be removed by an unsay rule.

Rules for logical operators ∧, ∨ and ∃ are as in standard

intuitionistic logic (caveat of abstractability for ∃i).

� ; �

; � ( )

; �

; �

; � ; �

∧

; � ∧

; � ∧

∧

; �

; �

∨

; � ∨

; � ∨ ; ∪ { } � ; ∪ { } �∨

; �

; � [ ]∃ [ ]

; � ∃ .

; � ∃ . [ ] ∪ { }; ∪ { [ ] } �∃ [ ]

; �

<latexit sha1_base64="9B4N1vQNE9FSphxpPLFkLR0mDww=">AAAKI3ictVZNj9tEGHYXCI356sKRy4hV260EkbOgshWq1KpIINSVFoXtVoqtdDx+HQ8Zz5iZ8W6iYfbf8Au48we4IS4cuHGF38DYcdJkk+yHoJOLM+/X8z7Pa8/EBaNKB8EfN7Zee/2N1ps32/5bb7/z7nu3tt9/pkQpCRwRwYR8HmMFjHI40lQzeF5IwHnM4DgePansxycgFRX8Oz0pIMrxkNOUEqzd1mC7dRyqHDPmhzEMKTcaxyXD0pofiftZP8yqzP6dMJx55FhndvankEKkWgJYv4fCkwSrbGBCDWMHxSQTa9EIhT+UOEG9L9DjxgOFmBUZ9sPvS6UdFlDL1ircFCO7O7p3Nsul8ETZs2kgCktF+RAt2fwQeLKIp/4/BXvnUuwL5Udra24EuxZRyV3shZAcnzWnV6d3pejABHYjuQPTtRdjnoYzzJOFkHkj1f5USEPt/0fuBaUvQ0vXggNrK9Mrp5pejU0h15Ip5Cvjsikag8ZLw0DKAoVm6hPaeUwCbL1jlWDFb2PPTZqV/uDi/q4tRXuxatON7etoYA6tj9zaBBDG7tupzNh2zr2hjWEuR8NFX09fe4NjpSUm7jvIAJ12ZEd37Fkv+k+qtddBsxW4eUvjuqWZMDNVJqFd0GjuPKmdz6vlt6+m1hID8JKBScMAVejFi1SCyu7etRG6up61YXaADG7tBJ3gs737DwIUdD59sH8/6KJuJ6jX/GHHa9bhYHvr5zARpMyBa8KwUv1uUOjIYKkpYVXdUkGByQgPoZ+c0EJxnIOKzLg+BS267ewJSt3bkAquUb27GGRwrtQkj51nhV6dt9UtrbH1S53uR4byotTAybRQWjKkBaqOVJRQCUSziXvARFIHF5EMV0PkDt6lKgssLlU44D0HTLCo5lUVQJbarXelStXy7pjpsZtVt5lAikumq75TwLp04pkDXBRO74dO008qXZ2bAp1jyiu3fmQeJyIG9A1wJTg6lGLm4ABUHrtP3RWBf/wlHVKt7vV7BDN4eIA1yZ6KU5DEXTouz/GV63W0KfiAcjoLuz2Lk7l5kuECS4nZy4zuhqIwr3Oqa0Fxgbng4pqBXEh3KaIKTrB0A5WraVuUn2ZUg3ICgJvOIIh8N+YrQ7368Gyv0w063W/3dh7tNwN/0/vQ+8jb9bre594j72vv0DvySOuX1l+tv1v/tH9q/9r+rf371HXrRhPzgbe02n/+C3L8n64=</latexit><latexit sha1_base64="9B4N1vQNE9FSphxpPLFkLR0mDww=">AAAKI3ictVZNj9tEGHYXCI356sKRy4hV260EkbOgshWq1KpIINSVFoXtVoqtdDx+HQ8Zz5iZ8W6iYfbf8Au48we4IS4cuHGF38DYcdJkk+yHoJOLM+/X8z7Pa8/EBaNKB8EfN7Zee/2N1ps32/5bb7/z7nu3tt9/pkQpCRwRwYR8HmMFjHI40lQzeF5IwHnM4DgePansxycgFRX8Oz0pIMrxkNOUEqzd1mC7dRyqHDPmhzEMKTcaxyXD0pofiftZP8yqzP6dMJx55FhndvankEKkWgJYv4fCkwSrbGBCDWMHxSQTa9EIhT+UOEG9L9DjxgOFmBUZ9sPvS6UdFlDL1ircFCO7O7p3Nsul8ETZs2kgCktF+RAt2fwQeLKIp/4/BXvnUuwL5Udra24EuxZRyV3shZAcnzWnV6d3pejABHYjuQPTtRdjnoYzzJOFkHkj1f5USEPt/0fuBaUvQ0vXggNrK9Mrp5pejU0h15Ip5Cvjsikag8ZLw0DKAoVm6hPaeUwCbL1jlWDFb2PPTZqV/uDi/q4tRXuxatON7etoYA6tj9zaBBDG7tupzNh2zr2hjWEuR8NFX09fe4NjpSUm7jvIAJ12ZEd37Fkv+k+qtddBsxW4eUvjuqWZMDNVJqFd0GjuPKmdz6vlt6+m1hID8JKBScMAVejFi1SCyu7etRG6up61YXaADG7tBJ3gs737DwIUdD59sH8/6KJuJ6jX/GHHa9bhYHvr5zARpMyBa8KwUv1uUOjIYKkpYVXdUkGByQgPoZ+c0EJxnIOKzLg+BS267ewJSt3bkAquUb27GGRwrtQkj51nhV6dt9UtrbH1S53uR4byotTAybRQWjKkBaqOVJRQCUSziXvARFIHF5EMV0PkDt6lKgssLlU44D0HTLCo5lUVQJbarXelStXy7pjpsZtVt5lAikumq75TwLp04pkDXBRO74dO008qXZ2bAp1jyiu3fmQeJyIG9A1wJTg6lGLm4ABUHrtP3RWBf/wlHVKt7vV7BDN4eIA1yZ6KU5DEXTouz/GV63W0KfiAcjoLuz2Lk7l5kuECS4nZy4zuhqIwr3Oqa0Fxgbng4pqBXEh3KaIKTrB0A5WraVuUn2ZUg3ICgJvOIIh8N+YrQ7368Gyv0w063W/3dh7tNwN/0/vQ+8jb9bre594j72vv0DvySOuX1l+tv1v/tH9q/9r+rf371HXrRhPzgbe02n/+C3L8n64=</latexit><latexit