100 likes | 219 Vues
Mechanics of the pi-calculus and variants. Avik Chaudhuri Programming Languages Project, Fall 2004. Outline. The pi -calculus Dynamics: An abstract machine Some static analysis: An attack model (and possibly,) The spi -calculus, carry ideas over A type-system: Safe programs.
E N D
Mechanics of the pi-calculus and variants Avik Chaudhuri Programming Languages Project, Fall 2004
Outline • The pi-calculus • Dynamics: An abstract machine • Some static analysis: An attack model (and possibly,) • The spi-calculus, carry ideas over • A type-system: Safe programs
The ’almost 24/7’-calculus • Read and write actions, parallel composition, restriction, replication • The only terms are channel names ! • Surprisingly expressive, consumes the lambda-calculus • Mobile agents, distributed computation, communication protocols • Applied variants come with a few more primitives (redundant but useful !)
A fun example s k Not funny ! c k s k k c Attacker c?(x).x?(y) Program new k; (c!(k) | new s; (k!(s) | c?(x).x?(y)))
Abstract machine writes reads reads (for each channel) Runqueue R (of waiting processes) Heap H (of waiting requests) Reduction rulesH, R H’, R’
Loki the mischievous one Assumptions • Omnipresent, fairly potent, fairly lucky! • Goal: to know as many secrets as possible Modus operandi • Operates within the rules of the game • Maintains a set of currently known channel names • Listens on these channels, adds anything that comes by to his knowledge • Sends fresh names whenever the program is listening on these channels
Loki attacks Pi Knowledge c (of known names and unknown secrets) writes reads reads (for each channel) Runqueue R (of waiting processes) Heap H (of waiting requests) Reduction rulesH, R, c H’, R’, c’
Spi, abstract machine and Loki • Spi is an applied variant of pi, with cryptographic primitives, naturals, structured terms and guarded processes • Abstract machine extends • Loki’s knowledge is now a set of terms, together with rules to derive new terms from his knowledge • Loki attacks Spi, too
Type system for authorization in Spi • Spi extended to include logic clauses and expectations (~assertions) • A program is safe if all expectations are derivable from the context • A program is robustly safe if the program is safe when composed with any opponent • Theorem: All well-typed programs are robustly safe.
?, ! Report*, slides, code at http://www.soe.ucsc.edu/~avik/PL/ *abridged version. Type system not shown (unpublished personal communication)