probabilistic applicative bisimulation and call by value
play

Probabilistic Applicative Bisimulation and Call-by-Value Lambda - PowerPoint PPT Presentation

Bisimulation Context Equivalence vs. Bisimulation Conclusions Probabilistic Applicative Bisimulation and Call-by-Value Lambda Calculi Joint work with Ugo Dal Lago Raphalle Crubill ENS Lyon February 9, 2014 Raphalle Crubill


  1. Λ ⊕ Bisimulation Context Equivalence vs. Bisimulation Conclusions Probabilistic Applicative Bisimulation and Call-by-Value Lambda Calculi Joint work with Ugo Dal Lago Raphaëlle Crubillé ENS Lyon February 9, 2014 Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  2. Λ ⊕ Bisimulation Context Equivalence vs. Bisimulation Conclusions Introduction Fundamental question: when can two programs be considered equivalent ? Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  3. Λ ⊕ Bisimulation Context Equivalence vs. Bisimulation Conclusions Introduction Fundamental question: when can two programs be considered equivalent ? Context equivalence [Morris1968] : Two terms M and N are context equivalent if their observable behavior is the same in any context. Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  4. Λ ⊕ Bisimulation Context Equivalence vs. Bisimulation Conclusions Introduction Fundamental question: when can two programs be considered equivalent ? Context equivalence [Morris1968] : Two terms M and N are context equivalent if their observable behavior is the same in any context. Proving that two programs are not equivalent is relatively easy: just find a context that separates them. Proving that two program are indeed equivalent , on the other hand, can be quite complicated. Other equivalence notion : Bisimilarity Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  5. Λ ⊕ Bisimulation Context Equivalence vs. Bisimulation Conclusions Our result For a probabilistic λ -calculus ( Λ ⊕ ) : Context Equivalence = Bisimilarity Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  6. Λ ⊕ Bisimulation Context Equivalence vs. Bisimulation Conclusions Λ ⊕ 1 Syntax and Operational Semantics Motivating Example : Perfect Security Bisimulation 2 Probabilistic Bisimulation in the abstact A Labelled Markov Chain for Λ ⊕ Example Context Equivalence vs. Bisimulation 3 ∼⊆≡ Full Abstraction Conclusions 4 Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  7. Λ ⊕ Bisimulation Syntax and Operational Semantics Context Equivalence vs. Bisimulation Motivating Example : Perfect Security Conclusions Λ ⊕ 1 Syntax and Operational Semantics Motivating Example : Perfect Security Bisimulation 2 Probabilistic Bisimulation in the abstact A Labelled Markov Chain for Λ ⊕ Example Context Equivalence vs. Bisimulation 3 ∼⊆≡ Full Abstraction Conclusions 4 Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  8. Λ ⊕ Bisimulation Syntax and Operational Semantics Context Equivalence vs. Bisimulation Motivating Example : Perfect Security Conclusions Syntax and Operational Semantics of Λ ⊕ [DLZorzi2012] Terms : M , N ::= x | λ x . M | MM | M ⊕ M ; Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  9. Λ ⊕ Bisimulation Syntax and Operational Semantics Context Equivalence vs. Bisimulation Motivating Example : Perfect Security Conclusions Syntax and Operational Semantics of Λ ⊕ [DLZorzi2012] Terms : M , N ::= x | λ x . M | MM | M ⊕ M ; Values : V ::= λ x . M ; Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  10. Λ ⊕ Bisimulation Syntax and Operational Semantics Context Equivalence vs. Bisimulation Motivating Example : Perfect Security Conclusions Syntax and Operational Semantics of Λ ⊕ [DLZorzi2012] Terms : M , N ::= x | λ x . M | MM | M ⊕ M ; Values : V ::= λ x . M ; Approximation (Big-Step) Semantics : M ⇓ D , where D : Values → [ 0 , 1 ] sub-probability distribution. Approximation from below : only finite distributions M ⇓ D N ⇓ E M ⇓ ∅ V ⇓ { V 1 } M ⊕ N ⇓ 1 2 D + 1 2 E M ⇓ K N ⇓ F { P [ V / x ] ⇓ E P , V } λ x . P ∈ S ( K ) , V ∈ S ( F ) �� � MN ⇓ � F ( V ) λ x . P ∈ S ( K ) K ( λ x . P ) E P , V V ∈ S ( F ) Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  11. Λ ⊕ Bisimulation Syntax and Operational Semantics Context Equivalence vs. Bisimulation Motivating Example : Perfect Security Conclusions Syntax and Operational Semantics of Λ ⊕ [DLZorzi2012] Terms : M , N ::= x | λ x . M | MM | M ⊕ M ; Values : V ::= λ x . M ; Approximation (Big-Step) Semantics : M ⇓ D , where D : Values → [ 0 , 1 ] sub-probability