, En effet, ce système de types s'obtient comme solution d'un problème d'unification : il faut garantir que les sous-termes chiffrés unifiables aient le même type ; si nous considérons les types des variables comme des variables de type, il s'agit donc d'unifier les types des sous-termes chiffrés. Lorsque le problème d'unification n'a pas de solution, le protocole n'est conforme à aucun système de types structuré. Enfin, si nous pouvions établir automatiquement la borne de [53], il nous serait possible, à partir d'une spécification du protocole, de calculer le scénario désiré afin d'obtenir une preuve pour un nombre arbitraire de sessions. De plus, un travail d'optimisation de cette borne est possible. Ces résultats, Une extension plus profonde consisterait à calculer automatiquement le système de type structuré le plus fin auquel le protocole est conforme

. Akiss,

. Deepsec,

. Sat-equiv,

M. Abadi, B. Blanchet, and C. Fournet, The applied pi calculus: mobile values, new names, and secure communication, Journal of the ACM, vol.65, issue.1, p.1, 2017.
URL : https://hal.archives-ouvertes.fr/hal-01423924

M. Abadi and V. Cortier, Deciding knowledge in security protocols under equational theories, Theoretical Computer Science, vol.367, issue.1, pp.2-32, 2006.
URL : https://hal.archives-ouvertes.fr/inria-00000554

M. Abadi and C. Fournet, Mobile Values, New Names, and Secure Communication, Proceedings of the 28th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL'01), pp.104-115, 2001.
URL : https://hal.archives-ouvertes.fr/hal-01423924

M. Abadi and A. Gordon, A calculus for cryptographic protocols: The spi calculus, Proceedings of the 4th ACM Conference on Computer and Communications Security (CCS'97), pp.36-47, 1997.

M. Abadi and P. Rogaway, Reconciling two views of cryptography (the computational soundness of formal encryption), Journal of Cryptology, vol.15, issue.2, pp.103-127, 2002.

B. Adida, Helios: Web-based Open-Audit Voting, Proceedings of the 17th USENIX Security Symposium (USENIX Security'08), pp.335-348, 2008.

O. Almousa, S. Mödersheim, P. Modesti, and L. Viganò, Typing and Compositionality for Security Protocols: A Generalization to the Geometric Fragment, Proceedings of the 20th European Symposium on Research in Computer Security (ESORICS'15), pp.209-229, 2015.

R. Amadio, D. Lugiez, and V. Vanackère, On the symbolic reduction of processes with cryptographic functions, Theoretical Computer Science, vol.1, issue.290, pp.695-740, 2003.
URL : https://hal.archives-ouvertes.fr/inria-00072478

M. Arapinis, V. Cheval, and S. Delaune, Composing security protocols: from confidentiality to privacy, Proceedings of the 4th International Conference on Principles of Security and Trust (POST'15), pp.324-343, 2015.

M. Arapinis, T. Chothia, E. Ritter, and M. Ryan, Analysing Unlinkability and Anonymity Using the Applied Pi Calculus, Proceedings of the 23rd Computer Security Foundations Symposium (CSF'10), pp.107-121, 2010.

M. Arapinis and M. Duflot, Bounding messages for free in security protocols, Proceedings of the 27th Conference on Foundations of Software Technology and Theoretical Computer Science (FSTTCS'07), pp.376-387, 2007.
URL : https://hal.archives-ouvertes.fr/hal-01195943

A. Armando, R. Carbone, and L. Compagna, LTL model checking for security protocols, Journal of Applied Non-Classical Logics, vol.19, issue.4, pp.403-429, 2009.

A. Armando, R. Carbone, and L. Compagna, SATMC: a SAT-based Model Checker for Security-critical Systems, Proceedings of the 20th international Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS'14), p.181, 2014.

A. Armando, R. Carbone, and L. Compagna, Jorge Cuellar et Llanos Tobarra : Formal analysis of SAML 2.0 web browser single sign-on: breaking the SAML-based Single Sign-On for Google apps, Proceedings of the 6th ACM Workshop on Formal Methods in Security Engineering (FMSE'08), pp.1-10, 2008.

