sequential process calculus and machine models for
play

Sequential Process Calculus and Machine Models for Simulation-based - PowerPoint PPT Presentation

Mar 24, 2023 •141 likes •577 views

Sequential Process Calculus and Machine Models for Simulation-based Security Ralf K usters University of Kiel Joint work with Anupam Datta, John Mitchell, and Ajith Ramanathan University of Kiel Ralf K usters Simulation-based Security

  1. Sequential Process Calculus and Machine Models for Simulation-based Security Ralf K¨ usters University of Kiel Joint work with Anupam Datta, John Mitchell, and Ajith Ramanathan

  2. University of Kiel Ralf K¨ usters Simulation-based Security Basic idea: 1. Describe security requirement in terms of an ideal protocol/functionality F . 2. A real protocol P is secure w.r.t. F (realizes F ) if everything that can happen to P can also happen to F . 3. Goal: Security preserved under composition (composition theorem). DIMACS Workshop June 8th, 2004

  3. University of Kiel Ralf K¨ usters Simulation-based Security Basic idea: 1. Describe security requirement in terms of an ideal protocol/functionality F . 2. A real protocol P is secure w.r.t. F (realizes F ) if everything that can happen to P can also happen to F . 3. Goal: Security preserved under composition (composition theorem). But... Many different computational settings and security notions. DIMACS Workshop June 8th, 2004

  4. University of Kiel Ralf K¨ usters Canetti 2001 (PITM) Computational model: 1. Computational entities: Probabilistic polynomial-time interacting turing machines (PITMs) 2. Communication model: In a real, ideal, and hybrid model specific ways of communication via tapes between an environment, a (real/ideal) adversary, and the (real/ideal) protocol are defined. DIMACS Workshop June 8th, 2004

  5. University of Kiel Ralf K¨ usters Canetti 2001 (PITM) Computational model: 1. Computational entities: Probabilistic polynomial-time interacting turing machines (PITMs) 2. Communication model: In a real, ideal, and hybrid model specific ways of communication via tapes between an environment, a (real/ideal) adversary, and the (real/ideal) protocol are defined. Security notion: Universal composability (UC). P and F are UC if ∀ A ∃ I ∀ E : E E ≡ A P I F DIMACS Workshop June 8th, 2004

  6. University of Kiel Ralf K¨ usters Pfitzmann and Waidner 2001 (PIOA) Computational model: 1. Computational entities: Probabilistic IO automata (PIOAs) 2. Communication model: General communication model where PIOAs communicate through buffers that need to be triggered to deliver a message. (No need to distinguish between real, ideal, and hybrid communication.) DIMACS Workshop June 8th, 2004

  7. University of Kiel Ralf K¨ usters Pfitzmann and Waidner 2001 (PIOA) Computational model: 1. Computational entities: Probabilistic IO automata (PIOAs) 2. Communication model: General communication model where PIOAs communicate through buffers that need to be triggered to deliver a message. (No need to distinguish between real, ideal, and hybrid communication.) Security notions: UC + (strong) Black-box Simulatability (SBB). P and F are SBB if ∃ S ∀ A ∀ E : E E ≡ A ′ A P S F DIMACS Workshop June 8th, 2004

  8. University of Kiel Ralf K¨ usters Weak Black-box Simulatability (WBB) P and F are WBB if ∀ A ∃ S ∀ E : E E ≡ A ′ A P S F Used in the literature to show UC (obviously: WBB implies UC). DIMACS Workshop June 8th, 2004

  9. University of Kiel Ralf K¨ usters Lincoln, Mitchell 2 , Scedrov 1998 (PPC) Computational model: 1. Computational entities: Probabilistic Polynomial-time Processes 2. Communication model: Probabilistic Process Calculus (PPC). DIMACS Workshop June 8th, 2004

  10. University of Kiel Ralf K¨ usters Lincoln, Mitchell 2 , Scedrov 1998 (PPC) Computational model: 1. Computational entities: Probabilistic Polynomial-time Processes 2. Communication model: Probabilistic Process Calculus (PPC). Security notions: Process Congruence/Strong Simulatability (SS) P and F are SS if ∃ S ∀ E : E E ≡ P S F DIMACS Workshop June 8th, 2004

