Complete Lax Logical Relations for Cryptographic Lambda-Calculi
نویسندگان
چکیده
Security properties are profitably expressed using notions of contextual equivalence, and logical relations are a powerful proof technique to establish contextual equivalence in typed lambda calculi, see e.g. Sumii and Pierce’s logical relation for a cryptographic lambda-calculus. We clarify Sumii and Pierce’s approach, showing that the right tool is prelogical relations, or lax logical relations in general: relations should be lax at encryption types, notably. To explore the difficult aspect of fresh name creation, we use Moggi’s monadic lambda-calculus with constants for cryptographic primitives, and Stark’s name creation monad. We define logical relations which are lax at encryption and function types but strict (non-lax) at various other types, and show that they are sound and complete for contextual equivalence at all types.
منابع مشابه
Lax Logical Relations
Lax logical relations are a categorical generalisation of logical relations; though they preserve product types, they need not preserve exponential types. But, like logical relations, they are preserved by the meanings of all lambda-calculus terms. We show that lax logical relations coincide with the correspondences of Schoett, the algebraic relations of Mitchell and the pre-logical relations o...
متن کاملConstructive Data Reenement in Typed Lambda Calculus
A new treatment of data reenement in typed lambda calculus is proposed, based on pre-logical relations HS99] rather than logical relations as in Ten94], and incorporating a constructive element. Constructive data reenement is shown to have desirable properties, and a substantial example of reenement is presented.
متن کاملCyrptographic logical relations
Using contextual equivalence (a.k.a. observational equivalence) to specify security properties is an important idea in the field of formal verification of cryptographic protocols. While contextual equivalence is difficult to prove directly, one is usually able to deduce it using so-called logical relations in typed λ-calculi. We apply this technique to the cryptographic metalanguage — an extens...
متن کاملUnder Consideration for Publication in J. Functional Programming Girard Translation and Logical Predicates
We present a short proof of a folklore result: the Girard translation from the simply typed lambda calculus to the linear lambda calculus is fully complete. The proof makes use of a notion of logical predicates for intuitionistic linear logic. While the main result is of independent interest, this paper can be read as a tutorial on this proof technique for reasoning about relations between type...
متن کاملO / 0 61 21 06 v 1 21 D ec 2 00 6 On completeness of logical relations for monadic types ⋆
Software security can be ensured by specifying and verifying security properties of software using formal methods with strong theoretical bases. In particular, programs can be modeled in the framework of lambda-calculi, and interesting properties can be expressed formally by contextual equivalence (a.k.a. observational equivalence). Furthermore, imperative features, which exist in most real-lif...
متن کامل