A. Armando, R. Carbone, and L. Zanetti, Formal modeling and automatic security analysis of two-factor and two-channel authentication protocols, Proceedings of the 7th International Conference on Network and System Security (NSS'13), pp.728-734, 2013.

A. Armando and L. Compagna, SATMC: a SAT-based model checker for security protocols, Proceedings of the 2004 European Workshop on Logics in Artificial Intelligence (JELIA'04), pp.730-733, 2004.

A. Armando and L. Compagna, SAT-based model-checking for security protocols analysis, International Journal of Information Security, vol.7, pp.3-32, 2008.

A. Armando, L. Compagna, and P. Ganty, SAT-based Model-Checking of Security Protocols using Planning Graph Analysis, Proceedings of the 12th International Symposium of Formal Methods Europe (FME'03), pp.875-893, 2003.

A. Armando and S. Ponta, Model checking of security-sensitive business processes, Proceedings of the 2009 International Workshop on Formal Aspects in Security and Trust (FAST'09), pp.66-80, 2009.

S. Arora and B. Barak, Computational complexity: a modern approach, 2009.

W. Arsac, L. Compagna, G. Pellegrino, and S. Ponta, Security validation of business processes via model-checking, Proceedings of the 2011 International Symposium on Engineering Secure Software and Systems (ESSoS'11), pp.29-42, 2011.

D. Baelde, S. Delaune, I. Gazeau, and S. Kremer, Symbolic verification of privacy-type properties for security protocols with XOR, Proceedings of the 30th IEEE Computer Security Foundations Symposium (CSF'17), pp.234-248, 2017.
URL : https://hal.archives-ouvertes.fr/hal-01533694

D. Baelde, S. Delaune, and L. Hirschi, Partial Order Reduction for Security Protocols, Proceedings of the 26th International Conference on Concurrency Theory (CONCUR'15), pp.497-510, 2015.

T. Balyo, M. Heule, and M. Järvisalo, Proceedings of SAT Competition 2017: Solver and Benchmark Descriptions, 2017.

G. Bana and . Hubert-comon-lundh, Towards unconditional soundness: Computationally complete symbolic attacker, Proceedings of the 1st International Conference on Principles of Security and Trust (POST'12), pp.189-208, 2012.
URL : https://hal.archives-ouvertes.fr/hal-00863380

D. Basin, J. Dreier, and R. Sasse, Automated symbolic proofs of observational equivalence, Proceedings of the 22nd International Conference on Computer and Communications Security (CCS'15), pp.1144-1155, 2015.
URL : https://hal.archives-ouvertes.fr/hal-01337409

M. Baudet, Deciding security of protocols against off-line guessing attacks, Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS'05), pp.16-25, 2005.

R. Bayardo, . Et-robert, and . Schrag, Using CSP Look-back Techniques to Solve Realworld SAT Instances, Proceedings of the 14th National Conference on Artificial Intelligence and 9th Conference on Innovative Applications of Artificial Intelligence (AAAI'97/IAAI'97), pp.203-208, 1997.

B. Beurdouche, K. Bhargavan, A. Delignat-lavaud, C. Fournet, M. Kohlweiss et al., A messy state of the union: Taming the composite state machines of TLS, Proceedings of the 2015 IEEE Symposium on Security and Privacy (S&P'15), pp.535-552, 2015.
URL : https://hal.archives-ouvertes.fr/hal-01114250

B. Blanchet, An Efficient Cryptographic Protocol Verifier Based on Prolog Rules, Proceedings of the 14th IEEE Computer Security Foundations Symposium (CSF'14), pp.82-96, 2001.

B. Blanchet, A computationally sound mechanized prover for security protocols, IEEE Transactions on Dependable and Secure Computing, vol.5, issue.4, pp.193-207, 2008.

B. Blanchet, Automatic verification of security protocols: formal model and computational model. Mémoire d'habilitation à diriger des recherches, 2008.

B. Blanchet, M. Abadi, and C. Fournet, Automated Verification of Selected Equivalences for Security Protocols, Journal of Logic and Algebraic Programming, vol.75, issue.1, pp.3-51, 2008.