  11. University of Kiel Ralf K¨ usters Even More Variety Different variants of UC, BB, and SS have been considered! DIMACS Workshop June 8th, 2004

  12. University of Kiel Ralf K¨ usters UC P and F are UC if ∀ A ∃ I ∀ E : E E ≡ A P I F Distinguish between different tasks the processes perform: DIMACS Workshop June 8th, 2004

  13. University of Kiel Ralf K¨ usters UC P and F are UC if ∀ A ∃ I ∀ E : E E ≡ A P I F Distinguish between different tasks the processes perform: Decision (distinguisher) process (D): May output a decision 1 or 0 depending on who the process believes to interact with. (environment) DIMACS Workshop June 8th, 2004

  14. University of Kiel Ralf K¨ usters UC P and F are UC if ∀ A ∃ I ∀ E : E E ≡ A P I F Distinguish between different tasks the processes perform: Decision (distinguisher) process (D): May output a decision 1 or 0 depending on who the process believes to interact with. (environment) Master process (M): Is triggered if no other process can go. DIMACS Workshop June 8th, 2004

  15. University of Kiel Ralf K¨ usters UC P and F are UC if ∀ A ∃ I ∀ E : E E ≡ A P I F Distinguish between different tasks the processes perform: Decision (distinguisher) process (D): May output a decision 1 or 0 depending on who the process believes to interact with. (environment) Master process (M): Is triggered if no other process can go. Master decision process (MD): Is both master and decision process. DIMACS Workshop June 8th, 2004

  16. University of Kiel Ralf K¨ usters UC P and F are UC if ∀ A ∃ I ∀ E : E E ≡ A P I F Distinguish between different tasks the processes perform: Decision (distinguisher) process (D): May output a decision 1 or 0 depending on who the process believes to interact with. (environment) Master process (M): Is triggered if no other process can go. Master decision process (MD): Is both master and decision process. Regular process (R): Is neither a master nor a decision process. (e.g., real and ideal protocol) DIMACS Workshop June 8th, 2004

  17. University of Kiel Ralf K¨ usters UC P and F are UC if ∀ A ∃ I ∀ E : E E ≡ A P I F Distinguish between different tasks the processes perform: Decision (distinguisher) process (D): May output a decision 1 or 0 depending on who the process believes to interact with. (environment) Master process (M): Is triggered if no other process can go. Master decision process (MD): Is both master and decision process. Regular process (R): Is neither a master nor a decision process. (e.g., real and ideal protocol) Who should be the master process? DIMACS Workshop June 8th, 2004

  18. University of Kiel Ralf K¨ usters UC P and F are UC if ∀ A ∃ I ∀ E : E E ≡ A P I F Literature provides different answers: UC( A : R , I : R , E : MD ) Canetti 2001 DIMACS Workshop June 8th, 2004

  19. University of Kiel Ralf K¨ usters UC P and F are UC if ∀ A ∃ I ∀ E : E E ≡ A P I F Literature provides different answers: UC( A : R , I : R , E : MD ) Canetti 2001 UC( A : M , I : M , E : D ) Pfitzmann, Waidner 2001 DIMACS Workshop June 8th, 2004

  20. University of Kiel Ralf K¨ usters UC P and F are UC if ∀ A ∃ I ∀ E : E E ≡ A P I F Literature provides different answers: UC( A : R , I : R , E : MD ) Canetti 2001 UC( A : M , I : M , E : D ) Pfitzmann, Waidner 2001 UC( A : M , I : M , E : MD ) Backes, Pfitzmann, Waidner 2004 DIMACS Workshop June 8th, 2004

  21. University of Kiel Ralf K¨ usters SBB P and F are SBB if ∃ S ∀ A ∀ E : E E ≡ A ′ A P S F Variants: SBB( A : M , S : M , E : D ) Pfitzmann, Waidner 2001 SBB( A : M , S : M , E : MD ) Backes, Pfitzmann, Waidner 2004 SBB( A : M , S : R , E : MD ) SBB( A : R , S : M , E : MD ) SBB( A : R , S : R , E : MD ) SBB( A : M , S : R , E : D ) DIMACS Workshop June 8th, 2004

