Results 1  10
of
33
A type system for certified binaries
 In ACM Symposium on Principles of Programming Languages
, 2002
"... A certified binary is a value together with a proof that the value satisfies a given specification. Existing compilers that generate certified code have focused on simple memory and controlflow safety rather than more advanced properties. In this paper, we present a general framework for explicitly ..."
Abstract

Cited by 84 (12 self)
 Add to MetaCart
A certified binary is a value together with a proof that the value satisfies a given specification. Existing compilers that generate certified code have focused on simple memory and controlflow safety rather than more advanced properties. In this paper, we present a general framework for explicitly representing complex propositions and proofs in typed intermediate and assembly languages. The new framework allows us to reason about certified programs that involve effects while still maintaining decidable typechecking. We show how to integrate an entire proof system (the calculus of inductive constructions) into a compiler intermediate language and how the intermediate language can undergo complex transformations (CPS and closure conversion) while preserving proofs represented in the type system. Our work provides a foundation for the process of automatically generating certified binaries in a typetheoretic framework. 1
Pure Pattern Type Systems
 In POPL’03
, 2003
"... We introduce a new framework of algebraic pure type systems in which we consider rewrite rules as lambda terms with patterns and rewrite rule application as abstraction application with builtin matching facilities. This framework, that we call “Pure Pattern Type Systems”, is particularly wellsuite ..."
Abstract

Cited by 43 (20 self)
 Add to MetaCart
We introduce a new framework of algebraic pure type systems in which we consider rewrite rules as lambda terms with patterns and rewrite rule application as abstraction application with builtin matching facilities. This framework, that we call “Pure Pattern Type Systems”, is particularly wellsuited for the foundations of programming (meta)languages and proof assistants since it provides in a fully unified setting higherorder capabilities and pattern matching ability together with powerful type systems. We prove some standard properties like confluence and subject reduction for the case of a syntactic theory and under a syntactical restriction over the shape of patterns. We also conjecture the strong normalization of typable terms. This work should be seen as a contribution to a formal connection between logics and rewriting, and a step towards new proof engines based on the CurryHoward isomorphism.
TypePreserving Compilation of Featherweight Java
, 2001
"... We present an efficient encoding of core Java constructs in a simple, implementable typed intermediate language. The encoding, after type erasure, has the same operational behavior as a standard implementation using vtables and selfapplication for method invocation. Classes inherit superclass metho ..."
Abstract

Cited by 35 (8 self)
 Add to MetaCart
We present an efficient encoding of core Java constructs in a simple, implementable typed intermediate language. The encoding, after type erasure, has the same operational behavior as a standard implementation using vtables and selfapplication for method invocation. Classes inherit superclass methods with no overhead. We support mutually recursive classes while preserving separate compilation. Our strategy extends naturally to a significant subset of Java, including interfaces and privacy. The formal translation using Featherweight Java allows comprehensible typepreservation proofs and serves as a starting point for extending the translation to new features.
General recursion via coinductive types
 Logical Methods in Computer Science
"... Vol. 1 (2:1) 2005, pp. 1–28 ..."
Comparing mathematical provers
 In Mathematical Knowledge Management, 2nd Int’l Conf., Proceedings
, 2003
"... Abstract. We compare fifteen systems for the formalizations of mathematics with the computer. We present several tables that list various properties of these programs. The three main dimensions on which we compare these systems are: the size of their library, the strength of their logic and their le ..."
Abstract

Cited by 23 (0 self)
 Add to MetaCart
Abstract. We compare fifteen systems for the formalizations of mathematics with the computer. We present several tables that list various properties of these programs. The three main dimensions on which we compare these systems are: the size of their library, the strength of their logic and their level of automation. 1
A machinechecked formalization of the generic model and the random oracle model
 in Proceedings of IJCAR’04, vol. 3097, Lecture Notes in Computer Science
"... Abstract. Most approaches to the formal analyses of cryptographic protocols make the perfect cryptography assumption, i.e. the hypothese that there is no way to obtain knowledge about the plaintext pertaining to a ciphertext without knowing the key. Ideally, one would prefer to rely on a weaker hypo ..."
Abstract