B. Blanchet and A. Podelski, Verification of Cryptographic Protocols: Tagging Enforces Termination, Proceedings of the 6th International Conference on Foundations of Software Science and Computation Structures (FoSSaCS'03), pp.136-152, 2003.

A. Blum and M. Furst, Fast Planning Through Planning Graph Analysis, vol.90, pp.281-300, 1997.

M. Bortolozzo, M. Centenaro, R. Focardi, and G. Steel, Attacking and fixing PKCS# 11 security tokens, Proceedings of the 17th ACM conference on Computer and Communications Security (CCS'10), pp.260-269, 2010.

T. Bylander, The Computational Complexity of Propositional STRIPS Planning. Artificial Intelligence, vol.69, pp.165-204, 1994.

I. Cervesato, N. Durgin, P. Lincoln, J. Mitchell, and A. Scedrov, A meta-notation for protocol analysis, Proceedings of the 12th IEEE Computer Security Foundations Workshop (CSFW'99), pp.55-69, 1999.

R. Chadha, V. Cheval, ?. Ciobâc?, and S. Kremer, Automated verification of equivalence properties of cryptographic protocol, ACM Transactions on Computational Logic, 2016.

R. Chadha, ?. Ciobâc?, and S. Kremer, Automated verification of equivalence properties of cryptographic protocols, Proceedings of the 21th European Symposium on Programming (ESOP'12), pp.108-127, 2012.
URL : https://hal.archives-ouvertes.fr/hal-00732905

V. Cheval, APTE: an Algorithm for Proving Trace Equivalence, Proceedings of the 20th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS'14), pp.587-592, 2014.

V. Cheval, S. Kremer, and . Itsaka-rakotonirina, DEEPSEC: Deciding Equivalence Properties in Security Protocols-Theory and Practice, Proceedings of the 2018 IEEE Symposium on Security and Privacy (S&P'18), pp.525-542, 2018.
URL : https://hal.archives-ouvertes.fr/hal-01698177

Y. Chevalier, R. Küsters, M. Rusinowitch, and . Mathieu-turuani, Deciding the security of protocols with Diffie-Hellman exponentiation and products in exponents, Proceedings of the 23rd International Conference on Foundations of Software Technology and Theoretical Computer Science (FSTTCS'03), pp.124-135, 2003.
URL : https://hal.archives-ouvertes.fr/inria-00103935

Y. Chevalier, R. Küsters, M. Rusinowitch, and . Mathieu-turuani, An NP decision procedure for protocol insecurity with XOR, Theoretical Computer Science, vol.338, issue.13, pp.247-274, 2005.
URL : https://hal.archives-ouvertes.fr/inria-00103954

Y. Chevalier and . Rusinowitch, Decidability of equivalence of symbolic derivations, Journal of Automated Reasoning, vol.48, issue.2, pp.263-292, 2012.
URL : https://hal.archives-ouvertes.fr/inria-00527630

T. Chothia and V. Smirnov, A traceability attack against e-passports, Proceedings of the 2010 International Conference on Financial Cryptography and Data Security (FC'10), pp.20-34, 2010.

R. Chrétien, V. Cortier, and . Stéphanie-delaune, Typing messages for free in security protocols: the case of equivalence properties, Proceedings of the 25th International Conference on Concurrency Theory (CONCUR'14), pp.372-386, 2014.

R. Chrétien, V. Cortier, and . Stéphanie-delaune, Checking trace equivalence: How to get rid of nonces?, Proceedings of the 20th European Symposium on Research in Computer Security (ESORICS'15), 2015.

R. Chrétien, V. Cortier, and . Stéphanie-delaune, Decidability of trace equivalence for protocols with nonces, Proceedings of the 28th IEEE Computer Security Foundations Symposium (CSF'15), pp.170-184, 2015.

R. Chrétien, V. Cortier, and . Stéphanie-delaune, From security protocols to pushdown automata, ACM Transactions on Computational Logic, vol.17, p.3, 2015.