  22. University of Kiel Ralf K¨ usters Weak Black-box Simulatability (WBB) P and F are WBB if ∀ A ∃ S ∀ E : E E ≡ A ′ A P S F Variants: WBB( A : M , S : M , E : MD ) WBB( A : M , S : R , E : MD ) WBB( A : R , S : M , E : MD ) WBB( A : R , S : R , E : MD ) WBB( A : M , S : M , E : D ) WBB( A : M , S : R , E : D ) DIMACS Workshop June 8th, 2004

  23. University of Kiel Ralf K¨ usters SS P and F are SS if ∃ S ∀ E : E E ≡ P S F Variants: SS( S : R , E : MD ) SS( S : M , E : MD ) DIMACS Workshop June 8th, 2004

  24. University of Kiel Ralf K¨ usters Relationship Between the Security Notions Across Models? DIMACS Workshop June 8th, 2004

  25. University of Kiel Ralf K¨ usters Relationship Between the Security Notions Across Models? First, need general computational model that “subsumes” all other models. DIMACS Workshop June 8th, 2004

  26. University of Kiel Ralf K¨ usters Relationship Between the Security Notions Across Models? First, need general computational model that “subsumes” all other models. We introduce Sequential Probabilistic Process Calculus (SPPC). DIMACS Workshop June 8th, 2004

  27. University of Kiel Ralf K¨ usters Sequential Probabilistic Process Calculus (SPPC) Syntactic and semantic restriction and extension of PPC. Example process (simplified) corresponding to an IO automaton/ITM: � � Q = ! q ( n ) in ( c s , x s ) . in ( c, x ) . out ( c ns , T ns ( c, x, x s )) || c ∈C in �� � � in ( c ns , � x ′ s , c ′ , y � ) . out ( c s , x ′ s ) || out ( c ′ , y ) c ′ ∈C out Parallel composition of processes: E || A || P Polynomial composition of processes (used in composition theorem): E || A || ! q ( n ) P DIMACS Workshop June 8th, 2004

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Introduction to Machine Learning CMU-10701 Hidden Markov Models Barnabs Pczos & Aarti

Introduction to Machine Learning CMU-10701 Hidden Markov Models Barnabs Pczos & Aarti

Introduction to Machine Learning CMU-10701 Hidden Markov Models Barnabs Pczos & Aarti Singh Slides courtesy: Eric Xing i.i.d to sequential data So far we assumed independent, identically distributed data Sequential (non i.i.d.)

518 views • 30 slides
Machine Learning for NLP Sequential NN models Aurlie Herbelot 2019 Centre for Mind/Brain

Machine Learning for NLP Sequential NN models Aurlie Herbelot 2019 Centre for Mind/Brain

Machine Learning for NLP Sequential NN models Aurlie Herbelot 2019 Centre for Mind/Brain Sciences University of Trento 1 The unreasonable effectiveness... 2 Karpathy (2015) In 2015, Andrej Karpathy wrote a blog entry which became

857 views • 57 slides
Hidden Markov Models Aarti Singh Slides courtesy: Eric Xing Machine Learning 10-701/15-781 Nov

Hidden Markov Models Aarti Singh Slides courtesy: Eric Xing Machine Learning 10-701/15-781 Nov

Hidden Markov Models Aarti Singh Slides courtesy: Eric Xing Machine Learning 10-701/15-781 Nov 8, 2010 i.i.d to sequential data So far we assumed independent, identically distributed data Sequential data Time-series data E.g.

554 views • 32 slides
CPSC 121: Models of Computation Module 8: Sequential Circuits Module 8: Sequential Circuits By

CPSC 121: Models of Computation Module 8: Sequential Circuits Module 8: Sequential Circuits By

CPSC 121: Models of Computation Module 8: Sequential Circuits Module 8: Sequential Circuits By the start of class, you should be able to Trace the operation of a DFA (deterministic finite- state automaton) represented as a diagram on an input,

656 views • 39 slides
CPSC 121: Models of Computation Module 9: Sequential Circuits Module 9: Sequential Circuits By

CPSC 121: Models of Computation Module 9: Sequential Circuits Module 9: Sequential Circuits By

CPSC 121: Models of Computation Module 9: Sequential Circuits Module 9: Sequential Circuits By the start of class, you should be able to Trace the operation of a DFA (deterministic finite- state automaton) represented as a diagram on an input,

613 views • 33 slides
Outline Specificities of SEQUENTIAL data Alignment of sequences by DTW Model sequential

Outline Specificities of SEQUENTIAL data Alignment of sequences by DTW Model sequential

Machine-Learning for SEQUENTIAL data Pr. Fabien Moutarde Center for Robotics MINES ParisTech PSL Universit Paris Fabien.Moutarde@mines-paristech.fr http://people.mines-paristech.fr/fabien.moutarde Machine-Learning for SEQUENTIAL data, Pr.

