Abstract
Narrowing is a well-known complete procedure for equational E-unification when E can be decomposed as a union E = Δ {plus sign in big union} B with B a set of axioms for which a finitary unification algorithm exists, and = Δa set of confluent, terminating, and B-coherent rewrite rules. However, when B ≠ θ, effective narrowing strategies such as basic narrowing easily fail to be complete and cannot be used. This poses two challenges to narrowing-based equational unification: (i) finding effective narrowing strategies that are complete modulo B under mild assumptions on B, and (ii) finding sufficient conditions under which such narrowing strategies yield finitary E-unification algorithms. Inspired by Comon and Delaune's notion of E-variant for a term, we propose a new narrowing strategy called variant narrowing that has a search space potentially much smaller than full narrowing, is complete, and yields a finitary E-unification algorithm when E has the finite variant property. We also discuss applications to symbolic reachability analysis of concurrent systems specified as rewrite theories, and in particular to the formal analysis of cryptographic protocols modulo the algebraic properties of the underlying cryptographic functions.
| Original language | English (US) |
|---|---|
| Pages (from-to) | 91-105 |
| Number of pages | 15 |
| Journal | Electronic Notes in Theoretical Computer Science |
| State | Published - 2008 |
| Event | 7th International Workshop on Rewriting Logic and its Applications, WRLA 2008 (European Joint Conference on Theory and Practice of Software, ETAPS 2008) - Budapest, Hungary Duration: Mar 29 2008 → Mar 30 2008 |
Keywords
- Cryptographic protocol analysis
- Equational unification
- Finite variant property
- Narrowing
- Symbolic reachability analysis
ASJC Scopus subject areas
- Theoretical Computer Science
- Computer Science(all)