sha1_base64="9B4N1vQNE9FSphxpPLFkLR0mDww=">AAAKI3ictVZNj9tEGHYXCI356sKRy4hV260EkbOgshWq1KpIINSVFoXtVoqtdDx+HQ8Zz5iZ8W6iYfbf8Au48we4IS4cuHGF38DYcdJkk+yHoJOLM+/X8z7Pa8/EBaNKB8EfN7Zee/2N1ps32/5bb7/z7nu3tt9/pkQpCRwRwYR8HmMFjHI40lQzeF5IwHnM4DgePansxycgFRX8Oz0pIMrxkNOUEqzd1mC7dRyqHDPmhzEMKTcaxyXD0pofiftZP8yqzP6dMJx55FhndvankEKkWgJYv4fCkwSrbGBCDWMHxSQTa9EIhT+UOEG9L9DjxgOFmBUZ9sPvS6UdFlDL1ircFCO7O7p3Nsul8ETZs2kgCktF+RAt2fwQeLKIp/4/BXvnUuwL5Udra24EuxZRyV3shZAcnzWnV6d3pejABHYjuQPTtRdjnoYzzJOFkHkj1f5USEPt/0fuBaUvQ0vXggNrK9Mrp5pejU0h15Ip5Cvjsikag8ZLw0DKAoVm6hPaeUwCbL1jlWDFb2PPTZqV/uDi/q4tRXuxatON7etoYA6tj9zaBBDG7tupzNh2zr2hjWEuR8NFX09fe4NjpSUm7jvIAJ12ZEd37Fkv+k+qtddBsxW4eUvjuqWZMDNVJqFd0GjuPKmdz6vlt6+m1hID8JKBScMAVejFi1SCyu7etRG6up61YXaADG7tBJ3gs737DwIUdD59sH8/6KJuJ6jX/GHHa9bhYHvr5zARpMyBa8KwUv1uUOjIYKkpYVXdUkGByQgPoZ+c0EJxnIOKzLg+BS267ewJSt3bkAquUb27GGRwrtQkj51nhV6dt9UtrbH1S53uR4byotTAybRQWjKkBaqOVJRQCUSziXvARFIHF5EMV0PkDt6lKgssLlU44D0HTLCo5lUVQJbarXelStXy7pjpsZtVt5lAikumq75TwLp04pkDXBRO74dO008qXZ2bAp1jyiu3fmQeJyIG9A1wJTg6lGLm4ABUHrtP3RWBf/wlHVKt7vV7BDN4eIA1yZ6KU5DEXTouz/GV63W0KfiAcjoLuz2Lk7l5kuECS4nZy4zuhqIwr3Oqa0Fxgbng4pqBXEh3KaIKTrB0A5WraVuUn2ZUg3ICgJvOIIh8N+YrQ7368Gyv0w063W/3dh7tNwN/0/vQ+8jb9bre594j72vv0DvySOuX1l+tv1v/tH9q/9r+rf371HXrRhPzgbe02n/+C3L8n64=</latexit><latexit sha1_base64="9B4N1vQNE9FSphxpPLFkLR0mDww=">AAAKI3ictVZNj9tEGHYXCI356sKRy4hV260EkbOgshWq1KpIINSVFoXtVoqtdDx+HQ8Zz5iZ8W6iYfbf8Au48we4IS4cuHGF38DYcdJkk+yHoJOLM+/X8z7Pa8/EBaNKB8EfN7Zee/2N1ps32/5bb7/z7nu3tt9/pkQpCRwRwYR8HmMFjHI40lQzeF5IwHnM4DgePansxycgFRX8Oz0pIMrxkNOUEqzd1mC7dRyqHDPmhzEMKTcaxyXD0pofiftZP8yqzP6dMJx55FhndvankEKkWgJYv4fCkwSrbGBCDWMHxSQTa9EIhT+UOEG9L9DjxgOFmBUZ9sPvS6UdFlDL1ircFCO7O7p3Nsul8ETZs2kgCktF+RAt2fwQeLKIp/4/BXvnUuwL5Udra24EuxZRyV3shZAcnzWnV6d3pejABHYjuQPTtRdjnoYzzJOFkHkj1f5USEPt/0fuBaUvQ0vXggNrK9Mrp5pejU0h15Ip5Cvjsikag8ZLw0DKAoVm6hPaeUwCbL1jlWDFb2PPTZqV/uDi/q4tRXuxatON7etoYA6tj9zaBBDG7tupzNh2zr2hjWEuR8NFX09fe4NjpSUm7jvIAJ12ZEd37Fkv+k+qtddBsxW4eUvjuqWZMDNVJqFd0GjuPKmdz6vlt6+m1hID8JKBScMAVejFi1SCyu7etRG6up61YXaADG7tBJ3gs737DwIUdD59sH8/6KJuJ6jX/GHHa9bhYHvr5zARpMyBa8KwUv1uUOjIYKkpYVXdUkGByQgPoZ+c0EJxnIOKzLg+BS267ewJSt3bkAquUb27GGRwrtQkj51nhV6dt9UtrbH1S53uR4byotTAybRQWjKkBaqOVJRQCUSziXvARFIHF5EMV0PkDt6lKgssLlU44D0HTLCo5lUVQJbarXelStXy7pjpsZtVt5lAikumq75TwLp04pkDXBRO74dO008qXZ2bAp1jyiu3fmQeJyIG9A1wJTg6lGLm4ABUHrtP3RWBf/wlHVKt7vV7BDN4eIA1yZ6KU5DEXTouz/GV63W0KfiAcjoLuz2Lk7l5kuECS4nZy4zuhqIwr3Oqa0Fxgbng4pqBXEh3KaIKTrB0A5WraVuUn2ZUg3ICgJvOIIh8N+YrQ7368Gyv0w063W/3dh7tNwN/0/vQ+8jb9bre594j72vv0DvySOuX1l+tv1v/tH9q/9r+rf371HXrRhPzgbe02n/+C3L8n64=</latexit>

Assertions: Actions

As with terms, agents can send and receive assertions.

