544 research outputs found
The exp-log normal form of types
Lambda calculi with algebraic data types lie at the core of functional
programming languages and proof assistants, but conceal at least two
fundamental theoretical problems already in the presence of the simplest
non-trivial data type, the sum type. First, we do not know of an explicit and
implemented algorithm for deciding the beta-eta-equality of terms---and this in
spite of the first decidability results proven two decades ago. Second, it is
not clear how to decide when two types are essentially the same, i.e.
isomorphic, in spite of the meta-theoretic results on decidability of the
isomorphism.
In this paper, we present the exp-log normal form of types---derived from the
representation of exponential polynomials via the unary exponential and
logarithmic functions---that any type built from arrows, products, and sums,
can be isomorphically mapped to. The type normal form can be used as a simple
heuristic for deciding type isomorphism, thanks to the fact that it is a
systematic application of the high-school identities.
We then show that the type normal form allows to reduce the standard beta-eta
equational theory of the lambda calculus to a specialized version of itself,
while preserving the completeness of equality on terms. We end by describing an
alternative representation of normal terms of the lambda calculus with sums,
together with a Coq-implemented converter into/from our new term calculus. The
difference with the only other previously implemented heuristic for deciding
interesting instances of eta-equality by Balat, Di Cosmo, and Fiore, is that we
exploit the type information of terms substantially and this often allows us to
obtain a canonical representation of terms without performing sophisticated
term analyses
Efficient asynchronous accumulators for distributed PKI
Cryptographic accumulators are a tool for compact set representation and secure set membership proofs. When an element is added to a set by means of an accumulator, a membership witness is generated. This witness can later be used to prove the membership of the element. Typically, the membership witness has to be synchronized with the accumulator value, and to be updated every time another element is added to the accumulator. In this work we propose an accumulator that, unlike any prior scheme, does not require strict synchronization.
In our construction a membership witness needs to be updated only a logarithmic number of times in the number of subsequent element additions. Thus, an out-of-date witness can be easily made current. Vice versa, a verifier with an out-of-date accumulator value can still verify a current membership witness. These properties make our accumulator construction uniquely suited for use in distributed applications, such as blockchain-based public key infrastructures
Software Grand Exposure: SGX Cache Attacks Are Practical
Side-channel information leakage is a known limitation of SGX. Researchers
have demonstrated that secret-dependent information can be extracted from
enclave execution through page-fault access patterns. Consequently, various
recent research efforts are actively seeking countermeasures to SGX
side-channel attacks. It is widely assumed that SGX may be vulnerable to other
side channels, such as cache access pattern monitoring, as well. However, prior
to our work, the practicality and the extent of such information leakage was
not studied.
In this paper we demonstrate that cache-based attacks are indeed a serious
threat to the confidentiality of SGX-protected programs. Our goal was to design
an attack that is hard to mitigate using known defenses, and therefore we mount
our attack without interrupting enclave execution. This approach has major
technical challenges, since the existing cache monitoring techniques experience
significant noise if the victim process is not interrupted. We designed and
implemented novel attack techniques to reduce this noise by leveraging the
capabilities of the privileged adversary. Our attacks are able to recover
confidential information from SGX enclaves, which we illustrate in two example
cases: extraction of an entire RSA-2048 key during RSA decryption, and
detection of specific human genome sequences during genomic indexing. We show
that our attacks are more effective than previous cache attacks and harder to
mitigate than previous SGX side-channel attacks
Developing an Automatic Generation Tool for Cryptographic Pairing Functions
Pairing-Based Cryptography is receiving steadily more attention from industry, mainly
because of the increasing interest in Identity-Based protocols. Although there are plenty of
applications, efficiently implementing the pairing functions is often difficult as it requires
more knowledge than previous cryptographic primitives. The author presents a tool for
automatically generating optimized code for the pairing functions which can be used in the
construction of such cryptographic protocols.
In the following pages I present my work done on the construction of pairing function
code, its optimizations and how their construction can be automated to ease the work of the
protocol implementer.
Based on the user requirements and the security level, the created cryptographic compiler
chooses and constructs the appropriate elliptic curve. It identifies the supported pairing
function: the Tate, ate, R-ate or pairing lattice/optimal pairing, and its optimized parameters.
Using artificial intelligence algorithms, it generates optimized code for the final exponentiation
and for hashing a point to the required group using the parametrisation of the
chosen family of curves.
Support for several multi-precision libraries has been incorporated: Magma, MIRACL
and RELIC are already included, but more are possible
Memory and information processing in neuromorphic systems
A striking difference between brain-inspired neuromorphic processors and
current von Neumann processors architectures is the way in which memory and
processing is organized. As Information and Communication Technologies continue
to address the need for increased computational power through the increase of
cores within a digital processor, neuromorphic engineers and scientists can
complement this need by building processor architectures where memory is
distributed with the processing. In this paper we present a survey of
brain-inspired processor architectures that support models of cortical networks
and deep neural networks. These architectures range from serial clocked
implementations of multi-neuron systems to massively parallel asynchronous ones
and from purely digital systems to mixed analog/digital systems which implement
more biological-like models of neurons and synapses together with a suite of
adaptation and learning mechanisms analogous to the ones found in biological
nervous systems. We describe the advantages of the different approaches being
pursued and present the challenges that need to be addressed for building
artificial neural processing systems that can display the richness of behaviors
seen in biological systems.Comment: Submitted to Proceedings of IEEE, review of recently proposed
neuromorphic computing platforms and system
A dynamic study with side channel against An Identification Based Encryption
Recently, the side channel keeps the attention of researchers in theory of pairing, since, several studies have been done in this subject and all them have the aim in order to attack the cryptosystems of Identification Based Encryption (IBE) which are integrate into smart cards (more than 80% of those cryptosystems are based on a pairing). The great success and the remarkable development of the cryptography IBE in the recent years and the direct connection of this success to the ability of resistance against any kind of attack, especially the DPA and DFA attacks, leave us to browse saying all the studies of the DPA and DFA attacks applied to a pairing and we have observed that they have no great effect to attack the cryptosystems of IBE. That’s what we will see in this paper. In this work we will illuminate the effect of the DPA attack on a cryptosystems of IBE and we would see on what level we can arrive. Thus in the case where this attack can influence on those cryptosystems, we can present an appropriate counter measures to resist such attack. In the other part we will also propose a convenient counter-measure to defend the attack DFA when the embedding degree is eve
- …