We study the interaction of the "new" construct with a rich but common form of (first-order) communication. This interaction is crucial in security protocols, which are the main motivating examples for our work; it also appears in other programming-language contexts. Specifically, we introduce a simple, general extension of the pi calculus with value passing, primitive functions, and equations among terms. We develop semantics and proof techniques for this extended language and apply them in reasoning about some security protocols. A case for impurityPurity often comes before convenience and even before faithfulness in the lambda calculus, the pi calculus, and other foundational programming languages. For example, in the standard pi calculus, the only messages are atomic names [32]. This simplicity is extremely appealing from a foundational viewpoint, and helps in developing the theory of the pi calculus. Furthermore, ingenious encodings demonstrate that it may not entail a loss of generality: in particular, integers, objects, and even higher-order processes can be represented in the pure pi calculus.On the other hand, this purity has a price. In applications, the encodings can be futile, cumbersome, and even misleading. For example, in the study of programming languages based on the pi calculus (such as Pict [37] or Jocaml [14]), there is little point in pretending that integers are not primitive. The encodings may also complicate static analysis and preclude careful thinking about the implementations of communication. Moreover, it is not clear that satisfactory encodings can always be found. We may ask, for instance, whether there is a good representation of the spi calculus [5] (a calculus with cryptographic operations) in the standard pi calculus; we are not aware of any such representation that preserves security properties without a trusted central process.These difficulties are often circumvented through on-thefly extensions. The extensions range from quick punts ("for the next example, let's pretend that we have a datatype of integers") to the laborious development of new calculi, such as the spi calculus and its variants. Generally, the extensions bring us closer to a realistic programming language or modeling language-that is not always a bad thing.Although many of the resulting calculi are ad hoc and poorly understood, others are robust and uniform enough to have a rich theory and a variety of applications. In particular, impure extensions of the lambda calculus with function symbols and with equations among terms ("delta rules") have been developed systematically, with considerable success. Similarly, impure versions of CCS and CSP with value-passing are not always deep but often neat and convenient [31].In this paper, we introduce, study, and use an analogous uniform extension of the pi calculus, which we call the applied pi calculus (by analogy with "applied lambda calculus"). From the pure pi calculus, we inherit constructs for communication and concurrency, and for generating statically scoped new...
We present VC3, the first system that allows users to run distributed MapReduce computations in the cloud while keeping their code and data secret, and ensuring the correctness and completeness of their results. VC3 runs on unmodified Hadoop, but crucially keeps Hadoop, the operating system and the hypervisor out of the TCB; thus, confidentiality and integrity are preserved even if these large components are compromised. VC3 relies on SGX processors to isolate memory regions on individual computers, and to deploy new protocols that secure distributed MapReduce computations. VC3 optionally enforces region self-integrity invariants for all MapReduce code running within isolated regions, to prevent attacks due to unsafe memory reads and writes. Experimental results on common benchmarks show that VC3 performs well compared with unprotected Hadoop: VC3's average runtime overhead is negligible for its base security guarantees, 4.5% with write integrity and 8% with read/write integrity.
Ethereum is a framework for cryptocurrencies which uses blockchain technology to provide an open global computing platform, called the Ethereum Virtual Machine (EVM). EVM executes bytecode on a simple stack machine. Programmers do not usually write EVM code; instead, they can program in a JavaScript-like language, called Solidity, that compiles to bytecode. Since the main purpose of EVM is to execute smart contracts that manage and transfer digital assets (called Ether), security is of paramount importance. However, writing secure smart contracts can be extremely difficult: due to the openness of Ethereum, both programs and pseudonymous users can call into the public methods of other programs, leading to potentially dangerous compositions of trusted and untrusted code. This risk was recently illustrated by an attack on TheDAO contract that exploited subtle details of the EVM semantics to transfer roughly $50M worth of Ether into the control of an attacker. In this paper, we outline a framework to analyze and verify both the runtime safety and the functional correctness of Ethereum contracts by translation to F , a functional programming language aimed at program verification.
We present the design and implementation of a typechecker for verifying security properties of the source code of cryptographic protocols and access control mechanisms. The underlying type theory is a λ -calculus equipped with refinement types for expressing pre-and post-conditions within first-order logic. We derive formal cryptographic primitives and represent active adversaries within the type theory. Well-typed programs enjoy assertion-based security properties, with respect to a realistic threat model including key compromise. The implementation amounts to an enhanced typechecker for the general purpose functional language F#; typechecking generates verification conditions that are passed to an SMT solver. We describe a series of checked examples. This is the first tool to verify authentication properties of cryptographic protocols by typechecking their source code.
In the analysis of security protocols, methods and tools for reasoning about protocol behaviors have been quite effective. We aim to expand the scope of those methods and tools. We focus on proving equivalences P ≈ Q in which P and Q are two processes that differ only in the choice of some terms. These equivalences arise often in applications. We show how to treat them as predicates on the behaviors of a process that represents P and Q at the same time. We develop our techniques in the context of the applied pi calculus and implement them in the tool ProVerif.
No abstract
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
334 Leonard St
Brooklyn, NY 11211
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.