Can now branch based on the derivability of assertions:

confirm and deny actions.

Can add new instances of predicates: insert action.

Internal action, specified by protocol description.

Runtime Model

An A-action is a send, receive, confirm or deny by A.

Actions specified with as much pattern as possible for

terms, with variables standing for unknowns.

An A-role is a sequence of A-actions.

Runtime Model (Contd.)

Each agent accumulates terms and assertions generated

and received, in a knowledge state (X; Φ).

Knowledge states used to enable actions, and possibly

updated after performing actions.

Enabling & Updates

=′( )

+ ∶ (�) �, � + ∶ (�) ,

∪ {�} �′

= ∪ {�}′

= ∪ { }

; �

′

= ∪ { }′

= ∪ {[�� � ]}

− ∶ �, � − ∶ ,

�

′

= ∪ { }′

= ∪ { }

, �

′

= ∪ {[�� �]}′

= ∪ {[�� �]}

∶ � ∶ ; �

∶ � ∶ ; �<latexit sha1_base64="SQzBZJMASXS+ucZav8Pa9n+izqc=">AAAJXnicnVZtb9s2EFazxovddW3aLwP2hVjcNNkSQ06LLt0QoEY3bBmawUOXNoBlGBRF2UQkUiApxy6r/r/9hH0b0D+y01v8EjtOK8MAfXzu7uE9J57dKGBK2/a/t9a+uL1e+XKjWrvz1d2v793ffPBGiVgSekpEIOSZixUNGKenmumAnkWS4tAN6Fv3/GW6/3ZIpWKC/63HEe2GuM+ZzwjWYOptrr93XNpn3BDKNZVJzVEhDoKaIymnF0SEIeaecbCUeKy0pJoMEtNsPAFg7qexGwdYJuY9KT6wNUjp1IyT8TPtIA4TxxdCc6GpYu+oaZE0Paq79SRB2+gaZB2jI+Qo1g/x4x13dyX+V45dyN5HRHCPpVnUKpfTyMOwTBLHKak7YRxoJsWFeZqY7xNT/6HVM83kJ7TjDCkx42T3g+6ZYp3sIQcH0QBPLPU05YIgZYAwDVC6zYEPcvBZz7QS5JA4Qo4pnBwwDD2sBpBJ0xHobTzIhnQWon72OPM5Qot96wgOuI22S+hxAT2+hOop0GJCPyOnPWB5+IzJ9Bnq6V4ZOMdNYue4WRaFrpcKl1jUKQoJLHCktEDFIbqoCLBMp/1Cp1Kd0c3V2Qd1Vmty/DkS6Llj52VqTcrUWl6mxST2puq7QIfr6zqaq2s8qevnCTO8IoypF0KURYLX0WcyTD4sFAPgS6EFYHX7/SlQnL3K1/HwKB/fhMQ0bhkDfiMKDoUbtLwm81/lZdu7v2U37KcHz57byG48eX74zG6iZsPOnsvFllU87d7m2j+OJ0gcQgASYKU6TTvSXYOlZiSgED5WNMLkHPdpxxuySHEcUtU1o+z2S9Aj2PeQLyR8uUaZddrJ4FCpcegCMsR6oOb3UuOivU6s/cOuYTyKNeUkT+THAYIWSecO8pikRAdjWGAi4WImiAywxAQKMZslkkL4MGpmT2PK1yCpzeQ94a+Brgi6JuMUUTLnBlapfDVrHQV6pCUGo0d9DJHTavgU61hSZU5wFMEIOYJW2E/bIZ2KVIeY8RTW6ZqWJ1yK/qBcwRBrS1ECgECK2HkF05Xv/cL6TKvdzmuCA3p0gmF2vhIXVBKY16tj/AYVOF/mfMI4K90elX4yNC8HOEpndTCJCNNcYZ7FVJ9EBRxDwcUnOnIh4Q8EU3SIJbRZqPJjMX4xYDBkQQAKPWvb3bT5r7T61cWbg0bTbjT/Oth6cVi8BhvWt9Z31o7VtH60Xli/W23r1CLrHyvVyoPKw43/qpXq3eq9HLp2q/B5aM081W/+B8NqQj0=</latexit><latexit sha1_base64="SQzBZJMASXS+ucZav8Pa9n+izqc=">AAAJXnicnVZtb9s2EFazxovddW3aLwP2hVjcNNkSQ06LLt0QoEY3bBmawUOXNoBlGBRF2UQkUiApxy6r/r/9hH0b0D+y01v8EjtOK8MAfXzu7uE9J57dKGBK2/a/t9a+uL1e+XKjWrvz1d2v793ffPBGiVgSekpEIOSZixUNGKenmumAnkWS4tAN6Fv3/GW6/3ZIpWKC/63HEe2GuM+ZzwjWYOptrr93XNpn3BDKNZVJzVEhDoKaIymnF0SEIeaecbCUeKy0pJoMEtNsPAFg7qexGwdYJuY9KT6wNUjp1IyT8TPtIA4TxxdCc6GpYu+oaZE0Paq79SRB2+gaZB2jI+Qo1g/x4x13dyX+V45dyN5HRHCPpVnUKpfTyMOwTBLHKak7YRxoJsWFeZqY7xNT/6HVM83kJ7TjDCkx42T3g+6ZYp3sIQcH0QBPLPU05YIgZYAwDVC6zYEPcvBZz7QS5JA4Qo4pnBwwDD2sBpBJ0xHobTzIhnQWon72OPM5Qot96wgOuI22S+hxAT2+hOop0GJCPyOnPWB5+IzJ9Bnq6V4ZOMdNYue4WRaFrpcKl1jUKQoJLHCktEDFIbqoCLBMp/1Cp1Kd0c3V2Qd1Vmty/DkS6Llj52VqTcrUWl6mxST2puq7QIfr6zqaq2s8qevnCTO8IoypF0KURYLX0WcyTD4sFAPgS6EFYHX7/SlQnL3K1/HwKB/fhMQ0bhkDfiMKDoUbtLwm81/lZdu7v2U37KcHz57byG48eX74zG6iZsPOnsvFllU87d7m2j+OJ0gcQgASYKU6TTvSXYOlZiSgED5WNMLkHPdpxxuySHEcUtU1o+z2S9Aj2PeQLyR8uUaZddrJ4FCpcegCMsR6oOb3UuOivU6s/cOuYTyKNeUkT+THAYIWSecO8pikRAdjWGAi4WImiAywxAQKMZslkkL4MGpmT2PK1yCpzeQ94a+Brgi6JuMUUTLnBlapfDVrHQV6pCUGo0d9DJHTavgU61hSZU5wFMEIOYJW2E/bIZ2KVIeY8RTW6ZqWJ1yK/qBcwRBrS1ECgECK2HkF05Xv/cL6TKvdzmuCA3p0gmF2vhIXVBKY16tj/AYVOF/mfMI4K90elX4yNC8HOEpndTCJCNNcYZ7FVJ9EBRxDwcUnOnIh4Q8EU3SIJbRZqPJjMX4xYDBkQQAKPWvb3bT5r7T61cWbg0bTbjT/Oth6cVi8BhvWt9Z31o7VtH60Xli/W23r1CLrHyvVyoPKw43/qpXq3eq9HLp2q/B5aM081W/+B8NqQj0=</latexit><latexit