432 views • 17 slides
Parallel Algorithms Algorithm Theory WS 2012/13 Fabian Kuhn Sequential Algorithms Classical

Parallel Algorithms Algorithm Theory WS 2012/13 Fabian Kuhn Sequential Algorithms Classical

Chapter 8 Parallel Algorithms Algorithm Theory WS 2012/13 Fabian Kuhn Sequential Algorithms Classical Algorithm Design: One machine/CPU/process/ doing a computation RAM (Random Access Machine): Basic standard model Unit cost basic

806 views • 22 slides
CS 6316 Machine Learning Generative Models Yangfeng Ji Department of Computer Science

CS 6316 Machine Learning Generative Models Yangfeng Ji Department of Computer Science

CS 6316 Machine Learning Generative Models Yangfeng Ji Department of Computer Science University of Virginia Basic Definition Data generation process An idealized process to illustrate the relations among domain set X , label set Y , and the

1.13k views • 101 slides
9. Sequential Neural Models CS 519 Deep Learning, Winter 2018 Fuxin Li With materials from

9. Sequential Neural Models CS 519 Deep Learning, Winter 2018 Fuxin Li With materials from

9. Sequential Neural Models CS 519 Deep Learning, Winter 2018 Fuxin Li With materials from Andrej Karpathy, Bo Xie, Zsolt Kira Sequential and Temporal Data Many applications exhibited by dynamically changing states Language (e.g.

1.12k views • 91 slides
Hardware Design with VHDL Sequential Stmts ECE 443 Sequential Statements This slide set covers

Hardware Design with VHDL Sequential Stmts ECE 443 Sequential Statements This slide set covers

Hardware Design with VHDL Sequential Stmts ECE 443 Sequential Statements This slide set covers the sequential statements and the VHDL process (do NOT con- fuse with sequential circuits ) Sequential statements are executed in sequence and allow a

709 views • 38 slides
On B ohm Trees and L evy-Longo Trees in -calculus Xian Xu East China University of

On B ohm Trees and L evy-Longo Trees in -calculus Xian Xu East China University of

On B ohm Trees and L evy-Longo Trees in -calculus Xian Xu East China University of Science and Technology (from ongoing work with Davide Sangiorgi) April, 2013 1 Subject Encodings from -calculus (sequential programming) to

963 views • 42 slides
HLSM & Time Constraints on Sequential Circuits Prof. Usagi RTL(Register Transfer Level)

HLSM & Time Constraints on Sequential Circuits Prof. Usagi RTL(Register Transfer Level)

HLSM & Time Constraints on Sequential Circuits Prof. Usagi RTL(Register Transfer Level) Design 2 RTL Design Process Step 1: Capture a high-level state machine Describe the systems desired behavior as a high-level state machine.

817 views • 37 slides
III St R X Critealsectroisproblemm Io forever Tf Rz deiforeter entry entry CS C a exits

III St R X Critealsectroisproblemm Io forever Tf Rz deiforeter entry entry CS C a exits

4410 Schneider Concurrent Programming 9 12 2019 CS abstraction of core processor process thread sequential execution of atomic actors process to shared memory access private set of registers pc general purpose regs models time multiplexing

306 views • 16 slides
CPSC 121: Models of Computation Unit 8: Sequential Circuits CPSC 121 2011W T2 Unit 8:

CPSC 121: Models of Computation Unit 8: Sequential Circuits CPSC 121 2011W T2 Unit 8:

CPSC 121: Models of Computation Unit 8: Sequential Circuits CPSC 121 2011W T2 Unit 8: Sequential Circuits By the start of class, you should be able to Trace the operation of a DFA (deterministic finite- state automaton) represented as a

917 views • 32 slides
Measurements - time Measurements - steps MASPAR MP-1 256 processors (Zimmermann, Kumm)

Measurements - time Measurements - steps MASPAR MP-1 256 processors (Zimmermann, Kumm)

