Skip to Main content Skip to Navigation

Tree automata with global constraints for the verification of security properties

Abstract : We study here several classes of finite state automata running on trees, extended with constraints that allow to test for equalities or disequalities between subterms. We focus on tree automata with global constraints where the tests are done depending on the states reached by the automaton on its runs. Such automata were introduced in studies on semi-structured documents. We do here a detailed comparison between those automata and other models that allow to operate similar tests, like tree automata with constraints between brothers, or tree automata with an auxiliary memory. We show how such automata may be used to verify security properties on cryptographic protocols. Tree automata have already been used to modelize the messages exchanged during a protocol session. By adding equality constraints, we can describe precisely protocol sessions that use a same message several times, hence avoiding an approximation. Then, we answer positively the decision problem of the emptiness of the languages recognized by tree automata with global constraints. By showing that their expressivity is very close from the one of the automata operating on directed acyclic graphs representations of terms, we infer an emptiness decision procedure in double exponential non-deterministic time. Finally, we study the emptiness decision problem for automata with global constraints where we authorize "key constraints", that intuitively allow that all subtrees of a given type in an input tree are distincts. We give an emptiness decision procedure of non-primitive recursive complexity. Key constraints are classicaly used to represent a unique identifier. We describe a non-primitive recusrive emptiness decision procedure. We show that this procedure is very robust and that it allows to extend the automata with additionnal constraints, like counting constraints or local tests, while preserving decidability.
Document type :
Complete list of metadata
Contributor : Abes Star :  Contact
Submitted on : Monday, June 6, 2011 - 3:40:21 PM
Last modification on : Monday, February 15, 2021 - 10:50:18 AM


Version validated by the jury (STAR)


  • HAL Id : tel-00598494, version 1



Camille Vacher. Tree automata with global constraints for the verification of security properties. Other [cs.OH]. École normale supérieure de Cachan - ENS Cachan, 2010. English. ⟨NNT : 2010DENS0043⟩. ⟨tel-00598494⟩



Record views


Files downloads