?. Ciobâc? and V. Cortier, Protocol composition for arbitrary primitives, Proceedings of the 23rd IEEE Computer Security Foundations Symposium (CSF'10), pp.322-336, 2010.

?. Ciobâc?, S. Delaune, and S. Kremer, Computing knowledge in security protocols under convergent equational theories, Proceedings of the 22nd International Conference on Automated Deduction (CADE'09), pp.355-370, 2009.

J. Clark and J. Jacob, A survey of authentication protocol literature: Version 1.0, 1997.

V. Hubert-comon-lundh and . Cortier, Security Properties: Two Agents are Sufficient, Science of Computer Programming, vol.50, issue.1-3, pp.51-71, 2004.

B. Conchinha, D. Basin, and C. Caleiro, Efficient decision procedures for message deducibility and static equivalence, Proceedings of the 2010 International Workshop on Formal Aspects in Security and Trust (FAST'10), pp.34-49, 2010.

V. Cortier, A. Dallon, and . Stéphanie-delaune, Bounding the number of agents, for equivalence too, Proceedings of the 5th International Conference on Principles of Security and Trust (POST'16), pp.211-232, 2016.
URL : https://hal.archives-ouvertes.fr/hal-01361286

V. Cortier, A. Dallon, and . Stéphanie-delaune, SAT-Equiv: an efficient tool for equivalence properties, Proceedings of the 30th IEEE Computer Security Foundations Symposium (CSF'17), pp.481-494, 2017.
URL : https://hal.archives-ouvertes.fr/hal-01906641

V. Cortier, A. Dallon, and . Stéphanie-delaune, Efficiently deciding equivalence for standard primitives and phases, Proceedings of the 23rd European Symposium on Research in Computer Security (ESORICS'18), 2018.
DOI : 10.1007/978-3-319-99073-6_24
URL : https://hal.archives-ouvertes.fr/hal-01900083

V. Cortier and . Stéphanie-delaune, Safely Composing Security Protocols. Formal Methods in System Design, vol.34, pp.1-36, 2009.
DOI : 10.1007/978-3-540-77050-3_29
URL : https://hal.archives-ouvertes.fr/inria-00157889

V. Cortier, N. Grimm, J. Lallemand, and M. Maffei, A type system for privacy properties, Proceedings of the 24th ACM Conference on Computer and Communications Security (CCS'17), pp.409-423, 2017.
DOI : 10.1145/3133956.3133998
URL : https://hal.archives-ouvertes.fr/hal-01626109

V. Cortier, N. Grimm, J. Lallemand, and M. Maffei, Equivalence properties by typing in cryptographic branching protocols, Proceedings of the 7th International Conference on Principles of Security and Trust (POST'18), pp.160-187, 2018.
DOI : 10.1007/978-3-319-89722-6_7
URL : https://hal.archives-ouvertes.fr/hal-01900079

V. Cortier and C. Wiedling, A formal analysis of the Norwegian E-voting protocol, Journal of Computer Security, vol.25, pp.21-57, 2017.
URL : https://hal.archives-ouvertes.fr/inria-00636115

W. Diffie and M. Hellman, New directions in cryptography, IEEE Transactions on Information Theory, vol.22, issue.6, pp.644-654, 1976.
DOI : 10.1109/tit.1976.1055638

D. Dolev and A. Yao, On the security of public key protocols, IEEE Transactions on Information Theory, vol.29, issue.2, pp.198-207, 1983.

N. Durgin, P. Lincoln, J. Mitchell, and A. Scedrov, Undecidability of bounded security protocols, Proceedings of the 1999 Workshop on Formal Methods and Security Protocols (FMSP'99), 1999.

N. Durgin, P. Lincoln, J. Mitchell, and A. Scedrov, Multiset rewriting and the complexity of bounded security protocols, Journal of Computer Security, vol.12, issue.2, pp.247-311, 2004.

N. Een and N. Sörensson, An Extensible SAT-solver, Proceedings of the 2003 International Conference on Theory and Applications of Satisfiability Testing (SAT'03), pp.502-518, 2003.

