Specifying Privacy-Preserving Protocols in Typed MSR

Privacy-preserving protocols, such as electronic cash, electronic voting and selective disclosure protocols, use special message constructors that are not widely used in other types of protocols (for example, in authentication protocols). These message constructors include blind signatures, commitments and zero-knowledge proofs. Furthermore, a standard formalization of the Dolev-Yao intruder does not take into account these message constructors, nor does it consider some types of attacks (such as privacy attacks, brute-force dictionary attacks and known-plaintext attacks) that privacy-preserving as well as other types of protocols are designed to protect against. This paper aims to present an extension of Typed MSR in order to formally specify the needed message constructors, as well as the capabilities of a Dolev-Yao intruder designed to attack such protocols.