sha1_base64="SQzBZJMASXS+ucZav8Pa9n+izqc=">AAAJXnicnVZtb9s2EFazxovddW3aLwP2hVjcNNkSQ06LLt0QoEY3bBmawUOXNoBlGBRF2UQkUiApxy6r/r/9hH0b0D+y01v8EjtOK8MAfXzu7uE9J57dKGBK2/a/t9a+uL1e+XKjWrvz1d2v793ffPBGiVgSekpEIOSZixUNGKenmumAnkWS4tAN6Fv3/GW6/3ZIpWKC/63HEe2GuM+ZzwjWYOptrr93XNpn3BDKNZVJzVEhDoKaIymnF0SEIeaecbCUeKy0pJoMEtNsPAFg7qexGwdYJuY9KT6wNUjp1IyT8TPtIA4TxxdCc6GpYu+oaZE0Paq79SRB2+gaZB2jI+Qo1g/x4x13dyX+V45dyN5HRHCPpVnUKpfTyMOwTBLHKak7YRxoJsWFeZqY7xNT/6HVM83kJ7TjDCkx42T3g+6ZYp3sIQcH0QBPLPU05YIgZYAwDVC6zYEPcvBZz7QS5JA4Qo4pnBwwDD2sBpBJ0xHobTzIhnQWon72OPM5Qot96wgOuI22S+hxAT2+hOop0GJCPyOnPWB5+IzJ9Bnq6V4ZOMdNYue4WRaFrpcKl1jUKQoJLHCktEDFIbqoCLBMp/1Cp1Kd0c3V2Qd1Vmty/DkS6Llj52VqTcrUWl6mxST2puq7QIfr6zqaq2s8qevnCTO8IoypF0KURYLX0WcyTD4sFAPgS6EFYHX7/SlQnL3K1/HwKB/fhMQ0bhkDfiMKDoUbtLwm81/lZdu7v2U37KcHz57byG48eX74zG6iZsPOnsvFllU87d7m2j+OJ0gcQgASYKU6TTvSXYOlZiSgED5WNMLkHPdpxxuySHEcUtU1o+z2S9Aj2PeQLyR8uUaZddrJ4FCpcegCMsR6oOb3UuOivU6s/cOuYTyKNeUkT+THAYIWSecO8pikRAdjWGAi4WImiAywxAQKMZslkkL4MGpmT2PK1yCpzeQ94a+Brgi6JuMUUTLnBlapfDVrHQV6pCUGo0d9DJHTavgU61hSZU5wFMEIOYJW2E/bIZ2KVIeY8RTW6ZqWJ1yK/qBcwRBrS1ECgECK2HkF05Xv/cL6TKvdzmuCA3p0gmF2vhIXVBKY16tj/AYVOF/mfMI4K90elX4yNC8HOEpndTCJCNNcYZ7FVJ9EBRxDwcUnOnIh4Q8EU3SIJbRZqPJjMX4xYDBkQQAKPWvb3bT5r7T61cWbg0bTbjT/Oth6cVi8BhvWt9Z31o7VtH60Xli/W23r1CLrHyvVyoPKw43/qpXq3eq9HLp2q/B5aM081W/+B8NqQj0=</latexit><latexit sha1_base64="SQzBZJMASXS+ucZav8Pa9n+izqc=">AAAJXnicnVZtb9s2EFazxovddW3aLwP2hVjcNNkSQ06LLt0QoEY3bBmawUOXNoBlGBRF2UQkUiApxy6r/r/9hH0b0D+y01v8EjtOK8MAfXzu7uE9J57dKGBK2/a/t9a+uL1e+XKjWrvz1d2v793ffPBGiVgSekpEIOSZixUNGKenmumAnkWS4tAN6Fv3/GW6/3ZIpWKC/63HEe2GuM+ZzwjWYOptrr93XNpn3BDKNZVJzVEhDoKaIymnF0SEIeaecbCUeKy0pJoMEtNsPAFg7qexGwdYJuY9KT6wNUjp1IyT8TPtIA4TxxdCc6GpYu+oaZE0Paq79SRB2+gaZB2jI+Qo1g/x4x13dyX+V45dyN5HRHCPpVnUKpfTyMOwTBLHKak7YRxoJsWFeZqY7xNT/6HVM83kJ7TjDCkx42T3g+6ZYp3sIQcH0QBPLPU05YIgZYAwDVC6zYEPcvBZz7QS5JA4Qo4pnBwwDD2sBpBJ0xHobTzIhnQWon72OPM5Qot96wgOuI22S+hxAT2+hOop0GJCPyOnPWB5+IzJ9Bnq6V4ZOMdNYue4WRaFrpcKl1jUKQoJLHCktEDFIbqoCLBMp/1Cp1Kd0c3V2Qd1Vmty/DkS6Llj52VqTcrUWl6mxST2puq7QIfr6zqaq2s8qevnCTO8IoypF0KURYLX0WcyTD4sFAPgS6EFYHX7/SlQnL3K1/HwKB/fhMQ0bhkDfiMKDoUbtLwm81/lZdu7v2U37KcHz57byG48eX74zG6iZsPOnsvFllU87d7m2j+OJ0gcQgASYKU6TTvSXYOlZiSgED5WNMLkHPdpxxuySHEcUtU1o+z2S9Aj2PeQLyR8uUaZddrJ4FCpcegCMsR6oOb3UuOivU6s/cOuYTyKNeUkT+THAYIWSecO8pikRAdjWGAi4WImiAywxAQKMZslkkL4MGpmT2PK1yCpzeQ94a+Brgi6JuMUUTLnBlapfDVrHQV6pCUGo0d9DJHTavgU61hSZU5wFMEIOYJW2E/bIZ2KVIeY8RTW6ZqWJ1yK/qBcwRBrS1ECgECK2HkF05Xv/cL6TKvdzmuCA3p0gmF2vhIXVBKY16tj/AYVOF/mfMI4K90elX4yNC8HOEpndTCJCNNcYZ7FVJ9EBRxDwcUnOnIh4Q8EU3SIJbRZqPJjMX4xYDBkQQAKPWvb3bT5r7T61cWbg0bTbjT/Oth6cVi8BhvWt9Z31o7VtH60Xli/W23r1CLrHyvVyoPKw43/qpXq3eq9HLp2q/B5aM081W/+B8NqQj0=</latexit>