distribution. Approximation from below : only finite distributions M ⇓ D N ⇓ E M ⇓ ∅ V ⇓ { V 1 } M ⊕ N ⇓ 1 2 D + 1 2 E M ⇓ K N ⇓ F { P [ V / x ] ⇓ E P , V } λ x . P ∈ S ( K ) , V ∈ S ( F ) �� � MN ⇓ � F ( V ) λ x . P ∈ S ( K ) K ( λ x . P ) E P , V V ∈ S ( F ) Semantics : � M � = sup M ⇓ D D ; Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  12. Λ ⊕ Bisimulation Syntax and Operational Semantics Context Equivalence vs. Bisimulation Motivating Example : Perfect Security Conclusions Syntax and Operational Semantics of Λ ⊕ [DLZorzi2012] Terms : M , N ::= x | λ x . M | MM | M ⊕ M ; Values : V ::= λ x . M ; Approximation (Big-Step) Semantics : M ⇓ D , where D : Values → [ 0 , 1 ] sub-probability distribution. Approximation from below : only finite distributions M ⇓ D N ⇓ E M ⇓ ∅ V ⇓ { V 1 } M ⊕ N ⇓ 1 2 D + 1 2 E M ⇓ K N ⇓ F { P [ V / x ] ⇓ E P , V } λ x . P ∈ S ( K ) , V ∈ S ( F ) �� � MN ⇓ � F ( V ) λ x . P ∈ S ( K ) K ( λ x . P ) E P , V V ∈ S ( F ) Semantics : � M � = sup M ⇓ D D ; Variations: Small-Step Semantics, Call-by-name Evaluation. Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  13. Λ ⊕ Bisimulation Syntax and Operational Semantics Context Equivalence vs. Bisimulation Motivating Example : Perfect Security Conclusions Why Probabilistic Computation? Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  14. Λ ⊕ Bisimulation Syntax and Operational Semantics Context Equivalence vs. Bisimulation Motivating Example : Perfect Security Conclusions An Example: Perfect Security Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  15. Λ ⊕ Bisimulation Syntax and Operational Semantics Context Equivalence vs. Bisimulation Motivating Example : Perfect Security Conclusions An Example: Perfect Security Let Π = ( GEN , ENC , DEC ) be a cryptoscheme . Let A = ( A 1 , A 2 ) be an adversary . Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  16. Λ ⊕ Bisimulation Syntax and Operational Semantics Context Equivalence vs. Bisimulation Motivating Example : Perfect Security Conclusions An Example: Perfect Security Let Π = ( GEN , ENC , DEC ) be a cryptoscheme . Let A = ( A 1 , A 2 ) be an adversary . PrivK Π A m 0 , m 1 ← A 1 ; Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  17. Λ ⊕ Bisimulation Syntax and Operational Semantics Context Equivalence vs. Bisimulation Motivating Example : Perfect Security Conclusions An Example: Perfect Security Let Π = ( GEN , ENC , DEC ) be a cryptoscheme . Let A = ( A 1 , A 2 ) be an adversary . PrivK Π A m 0 , m 1 ← A 1 ; b ← { 0 , 1 } ; k ← GEN ; Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  18. Λ ⊕ Bisimulation Syntax and Operational Semantics Context Equivalence vs. Bisimulation Motivating Example : Perfect Security Conclusions An Example: Perfect Security Let Π = ( GEN , ENC , DEC ) be a cryptoscheme . Let A = ( A 1 , A 2 ) be an adversary . PrivK Π A m 0 , m 1 ← A 1 ; b ← { 0 , 1 } ; k ← GEN ; c ← ENC ( m b , k ); Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  19. Λ ⊕ Bisimulation Syntax and Operational Semantics Context Equivalence vs. Bisimulation Motivating Example : Perfect Security Conclusions An Example: Perfect Security Let Π = ( GEN , ENC , DEC ) be a cryptoscheme . Let A = ( A 1 , A 2 ) be an adversary . PrivK Π A m 0 , m 1 ← A 1 ; b ← { 0 , 1 } ; k ← GEN ; c ← ENC ( m b , k ); b ′ ← A 2 ( c ); Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  20. Λ ⊕ Bisimulation Syntax and Operational Semantics Context Equivalence vs. Bisimulation Motivating Example : Perfect Security Conclusions An Example: Perfect Security Let Π = ( GEN , ENC , DEC ) be a cryptoscheme . Let A = ( A 1 , A 2 ) be an adversary . PrivK Π A m 0 , m 1 ← A 1 ; b ← { 0 , 1 } ; k ← GEN ; c ← ENC ( m b , k ); b ′ ← A 2 ( c ); return b = b ′ . Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  21. Λ ⊕ Bisimulation Syntax and Operational Semantics Context Equivalence vs. Bisimulation Motivating Example : Perfect Security Conclusions An Example: Perfect Security For every adversary A , A = true ) = 1 Pr ( PrivK Π 2 Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

  22. Λ ⊕ Bisimulation Syntax and Operational Semantics Context Equivalence vs. Bisimulation Motivating Example : Perfect Security Conclusions An Example: Perfect Security One-Time-Pad GEN = true ⊕ false : bool ; ENC = λ x .λ y . if x then ( NOT y ) else y : bool → bool → bool ; DEC = ENC . Raphaëlle Crubillé Probabilistic Applicative Bisimulation and Call-by-Value Lamb

Recommend


More recommend