Departmental Papers (CIS)

Date of this Version

June 2001

Document Type

Conference Paper


Copyright 2001 IEEE. Reprinted from Proceedings of the 14th IEEE Computer Security Foundations Workshop 2001, pages 256-259.

This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of the University of Pennsylvania's products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to By choosing to view this document, you agree to all provisions of the copyright laws protecting it.


The theory of relational parametricity and its logical relations proof technique are powerful tools for reasoning about information hiding in the polymorphic λ-calculus. We investigate the application of these tools in the security domain by defining a cryptographic λ-calculus -- an extension of the standard simply typed λ-calculus with primitives for encryption, decryption, and key generation -- and introducing logical relations for this calculus that can be used to prove behavioral equivalences between programs that rely on encryption.

We illustrate the framework by encoding some simple security protocols, including the Needham-Schroeder public-key protocol. We give a natural account of the well-known attack on the original protocol and a straightforward proof that the improved variant of the protocol is secure.



Date Posted: 10 September 2005