Runtime Model (Contd.)

A protocol is just a set of roles.

Can consider various instantiations of roles — sessions.

A run is an admissible (according to enabling conditions!)

interleaving of such sessions.

One can think of a transition system with states that keep track

of agents’ knowledge and all the sessions in progress, where

enabled actions induce transitions.

Example: FOO e-Voting Protocol

Proposed by Fujioka, Okamoto and Ohta in 1992. [FOO92]

Voter contacts admin, who checks voter’s id and authenticates.

Authenticated voter then sends vote anonymously to collector.

Admin should not know vote, collector should not know id.

Terms-only model ensures this via blind signatures.

FOO92: Fujioka, A.; Okamoto, T.; Ohta, K. (1992), “A Practical Secret Voting Scheme for Large Scale Elections”, Advances in Cryptology — AUSCRYPT ’92, 244–251.

FOO Protocol: Terms-only

→ ∶

→ ∶

� ∶

→ ∶

V, {blind({v}r, b)}sg(V)

{blind({v}r, b)}sg(A)

{{v}r}sg(A)

list, {{v}r}sg(A)

r

unblind({blind(t, b)}sg(A), b)

={t}sg(A)

� ∶

FOO Protocol: What we want

→ ∶

→ ∶

� ∶

{v}k , “V wants to vote with this encryption of a valid vote”

“V is eligible and wants to vote with the term sent earlier”

{v}k’ , “Some eligible agent was authorised by A to vote with

a valid vote, this term is a re-encryption of that same vote.”

A does not have to modify V’s term (which contains the vote)

in order to certify it!

FOO Protocol: Assertions

→ ∶

→ ∶

� ∶

{ } , {∃ , ∶ { } = { } ∧ ( )}

FOO Protocol: Assertions

→ ∶

→ ∶

� ∶

{ } , {∃ , ∶ { } = { } ∧ ( )}

Both x, r visible

Not visible, rA not known to anyone but V

FOO Protocol: Assertions

→ ∶

→ ∶

� ∶

{ } , {∃ , ∶ { } = { } ∧ ( )}

� ( ) ∧ ( ,{ } )

∧ {∃ , ∶ { } = { } ∧ ( )}�

FOO Protocol: Assertions

→ ∶

→ ∶

� ∶

{ } , {∃ , ∶ { } = { } ∧ ( )}

� ( ) ∧ ( ,{ } )

∧ {∃ , ∶ { } = { } ∧ ( )}�{ } , ,

∃ , , ∶ � � ( ) ∧ ( ,{ } )

∧ {∃ , ∶ { } = { }∧ ( )}�

∧ = �

FOO Protocol: Assertions

→ ∶

→ ∶

� ∶

∶ ∃ ∶ ( , )

{ } , {∃ , ∶ { } = { } ∧ ( )}

� ( ) ∧ ( ,{ } )

∧ {∃ , ∶ { } = { } ∧ ( )}�{ } , ,

∃ , , ∶ � � ( ) ∧ ( ,{ } )

∧ {∃ , ∶ { } = { }∧ ( )}�

∧ = �

FOO Protocol: Assertions

→ ∶

→ ∶

� ∶

∶ ∃ ∶ ( , )∶ ( ,{ } )

{ } , {∃ , ∶ { } = { } ∧ ( )}

� ( ) ∧ ( ,{ } )

∧ {∃ , ∶ { } = { } ∧ ( )}�{ } , ,

∃ , , ∶ � � ( ) ∧ ( ,{ } )

∧ {∃ , ∶ { } = { }∧ ( )}�

∧ = �

Verification

Derivability problem: Given a finite set of terms X, a

finite set of assertions Φ, and an assertion α, is it the

case whether X; Φ ⊢α?

Insecurity problem: Given a protocol Pr and a

designated secret assertion α, is there a run of Pr at the

end of which XI, ΦI ⊢α?

Derivability Problem

Proof search: Start from the desired conclusion, try to build a

proof tree using inference system.

