Epistemic verification of anonymity
Abstract
Model checking techniques for communication protocols usually are phrased in terms of processes, basically labelled arcs in a labelled transition system. We propose to lift checking for such protocols to a more abstract level by analysing the protocols as composite communicative actions, with a communicative action viewed as a mapping on an appropriate class of epistemic models. As an example, we analyse an anonymous broadcast protocol (Chaum’s well-known dining cryptographers protocol) and an electronic voting protocol.