M. Ernst, T. Millstein, and D. Weld, Automatic SAT-compilation of planning problems, Proceedings of the 15th International Joint Conference on Artificial Intelligence (IJCAI'97), pp.1169-1176, 1997.

S. Escobar, C. Meadows, and J. Meseguer, A rewriting-based inference system for the NRL protocol analyzer and its meta-logical properties, Theoretical Computer Science, vol.367, issue.1-2, pp.162-202, 2006.

J. Fábrega, J. Herzog, and J. Guttman, Strand spaces: Why is a security protocol correct?, Proceedings of the 1998 IEEE Symposium on Security and Privacy (S&P'98), pp.160-171, 1998.

R. Fikes and N. Nilsson, STRIPS: A New Approach to the Application of Theorem Proving to Problem Solving, Artificial Intelligence, vol.2, pp.189-208, 1971.

J. Heather, G. Lowe, and S. Schneider, How to prevent type flaw attacks on security protocols, Journal of Computer Security, vol.11, issue.2, pp.217-244, 2003.

N. Heintze and D. Tygar, A model for secure protocols and their compositions, IEEE Transactions on Software Engineering, vol.22, issue.1, pp.16-30, 1996.

A. Hess and S. Mödersheim, Formalizing and Proving a Typing Result for Security Protocols in Isabelle/HOL, Proceedings of the 30th IEEE Computer Security Foundations Symposium (CSF'17), pp.451-463, 2017.

L. Hirschi, D. Baelde, and . Stéphanie-delaune, A method for verifying privacy-type properties: the unbounded case, Proceedings of the 2016 IEEE Symposium on Security and Privacy (S&P'16), pp.564-581, 2016.

D. Kahn, The Codebreakers: a Comprehensive History of Secret Communication from Ancient Times to the Internet, Revised and Updated, 1996.

H. Kautz and B. Selman, Unifying SAT-based and graph-based planning, Proceedings of the 16th International Joint Conference on Artificial Intelligence (IJCAI'99), pp.318-325, 1999.

H. Kautz and B. Selman, Planning as Satisfiability, Proceedings of the 10th European Conference on Artificial Intelligence (ECAI'92), pp.359-363, 1992.

G. Lowe, An Attack on the Needham-Schroeder Public-Key Authentication Protocol, Information Processing Letters, vol.56, issue.3, 1995.

G. Lowe, Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR. Software-Concepts and Tools, vol.17, pp.93-102, 1996.

J. Marques-silva and K. Sakallah, GRASP-a New Search Algorithm for Satisfiability, Proceedings of the 1996 IEEE/ACM International Conference on Computer-Aided Design (ICCAD'96), pp.220-227, 1996.

S. Meier and B. Schmidt, Cas Cremers et David Basin : The TAMARIN Prover for the Symbolic Analysis of Security Protocols, Proceedings of the 25th International Conference on Computer Aided Verification (CAV'13), pp.696-701, 2013.

R. Needham and M. Schroeder, Using encryption for authentication in large networks of computers, Communications of the ACM, vol.21, issue.12, pp.993-999, 1978.

, International Civil Aviation Organization, Technical Advisory Group on Machine Readable Travel Documents (TAG/MRTD) : Revision of Doc 9303-Machine Readable Travel Documents, 2014.

D. Otway and O. Rees, Efficient and Timely Mutual Authentication. Operating Systems Review, vol.21, issue.1, pp.8-10, 1987.

E. Post, A variant of a recursively unsolvable problem, Bulletin of the American Mathematical Society, vol.52, issue.4, pp.264-268, 1946.

S. P. Ramaswamy-ramanujam, Suresh : Tagging Makes Secrecy Decidable with Unbounded Nonces as Well, Proceedings of the 23rd Conference of Foundations of Software Technology and Theoretical Computer Science (FSTTCS'03), pp.363-374, 2003.

J. Rintanen, K. Heljanko, and . Ilkka-niemelä, Planning as satisfiability: parallel plans and algorithms for plan search, Artificial Intelligence, vol.170, pp.1031-1080, 2006.