For assertions, slightly problematic because of two reasons:

∨e: Need to check that the conclusion of the rule is derivable

from each disjunct separately; two proofs to search for!

∃i: Need to pick appropriate term as witness; unbounded

search!

Derivability ProblemGet around this problem by considering down-closures.

(S;A) said to be down-closed if the following hold:

S contains all bound variables of A

If β∧γ ∈ A, then {β, γ}⊆A

If β∨γ ∈ A, then β ∈ A or γ ∈ A

If ∃x.β ∈ A, then β ∈ A

If a says β ∈ A, then β ∈ A

(T;B) down-closure of (S;A) if it is a minimal down-closed set with S ⊆T & A⊆B.

(T; B) linear in the size of (S; A).

Derivability Problem

Helpful because various “left” properties hold about this system.

Left conjunction: S; A∪{β∧γ} ⊢α iff S; A∪{β, γ} ⊢α.

Left disjunction: S; A∪{β∨γ} ⊢α iff S; A∪{β} ⊢α and S; A∪{γ} ⊢α.

Left exists: S; A∪{∃x.β} ⊢α iff S∪{x}; A∪{β} ⊢α. (Caveats on S, A, β, α)

Left says: S; A∪{a says β} ⊢α iff S; A∪{β, a says β} ⊢α.

Enough to consider trim(B) = {t = u | t = u ∈ B} for a dc (T; B).

Derivability ProblemS; A ⊢α iff all down-closures T; B derive α — T; B ⊢α iff T; trim(B) derives α

using the subsystem core = {ax, eq, ⊥, subst, proj, ∧i, ∨i, ∃i}.

Proofs in core have a normal form — can be decomposed into two parts:

Proofs of S; A ⊢eq µ(t)=µ(u) for each t = u ∈ E, and

A (linear in the size of α) proof of S; µ(E) ⊢α using only ∧i, ∨i, ∃i

where µ is the ‘substitution’ assigning witnesses for the quantifiers, and

E is a set of equalities that are subformulas of α.

For every down-closure’s trim, guess a down-closure, a set E, a substitution µ, and a

proof of S; µ(E) ⊢α.

Derivability Problem

Problem of µ assigning unboundedly large terms for

witnesses for ∃i remains.

Adapt idea of ‘small substitutions’, as presented by

[RT03] for the terms-only system.

Key notion there: If the intruder can achieve the same

‘view’ with a smaller term, no need to use a larger term.

RT03: Rusinowitch, M.; Turuani, M.(2003), “Protocol insecurity with a finite number of sessions and composed keys is np-complete”, Theoretical Computer Science, 299(1- 3):451–475.

Derivability ProblemProblem: Given µ and a set st, find a small ν such that if S; A ⊢eq µ(t) = µ(u) for t, u

∈ st, then S; A ⊢eq ν(t) = ν(u).

Choose st as the set of all subterms (of S, A and α).

Consider a minimal variable x: no other variables occur in µ(x)

Set ν(x) = µ(x) if either µ(x) ∈ st, or S; A ⊢eq µ(x) = µ(t) for t ∈ st.

Otherwise, set ν(x) to be some new random value nt where µ(x) = t.

Cascade to non-minimal variables, to preserve equations.

Can show that ν is a small substitution (polynomial in the size of st) preserving

derivability under ⊢eq.

Derivability Problem

For every down-closure, need: a set of equalities E, a small

substitution µ, and a proof of S; µ(E) ⊢α).

Down-closure is linear in the size of S; A

E polynomial in the size of α (since subformulas)

µ polynomial in the size of S; A and α (since small)

A proof of S; µ(E) ⊢α linear in the size of α.

Can obtain a Π2, i.e. a coNPNP procedure.

Derivability Problem

This bound is tight — the problem is Π2-complete.

Reduction from the validity problem for QBF formulas

of the form ∀p1…pm∃q1…qnψ.

Can define for each such formula S, A and α such that

S; A ⊢ α iff ∀p1…pm∃q1…qnψ is valid.

Derivability Problem= { , � ≤ ≤ } ∪ { , � ≤ ≤ } ∪ { ( , ) � ≤ ≤ }

= {∃ ∶ [ = ( , ) ∧ ( = ∨ = )] � ≤ ≤

= ∃ . . . . . . � �, [⋅]

∶= = ( , )

¬ ∶= = ( , )