Machine Models What are models good for? Abstracting from machine properties Bridging Models and Machines Making programming simple Making programs portable Reflecting essential machine properties Functionality (sure) PRAM

340 views • 13 slides
VHDL 3 Sequential Logic Circuits Reference: Roth/John Text: Chapter 2 VHDL Process

VHDL 3 Sequential Logic Circuits Reference: Roth/John Text: Chapter 2 VHDL Process

VHDL 3 Sequential Logic Circuits Reference: Roth/John Text: Chapter 2 VHDL Process Construct Allows conventional programming language structures to describe circuit behavior especially sequential behavior Process statements

468 views • 29 slides
Concurrent Pattern Matching: combining discovery, privacy and symmetry using pattern matching

Concurrent Pattern Matching: combining discovery, privacy and symmetry using pattern matching

Introduction Background Deliverables & Methodology State of research Concurrent Pattern Matching: combining discovery, privacy and symmetry using pattern matching Thomas Given-Wilson, University of Technology, Sydney Supervisor:

559 views • 21 slides
Are Processes Occurrents, Continuants, Both, or Neither? Antony Galton College of Engineering,

Are Processes Occurrents, Continuants, Both, or Neither? Antony Galton College of Engineering,

Are Processes Occurrents, Continuants, Both, or Neither? Antony Galton College of Engineering, Mathematics, and Physical Sciences University of Exeter, UK The word process is used in several different ways Process I the topic-neutral

1.01k views • 34 slides
11Concurrent Programming CS 4215: Programming Language Implementation Martin Henz March 30,

11Concurrent Programming CS 4215: Programming Language Implementation Martin Henz March 30,

Spawning Concurrent Computation Shared Variables and Granularity of Concurrency Mutual Exclusion Monitors Implementation of Concurrent Constructs 11Concurrent Programming CS 4215: Programming Language Implementation Martin Henz March 30,

1.09k views • 40 slides
The Structure of the THE -Multiprogramming System Edsger W. Dijkstra Technological

The Structure of the THE -Multiprogramming System Edsger W. Dijkstra Technological

CS533 Concepts of Operating Systems Jonathan Walpole The Structure of the THE -Multiprogramming System Edsger W. Dijkstra Technological University, Eindhoven, The Netherlands Communications of the ACM, 11(5):341--346, 1968 System

939 views • 18 slides
Exame de Qualifica c ao Aluno: Vin cius Garcia Pinto Orientador: Nicolas Maillard

Exame de Qualifica c ao Aluno: Vin cius Garcia Pinto Orientador: Nicolas Maillard

Exame de Qualifica c ao Aluno: Vin cius Garcia Pinto Orientador: Nicolas Maillard Linha de pesquisa: Processamento Paralelo e Distribu do Area de abrang encia: Programa c ao Paralela Tema de profundidade: Programa

1.18k views • 89 slides
F undamen tal Structures of Computer Science I I 15-212-ML F all 1998 CONCURRENCY

F undamen tal Structures of Computer Science I I 15-212-ML F all 1998 CONCURRENCY

F undamen tal Structures of Computer Science I I 15-212-ML F all 1998 CONCURRENCY Concurrency Op erations in a p rogram a re if they b e concurrent c ould executed in pa rallel. Concurrent p rograms a re

544 views • 43 slides
CS184c: Computer Architecture [Parallel and Multithreaded] Day 1: April 3, 2001 Overview and

CS184c: Computer Architecture [Parallel and Multithreaded] Day 1: April 3, 2001 Overview and

CS184c: Computer Architecture [Parallel and Multithreaded] Day 1: April 3, 2001 Overview and Message Passing CALTECH cs184c Spring2001 -- DeHon Today This Class Why/Overview Message Passing CALTECH cs184c Spring2001 -- DeHon

625 views • 24 slides
SE350: Operating Systems Lecture 7: Synchronization API Outline Semaphores Monitors

SE350: Operating Systems Lecture 7: Synchronization API Outline Semaphores Monitors

SE350: Operating Systems Lecture 7: Synchronization API Outline Semaphores Monitors Mesa vs. Hoare Communicating sequential process Use cases Bounded buffer Reader writer lock Recap: Locks Using Interrupts int value =

1.2k views • 118 slides

More recommend