Bisimulation for Demonic Schedulers

Bisimulation between processes has been proven a successful method for formalizing security properties. We argue that in certain cases, a scheduler that has full information on the process and collaborates with the attacker can allow him to distinguish two processes even though they are bisimilar. This phenomenon is related to the issue that bisimilarity is not preserved by refinement. As a solution, we introduce a finer variant of bisimulation in which processes are required to simulate each other under the "same" scheduler. We formalize this notion in a variant of CCS with explicit schedulers and show that this new bisimilarity can be characterized by a refinement-preserving traditional bisimilarity. Using a third characterization of this equivalence, we show how to verify it for finite systems. We then apply the new equivalence to anonymity and show that it implies strong probabilistic anonymity, while the traditional bisimulation does not. Finally, to illustrate the usefulness of our approach, we perform a compositional analysis of the Dining Cryptographers with a non-deterministic order of announcements and for an arbitrary number of cryptographers.

[1]  Catuscia Palamidessi,et al.  Making Random Choices Invisible to the Scheduler , 2007, CONCUR.

[2]  Jan Jürjens,et al.  Secrecy-Preserving Refinement , 2001, FME.

[3]  Kim G. Larsen,et al.  On Modal Refinement and Consistency , 2007, CONCUR.

[4]  Martín Abadi,et al.  A Calculus for Cryptographic Protocols: The spi Calculus , 1999, Inf. Comput..

[5]  David Chaum,et al.  The dining cryptographers problem: Unconditional sender and recipient untraceability , 1988, Journal of Cryptology.

[6]  Konstantinos Chatzikokolakis,et al.  Spécification et vérification des protocoles de sécurité probabilistes. (Probabilistic and Information-Theoretic Approaches to Anonymity) , 2007 .

[7]  A. W. Roscoe CSP and determinism in security modelling , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[8]  Ran Canetti,et al.  Time-Bounded Task-PIOAs: A Framework for Analyzing Security Protocols , 2006, DISC.

[9]  A. W. Roscoe Modelling and verifying key-exchange protocols using CSP and FDR , 1995, Proceedings The Eighth IEEE Computer Security Foundations Workshop.

[10]  Christel Baier,et al.  Polynomial Time Algorithms for Testing Probabilistic Bisimulation and Simulation , 1996, CAV.

[11]  John C. Mitchell,et al.  A probabilistic poly-time framework for protocol analysis , 1998, CCS '98.

[12]  Prakash Panangaden,et al.  Epistemic Strategies and Games on Concurrent Processes , 2009, SOFSEM.

[13]  Ana Sokolova,et al.  Probabilistic Anonymity and Admissible Schedulers , 2007, ArXiv.

[14]  Vincent Danos,et al.  Transactions in RCCS , 2005, CONCUR.

[15]  Martín Abadi,et al.  Mobile values, new names, and secure communication , 2001, POPL '01.

[16]  Elisa Bertino,et al.  Computer Security — ESORICS 96 , 1996, Lecture Notes in Computer Science.

[17]  Brian Campbell,et al.  Amortised Memory Analysis Using the Depth of Data Structures , 2009, ESOP.

[18]  Heiko Mantel,et al.  Possibilistic definitions of security-an assembly kit , 2000, Proceedings 13th IEEE Computer Security Foundations Workshop. CSFW-13.

[19]  Martín Abadi,et al.  A calculus for cryptographic protocols: the spi calculus , 1997, CCS '97.

[20]  Mária Bieliková,et al.  SOFSEM 2008: Theory and Practice of Computer Science, 34th Conference on Current Trends in Theory and Practice of Computer Science, Nový Smokovec, Slovakia, January 19-25, 2008, Proceedings , 2008, SOFSEM.

[21]  Steve A. Schneider,et al.  CSP and Anonymity , 1996, ESORICS.

[22]  Roberto Segala,et al.  Modeling and verification of randomized distributed real-time systems , 1996 .

[23]  Mark Ryan,et al.  Analysis of an Electronic Voting Protocol in the Applied Pi Calculus , 2005, ESOP.

[24]  José Nuno Oliveira,et al.  FME 2001: Formal Methods for Increasing Software Productivity , 2001, Lecture Notes in Computer Science.

[25]  John McLean,et al.  A General Theory of Composition for a Class of "Possibilistic'' Properties , 1996, IEEE Trans. Software Eng..

[26]  Catuscia Palamidessi,et al.  Probabilistic Anonymity , 2005, CONCUR.