41 research outputs found
A Step-indexed Semantics of Imperative Objects
Step-indexed semantic interpretations of types were proposed as an
alternative to purely syntactic proofs of type safety using subject reduction.
The types are interpreted as sets of values indexed by the number of
computation steps for which these values are guaranteed to behave like proper
elements of the type. Building on work by Ahmed, Appel and others, we introduce
a step-indexed semantics for the imperative object calculus of Abadi and
Cardelli. Providing a semantic account of this calculus using more
`traditional', domain-theoretic approaches has proved challenging due to the
combination of dynamically allocated objects, higher-order store, and an
expressive type system. Here we show that, using step-indexing, one can
interpret a rich type discipline with object types, subtyping, recursive and
bounded quantified types in the presence of state
Dynamic IFC Theorems for Free!
We show that noninterference and transparency, the key soundness theorems for
dynamic IFC libraries, can be obtained "for free", as direct consequences of
the more general parametricity theorem of type abstraction. This allows us to
give very short soundness proofs for dynamic IFC libraries such as faceted
values and LIO. Our proofs stay short even when fully mechanized for Agda
implementations of the libraries in terms of type abstraction.Comment: CSF 2021 final versio
Union, intersection, and refinement types and reasoning about type disjointness for security protocol analysis
In this thesis we present two new type systems for verifying the security of cryptographic protocol models expressed in a spi-calculus and, respectively, of protocol implementations expressed in a concurrent lambda calculus. In this thesis we present two new type systems for verifying the security of cryptographic protocol models expressed in a spi-calculus and, respectively, of protocol implementations expressed in a concurrent lambda calculus. The two type systems combine prior work on refinement types with union and intersection types and with the novel ability to reason statically about the disjointness of types. The increased expressivity enables the analysis of important protocol classes that were previously out of scope for the type-based analyses of cryptographic protocols. In particular, our type systems can statically analyze protocols that are based on zero-knowledge proofs, even in scenarios when certain protocol participants are compromised. The analysis is scalable and provides security proofs for an unbounded number of protocol executions. The two type systems come with mechanized proofs of correctness and efficient implementations.In dieser Arbeit werden zwei neue Typsysteme vorgestellt, mit denen die Sicherheit kryptographischer Protokolle, modelliert in einem spi-Kalkül, und Protokollimplementierungen, beschrieben in einem nebenläufigen Lambdakalkül, verifiziert werden kann. Die beiden Typsysteme verbinden vorausgehende Arbeiten zu Verfeinerungstypen mit disjunktiven und konjunktiven Typen, und ermöglichen außerdem, statisch zu folgern, dass zwei Typen disjunkt sind. Die Ausdrucksstärke der Systeme erlaubt die Analyse wichtiger Klassen von Protokollen, die bisher nicht durch typbasierte Protokollanalysen behandelt werden konnten. Insbesondere ist mit den vorgestellten Typsystemen auch die statische Analyse von Protokollen möglich, die auf Zero-Knowledge-Beweisen basieren, selbst unter der Annahme, dass einige Protokollteilnehmer korrumpiert sind. Die Analysetechnik skaliert und erlaubt Sicherheitsbeweise für eine unbeschränkte Anzahl von Protokollausführungen. Die beiden Typsysteme sind formal korrekt bewiesen und effizient implementiert
Robust Hyperproperty Preservation for Secure Compilation (Extended Abstract)
We map the space of soundness criteria for secure compilation based on the
preservation of hyperproperties in arbitrary adversarial contexts, which we
call robust hyperproperty preservation. For this, we study the preservation of
several classes of hyperproperties and for each class we propose an equivalent
"property-free" characterization of secure compilation that is generally better
tailored for proofs. Even the strongest of our soundness criteria, the robust
preservation of all hyperproperties, seems achievable for simple
transformations and provable using context back-translation techniques
previously developed for showing fully abstract compilation. While proving the
robust preservation of hyperproperties that are not safety requires such
powerful context back-translation techniques, for preserving safety
hyperproperties robustly, translating each finite trace prefix back to a source
context seems to suffice.Comment: PriSC'18 final versio
Beyond Good and Evil: Formalizing the Security Guarantees of Compartmentalizing Compilation
Compartmentalization is good security-engineering practice. By breaking a
large software system into mutually distrustful components that run with
minimal privileges, restricting their interactions to conform to well-defined
interfaces, we can limit the damage caused by low-level attacks such as
control-flow hijacking. When used to defend against such attacks,
compartmentalization is often implemented cooperatively by a compiler and a
low-level compartmentalization mechanism. However, the formal guarantees
provided by such compartmentalizing compilation have seen surprisingly little
investigation.
We propose a new security property, secure compartmentalizing compilation
(SCC), that formally characterizes the guarantees provided by
compartmentalizing compilation and clarifies its attacker model. We reconstruct
our property by starting from the well-established notion of fully abstract
compilation, then identifying and lifting three important limitations that make
standard full abstraction unsuitable for compartmentalization. The connection
to full abstraction allows us to prove SCC by adapting established proof
techniques; we illustrate this with a compiler from a simple unsafe imperative
language with procedures to a compartmentalized abstract machine.Comment: Nit
Secure Compilation (Dagstuhl Seminar 18201)
Secure compilation is an emerging field that puts together advances in
security, programming languages, verification, systems, and hardware
architectures in order to devise secure compilation chains that
eliminate many of today\u27s vulnerabilities.
Secure compilation aims to protect a source language\u27s abstractions in
compiled code, even against low-level attacks.
For a concrete example, all modern languages provide a notion of
structured control flow and an invoked procedure is expected to return
to the right place.
However, today\u27s compilation chains (compilers, linkers, loaders,
runtime systems, hardware) cannot efficiently enforce this
abstraction: linked low-level code can call and return to arbitrary
instructions or smash the stack, blatantly violating the high-level
abstraction.
The emerging secure compilation community aims to address such
problems by devising formal security criteria, efficient enforcement
mechanisms, and effective proof techniques.
This seminar strived to take a broad and inclusive view of secure
compilation and to provide a forum for discussion on the topic. The
goal was to identify interesting research directions and open
challenges by bringing together people working on building secure
compilation chains, on developing proof techniques and verification
tools, and on designing security mechanisms