R. Rivest, A. Shamir, and L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, vol.21, issue.2, pp.120-126, 1978.

M. Rusinowitch and . Mathieu-turuani, Protocol Insecurity with Finite Number of Sessions and Composed Keys is NP-complete, Theoretical Computer Science, vol.299, pp.451-475, 2003.

S. Santiago, S. Escobar, C. Meadows, and J. Meseguer, A Formal Definition of Protocol Indistinguishability and Its Verification Using Maude-NPA, Proceedings of the 10th Security and Trust Management Workshop (STM'14), pp.162-177, 2014.

A. Shamir, How to Share a Secret, Communications of the ACM, vol.22, issue.11, pp.612-613, 1979.

C. Shannon, Communication theory of secrecy systems, Bell System Technical Journal, vol.28, issue.4, pp.656-715, 1949.

A. Tiu, A Trace Based Bisimulation for the Spi Calculus, Proceedings of the 5th Asian Symposium for Programming Languages and Systems (APLAS'07), pp.367-382, 2007.

A. Tiu and J. Dawson, Automating open bisimulation checking for the spi-calculus, Proceedings of the 23rd IEEE Computer Security Foundations Symposium (CSF'10), pp.307-321, 2010.

. .. Akiss, , vol.20, p.169

. .. Algèbre-de-processus,

. .. Anonymat,

. .. Applicable,

A. .. , , vol.20, p.169

. .. Atome, , vol.15, p.125

. .. Chemin,

. .. Chiffrement-asymétrique, , vol.12, p.30

.. .. De-shamir, , vol.26, p.30

. .. Clause, , vol.28, p.42

. .. Clos,

. .. Compatible,

. .. Confluence,

. .. Conformité,

. .. Conforme,

. .. Conformité, , vol.22, p.167

. .. Constante,

. .. Constructeur,

. .. Terme, , vol.26, p.29

. .. Contexte, , vol.48, p.126

. .. Contour, , vol.42, p.77

. .. Compatible,

. .. Convergence, , vol.20, p.169

. .. Destructeur, , vol.26, p.42

.. .. Destructrice-recette,

. .. Déterminé,

. .. Déterminisme, 21, 38, 95 par action

. .. Domaine, , vol.68, p.125

. .. État-résultant,

. .. Exclusion-mutuelle, , vol.107, p.119

. .. Filtrage,

. .. Forme-normale, , vol.48, p.124

. .. G-graphe-de-planification, , vol.106, p.159

H. Hachage and .. .. ,

. .. Indistinguabilité,

. Index and . .. Let,

. .. Plan,

. .. Littéral, , vol.78, p.168

. .. Message, , vol.32, p.100

. .. Pas,

. .. Phase,

. .. Algorithme, , vol.110, p.159

.. .. Oracle-de, , vol.104, p.152

.. .. Problème-de,

. .. Règle-de, , vol.102, p.138

.. .. Système-de,

. .. Primitive, , vol.12, p.26

. .. Processus,

. .. Propriété, , vol.15

. .. Protocole, , vol.33, p.162

.. .. De-denning-sacco,

. .. De-needham-schroeder, , vol.17, p.164

. .. De-needham-schroeder-lowe, , p.167

. .. De-yahalom-paulson, , p.165

. .. Single-sign-on, , vol.17, p.22

. .. Recette,

. .. Réécriture,

.. .. Règle-de, , vol.29, p.124

.. .. Système-de, , vol.126, p.138

. .. Renommage, , vol.159, p.170

S. .. , , vol.22, p.117

. .. Secret, , vol.15, p.36

. .. Séquentiel,

. .. Signature, , vol.13, p.31

S. Fortement,

. .. Recette,

. .. Sorte, , vol.28, p.42

. .. Sous-terme,

.. Propriété, , vol.20, p.169

. .. Symbole-de-fonction,

. .. Constructeur,

-. .. Sous, , vol.42, p.77

.. .. Théories,

T. .. ,

. .. Trame,

. .. Transparent,

. .. Tuples,

. .. Unificateur-le-plus-général, , p.27

. .. Variable,