Cited by 22 (5 self)
 Add to MetaCart
Abstract. Most approaches to the formal analyses of cryptographic protocols make the perfect cryptography assumption, i.e. the hypothese that there is no way to obtain knowledge about the plaintext pertaining to a ciphertext without knowing the key. Ideally, one would prefer to rely on a weaker hypothesis on the computational cost of gaining information about the plaintext pertaining to a ciphertext without knowing the key. Such a view is permitted by the Generic Model and the Random Oracle Model which provide nonstandard computational models in which one may reason about the computational cost of breaking a cryptographic scheme. Using the proof assistant Coq, we provide a machinechecked account of the Generic Model and the Random Oracle Model. 1
External Rewriting for Skeptical Proof Assistants
, 2002
"... This paper presents the design, the implementation and experiments of the integration of syntactic, conditional possibly associativecommutative term rewriting into proof assistants based on constructive type theory. Our approach is called external since it consists in performing term rewriting in a ..."
Abstract

Cited by 18 (3 self)
 Add to MetaCart
This paper presents the design, the implementation and experiments of the integration of syntactic, conditional possibly associativecommutative term rewriting into proof assistants based on constructive type theory. Our approach is called external since it consists in performing term rewriting in a speci c and ecient environment and to check the computations later in a proof assistant.
Open Proofs and Open Terms: A Basis for Interactive Logic
 COMPUTER SCIENCE LOGIC: 16TH INTERNATIONAL WORKSHOP, CLS 2002, LECTURE NOTES IN COMPUTER SCIENCE 2471 (2002
, 2002
"... When proving a theorem, one makes intermediate claims, leaving parts temporarily unspecified. These `open' parts may be proofs but also terms. In interactive theorem proving systems, one prominently deals with these `unfinished proofs' and `open terms'. We study these `open phenomena' from the point ..."
Abstract

Cited by 12 (1 self)
 Add to MetaCart
When proving a theorem, one makes intermediate claims, leaving parts temporarily unspecified. These `open' parts may be proofs but also terms. In interactive theorem proving systems, one prominently deals with these `unfinished proofs' and `open terms'. We study these `open phenomena' from the point of view of logic. This amounts to finding a correctness criterion for `unfinished proofs' (where some parts may be left open, but the logical steps that have been made are still correct). Furthermore we want to capture the notion of `proof state'. Proof states are the objects that interactive theorem provers operate on and we want to understand them in terms of logic. In this paper we define `open higher order predicate logic', an extension of higher order logic with unfinished (open) proofs and open terms. Then we define a type theoretic variant of this open higher order logic together with a formulasastypes embedding from open higher order logic to this type theory. We show how this type theory nicely captures the notion of `proof state', which is now a typetheoretic context.
Machinechecked security proofs of cryptographic signature schemes
 In Proceedings of ESORICS’05, volume 3xxx of Lecture Notes in Computer Science
, 2005
"... Abstract. Formal methods have been extensively applied to the certification of cryptographic protocols. However, most of these works make the perfect cryptography assumption, i.e. the hypothesis that there is no way to obtain knowledge about the plaintext pertaining to a ciphertext without knowing t ..."
Abstract

Cited by 9 (1 self)
 Add to MetaCart
Abstract. Formal methods have been extensively applied to the certification of cryptographic protocols. However, most of these works make the perfect cryptography assumption, i.e. the hypothesis that there is no way to obtain knowledge about the plaintext pertaining to a ciphertext without knowing the key. A model that does not require the perfect cryptography assumption is the generic model and the random oracle model. These models provide nonstandard computational models in which one may reason about the computational cost of breaking a cryptographic scheme. Using the machinechecked account of the Generic Model and the Random Oracle Model formalized in Coq, we prove the safety of cryptosystems that depend on a cyclic group (like ElGamal cryptosystem), against interactive generic attacks and we prove the security of blind signatures against interactive attacks. To prove the last step, we use a generic parallel attack to create a forgery signature. 1
A MachineChecked Formalization of the Random Oracle Model
 in "Proceedings of TYPES’04", Lecture Notes in Computer Science
, 2005
"... Abstract. Most approaches to the formal analysis of cryptography protocols make the perfect cryptographic assumption, which entails for example that there is no way to obtain knowledge about the plaintext pertaining to a ciphertext without knowing the key. Ideally, one would prefer to abandon the pe ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
Abstract. Most approaches to the formal analysis of cryptography protocols make the perfect cryptographic assumption, which entails for example that there is no way to obtain knowledge about the plaintext pertaining to a ciphertext without knowing the key. Ideally, one would prefer to abandon the perfect cryptography hypothesis and reason about the computational cost of breaking a cryptographic scheme by achieving such goals as gaining information about the plaintext pertaining to a ciphertext without knowing the key. Such a view is permitted by nonstandard computational models such as the Generic Model and the Random Oracle Model. Using the proof assistant Coq, we provide a machinechecked account of the Generic Model and the Random Oracle Model. We exploit this framework to prove the security of the ElGamal cryptosystem against adaptive chosen ciphertexts attacks. 1