A Symbolic Characterisation of Open Bisimulation for the Spi Calculus

Open hedged bisimulation was proposed as a generalisation to the spi calculus of the pi calculus'open bisimulation. In this paper, we extend previous work on open hedged bisimulation. We show that open hedged bisimilarity is closed under respectful substitutions and give a symbolic characterisation of open hedged bisimulation. The latter result is an important step towards mechanisation of open hedged bisimilarity

Theory and tool support for the formal verification of cryptographic protocols

Cryptographic protocols are an essential component of network communications. Despite their relatively small size compared to other distributed algorithms, they are known to be error-prone. This is due to the obligation to behave robustly in the context of unknown hostile attackers who might want to act against the security objectives of the jointly interacting entities. The need for techniques to verify the correctness of cryptographic protocols has stimulated the development of new frameworks and tools during the last decades. Among the various models is the spi calculus: a process calculus which is an extension of the pi calculus that incorporates cryptographic primitives. Process calculi such as the spi calculus offer the possibility to describe in a precise and concise way distributed algorithms such as cryptographic protocols. Moreover, spi calculus offers an elegant way to formalise some security properties of cryptographic protocols via behavioural equivalences. At the time this thesis began, this approach lacked tool support. Inspired by the situation in the pi calculus, we propose a new notion of behavioural equivalence for the spi calculus that is close to an algorithm. Besides, we propose a "coq" formalisation of our results that not only validates our theoretical developments but also will eventually be the basis of a certified tool that would automate equivalence checking of spi calculus terms. To complete the toolchain, we propose a formal semantics for an informal notation to describe cryptographic protocols, so called protocol narrations. We give a rigorous procedure to translate protocol narrations into spi calculus terms; this constitutes the foundations of our automatic translation tool "spyer"

Mobile Objects "Must" Move Safely

Øjeblik is a lexically-scopted, object-based calculus that represents a distribution-free subset of the LAN-based programming language Obliq. The surrogate operation on Øjeblik-objects, which is the abstraction of migration on Obliq-objects, is a combined operation derived from the more primitive operations cloning and aliasing

A formal study of two physical countermeasures against side channel attacks

Secure electronic circuits must implement countermeasures against a wide range of attacks. Often, the protection against side channel attacks requires to be tightly integrated within the functionality to be protected. It is now part of the designer\u27s job to implement them. But this task is known to be error-prone, and with current development processes, countermeasures are evaluated often very late (at circuit fabrication). In order to improve the confidence of the designer in the efficiency of the countermeasure, we suggest in this article to resort to formal methods early in the design flow for two reasons. First of all, we intend to check that the process of transformation of the design from the vulnerable description to the protected one does not alter the functionality. Second, we wish to prove that the security properties (that can derive from a formal security functional specification) are indeed met after transformation. Our first contribution is to show how such a framework can be setup (in COQ) for netlist-level protections. The second contribution is to illustrate that this framework indeed allows to detect vulnerabilities in dual-rail logics, with the examples of wave differential dynamic logic (WDDL) and balanced cell-based differential logic (BCDL)

Random Active Shield

International audienceRecently, some active shielding techniques have been broken (e.g. by FlyLogic). The caveat is that their geometry is easy to guess, and thus they can be bypassed with an affordable price. This paper has two contributions. First of all, it provides a definition of the objectives of shielding, which is seldom found in publicly available sources. Notably, we precise the expected functionality, but also the constraints it must meet to be both manufacturable and secure. Second, we propose an innovative solution based on random shielding. The goal of this shielding is to make the geometry of the shield difficult to recognize, thereby making the ''identification'' phase of the attack harder than in previous schemes. Also, a proof of the shielding existence for two layers of metal is provided, which guarantees that the generation of the layout will succeed. Finally, we provide real tests of the shield generation algorithm, that show it is computationally tractable even for large areas to protect

A Fully Abstract Symbolic Semantics for Psi-Calculi

We present a symbolic transition system and bisimulation equivalence for psi-calculi, and show that it is fully abstract with respect to bisimulation congruence in the non-symbolic semantics. A psi-calculus is an extension of the pi-calculus with nominal data types for data structures and for logical assertions representing facts about data. These can be transmitted between processes and their names can be statically scoped using the standard pi-calculus mechanism to allow for scope migrations. Psi-calculi can be more general than other proposed extensions of the pi-calculus such as the applied pi-calculus, the spi-calculus, the fusion calculus, or the concurrent constraint pi-calculus. Symbolic semantics are necessary for an efficient implementation of the calculus in automated tools exploring state spaces, and the full abstraction property means the semantics of a process does not change from the original

Origin of the high elevated Pyrenean peneplain

Peneplanation of mountain ranges is generally considered the result of long-term erosional processes that smooth relief and lower elevation near sea level. Therefore peneplain remnants at high elevation in mountain ranges are used to infer posttectonic surface uplift. Such an interpretation has been proposed for the Pyrenees where high-elevation, low-relief erosional surfaces rose up to more than 2000 m. Because the Pyrenean foreland basins are filled with very thick continental deposits, which have buried the early jagged landscape, we challenge this hypothesis by pointing out that relief applanation does not necessarily require elevation lowering. We propose an alternative interpretation in which piedmont aggradation of detrital sediment that comes from erosion of the high chain induces the rise of the base level of the range, therefore reducing strongly the erosive efficiency of the drainage system and resulting in the progressive smoothing of the relief. Such a process allows a high-elevation, low-relief erosional surface to develop at the scale of the range. In the Pyrenees, occurrence of high-elevation, low-relief erosional surface remnants does not imply a posttectonic uplift, but is instead due to the dissection of the initial Miocene high-elevation, low-relief surface by the recent drainage system, the erosive activity of which has been enhanced by global climate change from the late Pliocene onward

A C-library for Register Saturation Computation

This sofware provides a C implementation of the following article:Sid Touati. Register Saturation in Instruction Level Parallelism. International Journal of Parallel Programming, Springer-Verlag, Volume 33, Issue 4, August 2005. 57 pages