∶= =

¬ ∶= =

∧ ∶= ∧

∨ ∶= ∨

; � ∀�∃�<latexit sha1_base64="hunP7tPJ1naOk1jjWildVM3zkGk=">AAAHuHiclVVtb9s2EFZTb+68t6b7uC+HpR2SwTPkrOjSDAZadMCGoQEyZGkLWIJGUZTFhCIVkrKdCvqB+wMD9m92lOzUThwUIWCRfHj33PH4kI4LwY31/f/ubd3vfPJp98Fnvc+/+PKrrx9uP3pjVKkpO6VKKP0uJoYJLtmp5Vawd4VmJI8Fexufv3Lrb6dMG67kX/ayYGFOJpKnnBKLULR9/99gDCcwgqACEvE+xBGHIOcJDCEQDHjzzSGoIaBl4cxodNaHJDpbNTtrvnLVLLBsbivDJK13G+bzvduIwx4m8bJNImBz3LWBecQvMZVDGIPFfrTGN3d8uIyMgsjEUaXWoWhH3AZw29BOcT+B5pPM7kG4MX4TPCCiyIiL0oav3kfVsA5EotpxXtczhywhnEicxHwixoHCArv6V0FheAPqsL/Id5YxzeDxqhFFhjp8DNxAwlKEEuAyKanlUyYugRhIlRBqZgZtaWI24bIigk/kD3XvA1ERVbxGk4uSJPD94Wgxsg6+Vi/isD68dx3WLFhhCYRUtqrvQBbfTnaxmWW2YKFNvyn8RxyTDY5Y6/aMUADtZH8Dw02HeqmZayuN9+YISt81AMpvA38vYDK5Okmnu5NfUPfBNCEmW2qwLTXwNAVkSpUmQqAJo1VRX92OZn6Bc6S+8jAwRe6kkU30cMcf+E/3nz33wR/89PzgmT+E4cBv2tVgx1u042h7658gUbTMmbRUEGPGQ7+wYUW05VQwzL00rCD0nEzYOJnywkiSMxNW8+YRquEJricoXY0/aaFBV50qkhtzmcdomRObmetrDty0Ni5tehBWXBaldfprAqWlAKvAvWiQcM2oxZuTcEI1x3SBZkQTavHdW4tSaKVSq9n6bqq8FJZrNXNHshL3SJ5gukqEVZNTweg1N0S1Sc06Ohd2bjVBEC83QWZXjZQRW2pmqiNSFFxORnhiP7pTQzPDbE64dGbjsHqZqJjBH0waJeFYq6UBJuAsdl/juy37v/IJt2ZvfEKJYKMjYmn2Ws2YpvhP8HGO37AC57c5H3HJl25Pln46r15lpCAaxfiBEYVpiGw4zZ1SQcdcSXVHR6l0jvo2bEo0yiw37ba4nGXcMoMHwFCzvh/2UPw3pH5z8GZ/MPQHwz/3d14cLK7BA+9b7ztv1xt6P3svvN+9Y+/Uo51Rh3ZEJ+8edv/uTrq8Nd26t/D5xltrXf0/ywOvSQ==</latexit><latexit sha1_base64="hunP7tPJ1naOk1jjWildVM3zkGk=">AAAHuHiclVVtb9s2EFZTb+68t6b7uC+HpR2SwTPkrOjSDAZadMCGoQEyZGkLWIJGUZTFhCIVkrKdCvqB+wMD9m92lOzUThwUIWCRfHj33PH4kI4LwY31/f/ubd3vfPJp98Fnvc+/+PKrrx9uP3pjVKkpO6VKKP0uJoYJLtmp5Vawd4VmJI8Fexufv3Lrb6dMG67kX/ayYGFOJpKnnBKLULR9/99gDCcwgqACEvE+xBGHIOcJDCEQDHjzzSGoIaBl4cxodNaHJDpbNTtrvnLVLLBsbivDJK13G+bzvduIwx4m8bJNImBz3LWBecQvMZVDGIPFfrTGN3d8uIyMgsjEUaXWoWhH3AZw29BOcT+B5pPM7kG4MX4TPCCiyIiL0oav3kfVsA5EotpxXtczhywhnEicxHwixoHCArv6V0FheAPqsL/Id5YxzeDxqhFFhjp8DNxAwlKEEuAyKanlUyYugRhIlRBqZgZtaWI24bIigk/kD3XvA1ERVbxGk4uSJPD94Wgxsg6+Vi/isD68dx3WLFhhCYRUtqrvQBbfTnaxmWW2YKFNvyn8RxyTDY5Y6/aMUADtZH8Dw02HeqmZayuN9+YISt81AMpvA38vYDK5Okmnu5NfUPfBNCEmW2qwLTXwNAVkSpUmQqAJo1VRX92OZn6Bc6S+8jAwRe6kkU30cMcf+E/3nz33wR/89PzgmT+E4cBv2tVgx1u042h7658gUbTMmbRUEGPGQ7+wYUW05VQwzL00rCD0nEzYOJnywkiSMxNW8+YRquEJricoXY0/aaFBV50qkhtzmcdomRObmetrDty0Ni5tehBWXBaldfprAqWlAKvAvWiQcM2oxZuTcEI1x3SBZkQTavHdW4tSaKVSq9n6bqq8FJZrNXNHshL3SJ5gukqEVZNTweg1N0S1Sc06Ohd2bjVBEC83QWZXjZQRW2pmqiNSFFxORnhiP7pTQzPDbE64dGbjsHqZqJjBH0waJeFYq6UBJuAsdl/juy37v/IJt2ZvfEKJYKMjYmn2Ws2YpvhP8HGO37AC57c5H3HJl25Pln46r15lpCAaxfiBEYVpiGw4zZ1SQcdcSXVHR6l0jvo2bEo0yiw37ba4nGXcMoMHwFCzvh/2UPw3pH5z8GZ/MPQHwz/3d14cLK7BA+9b7ztv1xt6P3svvN+9Y+/Uo51Rh3ZEJ+8edv/uTrq8Nd26t/D5xltrXf0/ywOvSQ==</latexit><latexit sha1_base64="hunP7tPJ1naOk1jjWildVM3zkGk=">AAAHuHiclVVtb9s2EFZTb+68t6b7uC+HpR2SwTPkrOjSDAZadMCGoQEyZGkLWIJGUZTFhCIVkrKdCvqB+wMD9m92lOzUThwUIWCRfHj33PH4kI4LwY31/f/ubd3vfPJp98Fnvc+/+PKrrx9uP3pjVKkpO6VKKP0uJoYJLtmp5Vawd4VmJI8Fexufv3Lrb6dMG67kX/ayYGFOJpKnnBKLULR9/99gDCcwgqACEvE+xBGHIOcJDCEQDHjzzSGoIaBl4cxodNaHJDpbNTtrvnLVLLBsbivDJK13G+bzvduIwx4m8bJNImBz3LWBecQvMZVDGIPFfrTGN3d8uIyMgsjEUaXWoWhH3AZw29BOcT+B5pPM7kG4MX4TPCCiyIiL0oav3kfVsA5EotpxXtczhywhnEicxHwixoHCArv6V0FheAPqsL/Id5YxzeDxqhFFhjp8DNxAwlKEEuAyKanlUyYugRhIlRBqZgZtaWI24bIigk/kD3XvA1ERVbxGk4uSJPD94Wgxsg6+Vi/isD68dx3WLFhhCYRUtqrvQBbfTnaxmWW2YKFNvyn8RxyTDY5Y6/aMUADtZH8Dw02HeqmZayuN9+YISt81AMpvA38vYDK5Okmnu5NfUPfBNCEmW2qwLTXwNAVkSpUmQqAJo1VRX92OZn6Bc6S+8jAwRe6kkU30cMcf+E/3nz33wR/89PzgmT+E4cBv2tVgx1u042h7658gUbTMmbRUEGPGQ7+wYUW05VQwzL00rCD0nEzYOJnywkiSMxNW8+YRquEJricoXY0/aaFBV50qkhtzmcdomRObmetrDty0Ni5tehBWXBaldfprAqWlAKvAvWiQcM2oxZuTcEI1x3SBZkQTavHdW4tSaKVSq9n6bqq8FJZrNXNHshL3SJ5gukqEVZNTweg1N0S1Sc06Ohd2bjVBEC83QWZXjZQRW2pmqiNSFFxORnhiP7pTQzPDbE64dGbjsHqZqJjBH0waJeFYq6UBJuAsdl/juy37v/IJt2ZvfEKJYKMjYmn2Ws2YpvhP8HGO37AC57c5H3HJl25Pln46r15lpCAaxfiBEYVpiGw4zZ1SQcdcSXVHR6l0jvo2bEo0yiw37ba4nGXcMoMHwFCzvh/2UPw3pH5z8GZ/MPQHwz/3d14cLK7BA+9b7ztv1xt6P3svvN+9Y+/Uo51Rh3ZEJ+8edv/uTrq8Nd26t/D5xltrXf0/ywOvSQ==</latexit><latexit sha1_base64="hunP7tPJ1naOk1jjWildVM3zkGk=">AAAHuHiclVVtb9s2EFZTb+68t6b7uC+HpR2SwTPkrOjSDAZadMCGoQEyZGkLWIJGUZTFhCIVkrKdCvqB+wMD9m92lOzUThwUIWCRfHj33PH4kI4LwY31/f/ubd3vfPJp98Fnvc+/+PKrrx9uP3pjVKkpO6VKKP0uJoYJLtmp5Vawd4VmJI8Fexufv3Lrb6dMG67kX/ayYGFOJpKnnBKLULR9/99gDCcwgqACEvE+xBGHIOcJDCEQDHjzzSGoIaBl4cxodNaHJDpbNTtrvnLVLLBsbivDJK13G+bzvduIwx4m8bJNImBz3LWBecQvMZVDGIPFfrTGN3d8uIyMgsjEUaXWoWhH3AZw29BOcT+B5pPM7kG4MX4TPCCiyIiL0oav3kfVsA5EotpxXtczhywhnEicxHwixoHCArv6V0FheAPqsL/Id5YxzeDxqhFFhjp8DNxAwlKEEuAyKanlUyYugRhIlRBqZgZtaWI24bIigk/kD3XvA1ERVbxGk4uSJPD94Wgxsg6+Vi/isD68dx3WLFhhCYRUtqrvQBbfTnaxmWW2YKFNvyn8RxyTDY5Y6/aMUADtZH8Dw02HeqmZayuN9+YISt81AMpvA38vYDK5Okmnu5NfUPfBNCEmW2qwLTXwNAVkSpUmQqAJo1VRX92OZn6Bc6S+8jAwRe6kkU30cMcf+E/3nz33wR/89PzgmT+E4cBv2tVgx1u042h7658gUbTMmbRUEGPGQ7+wYUW05VQwzL00rCD0nEzYOJnywkiSMxNW8+YRquEJricoXY0/aaFBV50qkhtzmcdomRObmetrDty0Ni5tehBWXBaldfprAqWlAKvAvWiQcM2oxZuTcEI1x3SBZkQTavHdW4tSaKVSq9n6bqq8FJZrNXNHshL3SJ5gukqEVZNTweg1N0S1Sc06Ohd2bjVBEC83QWZXjZQRW2pmqiNSFFxORnhiP7pTQzPDbE64dGbjsHqZqJjBH0waJeFYq6UBJuAsdl/juy37v/IJt2ZvfEKJYKMjYmn2Ws2YpvhP8HGO37AC57c5H3HJl25Pln46r15lpCAaxfiBEYVpiGw4zZ1SQcdcSXVHR6l0jvo2bEo0yiw37ba4nGXcMoMHwFCzvh/2UPw3pH5z8GZ/MPQHwz/3d14cLK7BA+9b7ztv1xt6P3svvN+9Y+/Uo51Rh3ZEJ+8edv/uTrq8Nd26t/D5xltrXf0/ywOvSQ==</latexit>

