379 research outputs found
Algebra, coalgebra, and minimization in polynomial differential equations
We consider reasoning and minimization in systems of polynomial ordinary
differential equations (ode's). The ring of multivariate polynomials is
employed as a syntax for denoting system behaviours. We endow this set with a
transition system structure based on the concept of Lie-derivative, thus
inducing a notion of L-bisimulation. We prove that two states (variables) are
L-bisimilar if and only if they correspond to the same solution in the ode's
system. We then characterize L-bisimilarity algebraically, in terms of certain
ideals in the polynomial ring that are invariant under Lie-derivation. This
characterization allows us to develop a complete algorithm, based on building
an ascending chain of ideals, for computing the largest L-bisimulation
containing all valid identities that are instances of a user-specified
template. A specific largest L-bisimulation can be used to build a reduced
system of ode's, equivalent to the original one, but minimal among all those
obtainable by linear aggregation of the original equations. A computationally
less demanding approximate reduction and linearization technique is also
proposed.Comment: 27 pages, extended and revised version of FOSSACS 2017 pape
Quantitative information flow under generic leakage functions and adaptive adversaries
We put forward a model of action-based randomization mechanisms to analyse
quantitative information flow (QIF) under generic leakage functions, and under
possibly adaptive adversaries. This model subsumes many of the QIF models
proposed so far. Our main contributions include the following: (1) we identify
mild general conditions on the leakage function under which it is possible to
derive general and significant results on adaptive QIF; (2) we contrast the
efficiency of adaptive and non-adaptive strategies, showing that the latter are
as efficient as the former in terms of length up to an expansion factor bounded
by the number of available actions; (3) we show that the maximum information
leakage over strategies, given a finite time horizon, can be expressed in terms
of a Bellman equation. This can be used to compute an optimal finite strategy
recursively, by resorting to standard methods like backward induction.Comment: Revised and extended version of conference paper with the same title
appeared in Proc. of FORTE 2014, LNC
On the Coalgebra of Partial Differential Equations
We note that the coalgebra of formal power series in commutative variables is final in a certain subclass of coalgebras. Moreover, a system Sigma of polynomial PDEs, under a coherence condition, naturally induces such a coalgebra over differential polynomial expressions. As a result, we obtain a clean coinductive proof of existence and uniqueness of solutions of initial value problems for PDEs. Based on this characterization, we give complete algorithms for checking equivalence of differential polynomial expressions, given Sigma
Fair Exchange in Strand Spaces
Many cryptographic protocols are intended to coordinate state changes among
principals. Exchange protocols coordinate delivery of new values to the
participants, e.g. additions to the set of values they possess. An exchange
protocol is fair if it ensures that delivery of new values is balanced: If one
participant obtains a new possession via the protocol, then all other
participants will, too. Fair exchange requires progress assumptions, unlike
some other protocol properties. The strand space model is a framework for
design and verification of cryptographic protocols. A strand is a local
behavior of a single principal in a single session of a protocol. A bundle is a
partially ordered global execution built from protocol strands and adversary
activities. The strand space model needs two additions for fair exchange
protocols. First, we regard the state as a multiset of facts, and we allow
strands to cause changes in this state via multiset rewriting. Second, progress
assumptions stipulate that some channels are resilient-and guaranteed to
deliver messages-and some principals are assumed not to stop at certain
critical steps. This method leads to proofs of correctness that cleanly
separate protocol properties, such as authentication and confidentiality, from
invariants governing state evolution. G. Wang's recent fair exchange protocol
illustrates the approach
Quantifying information leakage in process calculi
AbstractBuilding on simple information-theoretic concepts, we study two quantitative models of information leakage in the pi-calculus. The first model presupposes an attacker with an essentially unlimited computational power. The resulting notion of absolute leakage, measured in bits, is in agreement with secrecy as defined by Abadi and Gordon: a process has an absolute leakage of zero precisely when it satisfies secrecy. The second model assumes a restricted observation scenario, inspired by the testing equivalence framework, where the attacker can only conduct repeated success-or-failure experiments on processes. Moreover, each experiment has a cost in terms of communication effort. The resulting notion of leakage rate, measured in bits per action, is in agreement with the first model: the maximum amount of information that can be extracted by repeated experiments coincides with the absolute leakage A of the process. Moreover, the overall extraction cost is at least A/R, where R is the rate of the process. The compositionality properties of the two models are also investigated
CaSPiS: A Calculus of Sessions, Pipelines and Services
Service-oriented computing is calling for novel computational models and languages with well
disciplined primitives for client-server interaction, structured orchestration and unexpected events handling. We present CaSPiS, a process calculus where the conceptual abstractions of sessioning and pipelining play a central role for modelling service-oriented systems. CaSPiS sessions are two-sided, uniquely named and can be nested. CaSPiS pipelines permit orchestrating the flow of data produced by different sessions. The calculus is also equipped with operators for handling (unexpected) termination of the partner’s side of a session. Several examples are presented to provide evidence of the flexibility of the chosen set of primitives. One key contribution is a fully abstract encoding of Misra et al.’s orchestration language Orc. Another main result shows that in CaSPiS it is possible to program a “graceful termination” of nested sessions, which guarantees that no session is forced to hang forever after the loss of its partner
Quantitative information flow, with a view
We put forward a general model intended for assessment of system security against passive eavesdroppers, both quantitatively ( how much information is leaked) and qualitatively ( what properties are leaked). To this purpose, we extend information hiding systems ( ihs ), a model where the secret-observable relation is represented as a noisy channel, with views : basically, partitions of the state-space. Given a view W and n independent observations of the system, one is interested in the probability that a Bayesian adversary wrongly predicts the class of W the underlying secret belongs to. We offer results that allow one to easily characterise the behaviour of this error probability as a function of the number of observations, in terms of the channel matrices defining the ihs and the view W . In particular, we provide expressions for the limit value as n → ∞, show by tight bounds that convergence is exponential, and also characterise the rate of convergence to predefined error thresholds. We then show a few instances of statistical attacks that can be assessed by a direct application of our model: attacks against modular exponentiation that exploit timing leaks, against anonymity in mix-nets and against privacy in sparse datasets
Algebra and Coalgebra of Stream Products
We study connections among polynomials, differential equations and streams over a field ?, in terms of algebra and coalgebra. We first introduce the class of (F,G)-products on streams, those where the stream derivative of a product can be expressed as a polynomial of the streams themselves and their derivatives. Our first result is that, for every (F,G)-product, there is a canonical way to construct a transition function on polynomials such that the induced unique final coalgebra morphism from polynomials into streams is the (unique) ?-algebra homomorphism - and vice-versa. This implies one can reason algebraically on streams, via their polynomial representation. We apply this result to obtain an algebraic-geometric decision algorithm for polynomial stream equivalence, for an underlying generic (F,G)-product. As an example of reasoning on streams, we focus on specific products (convolution, shuffle, Hadamard) and show how to obtain closed forms of algebraic generating functions of combinatorial sequences, as well as solutions of nonlinear ordinary differential equations
- …