Variant Narrowing and Equational Unification

Narrowing is a well-known complete procedure for equational E-unification when E can be decomposed as a union E=@D@?B with B a set of axioms for which a finitary unification algorithm exists, and @D a set of confluent, terminating, and B-coherent rewrite rules. However, when B @A, effective narrowing strategies such as basic narrowing easily fail to be complete and cannot be used. This poses two challenges to narrowing-based equational unification: (i) finding effective narrowing strategies that are complete modulo B under mild assumptions on B, and (ii) finding sufficient conditions under which such narrowing strategies yield finitary E-unification algorithms. Inspired by Comon and Delaune's notion of E-variant for a term, we propose a new narrowing strategy called variant narrowing that has a search space potentially much smaller than full narrowing, is complete, and yields a finitary E-unification algorithm when E has the finite variant property. We also discuss applications to symbolic reachability analysis of concurrent systems specified as rewrite theories, and in particular to the formal analysis of cryptographic protocols modulo the algebraic properties of the underlying cryptographic functions.

[1]  P. Sedgwick Matching , 2009, BMJ : British Medical Journal.

[2]  Nachum Dershowitz,et al.  Decidable Matching for Convergent Systems (Preliminary Version) , 1992, CADE.

[3]  Mark E. Stickel,et al.  Complete Sets of Reductions for Some Equational Theories , 1981, JACM.

[4]  José Meseguer,et al.  Natural Narrowing for General Term Rewriting Systems , 2004, RTA.

[5]  Claude Kirchner,et al.  Incremental Construction of Unification Algorithms in Equational Theories , 1983, ICALP.

[6]  José Meseguer,et al.  Symbolic Model Checking of Infinite-State Systems Using Narrowing , 2007, RTA.

[7]  Paliath Narendran,et al.  Matching, unification and complexity , 1987, SIGS.

[8]  Stéphanie Delaune,et al.  The Finite Variant Property: How to Get Rid of Some Algebraic Properties , 2005, RTA.

[9]  Jean-Pierre Jouannaud,et al.  Rewrite Systems , 1991, Handbook of Theoretical Computer Science, Volume B: Formal Models and Sematics.

[10]  Emanuele Viola E-unifiability via Narrowing , 2001, ICTCS.

[11]  Michael Hanus,et al.  Lazy Narrowing with Simplification , 1997, Comput. Lang..

[12]  José Meseguer,et al.  Equational Cryptographic Reasoning in the Maude-NRL Protocol Analyzer , 2007, Electron. Notes Theor. Comput. Sci..

[13]  Franz Baader,et al.  Unification theory , 1986, Decis. Support Syst..

[14]  José Meseguer,et al.  Conditioned Rewriting Logic as a United Model of Concurrency , 1992, Theor. Comput. Sci..

[15]  José Meseguer,et al.  Symbolic Reachability Analysis Using Narrowing and its Application to Verification of Cryptographic Protocols , 2004, WRLA.

[16]  José Meseguer,et al.  Diffie-Hellman Cryptographic Reasoning in the Maude-NRL Protocol Analyzer , 2006 .

[17]  José Meseguer,et al.  Membership algebra as a logical framework for equational specification , 1997, WADT.

[18]  Patrick Viry,et al.  Equational rules for rewriting logic , 2002, Theor. Comput. Sci..

[19]  Jean-Marie Hullot,et al.  Canonical Forms and Unification , 1980, CADE.

[20]  Enno Ohlebusch,et al.  Term Rewriting Systems , 2002 .

[21]  José Meseguer,et al.  Effectively Checking the Finite Variant Property , 2008, RTA.

[22]  José Meseguer,et al.  A rewriting-based inference system for the NRL Protocol Analyzer and its meta-logical properties , 2006, Theor. Comput. Sci..

[23]  José Meseguer,et al.  Symbolic reachability analysis using narrowing and its application to verification of cryptographic protocols , 2007, High. Order Symb. Comput..