Insecurity Problem

For the derivability problem, just one substitution µ for

the witnesses for ∃i. Here, the intruder can inject terms,

so a σ for the terms in (S; A) as well as µ.

Can get small ν instead of µ as earlier. But not yet clear

how to do that for σ.

Solve the insecurity problem for finitely many sessions

and bounded substitutions.

Insecurity Problem

Input: protocol Pr, bound k on the number of sessions,

bound n on the size of σ.

Σ3 algorithm: Guess a suitable σ of size ≤n, and a run with ≤k

sessions — both polynomial in input. Verifying enabledness

for actions uses Π2 algorithm for the derivability problem.

Tight bound: similar reduction as earlier from validity of

QBF formulas of the form ∃r1…rl∀p1…pm∃q1…qnψ.

Future Work

Procedure to obtain a small equivalent for the σ in the

insecurity problem; remove that parameter from input.

Implementation and tool support.

Derivability problem in the presence of non-trivial

equational theories.

Conclusion

Presented an abstract model for security protocols

involving certification.

Extended the Dolev-Yao model with assertions, and

modelled the FOO e-voting protocol in this system.

Provided algorithms and complexity results for the

verification problems of interest.

References

Existential Assertions for Voting Protocols

R Ramanujam, Vaishnavi Sundararajan and S P Suresh

Proc. FC 2017 Workshops (Voting '17), Springer LNCS vol. 10323, 337–352.

The complexity of disjunction in intuitionistic logic

R Ramanujam, Vaishnavi Sundararajan and S P Suresh

Proc. LFCS 2016, Springer LNCS vol. 9537, 349–363.

Extending Dolev-Yao with assertions

R Ramanujam, Vaishnavi Sundararajan and S P Suresh

Proc. ICISS 2014, Springer LNCS vol. 8880, 50–68.

Thank you!