Action Comète Concurrency, Mobility, and Transactions

1. Action ComèteConcurrency, Mobility, and Transactions Catuscia Palamidessi INRIA-Futurs and LIX LIX

2. Status and People • Comète is an “Action”. We are planning to present it as a project in the next coming months. • Permanent members: • Catuscia Palamidessi (coordinator) • Fabrice Le Fessant • Ongoing collaborations • Frank Valencia, BRICS and Uppsala Univ. (Concurrent Constraint Programming, reactive programming, security) • Diletta Cacciagrano, Univ. de L’Aquila (p-calculus, fairness) • Planned collaborations • Bernadette Charron Bost, LIX (Safety and liveness) • Veronique Benzakem, LRI (Transactions) • Giuseppe Castagna, ENS (Mobility) • Davide Sangiorgi, Univ di Bologna (p-calculus) • Vladimiro Sassone, Univ of Sussex and Michele Bugliesi, Univ di Venezia (distributed resources, atomicity. Possibility of a STREP) LIX

3. Projects • ACI Securite’ ROSSIGNOL: Verification of Cryptographic Protocols • LIF responsable:D. Luigiez • LSV Responsable: F. Jacquemard • INRIA-Futurs & LIX responsable: C. Palamidessi • Verimag Responsible: Y. Lackhnech LIX

4. Main Goals • Foundations of Langauges for Concurrent and Distributed Systems • Process Calculi (pi-calculus) • Mobility, Probabilities • Development of a probabilistic version of the asynchronous -calculus • Distributed implementation of the p-calculus • A langauge for specification and verification of security protocols (PROPIS) • Development of a platform for distributed programming LIX

5. Main goals • Probabilistic Asynchronous p (ppa) • Aim:add the power of randomization to obtain a language that • is as expressive as p (it is possible to encode p into it) • can be implemented in a fully distributed way • Expressive power of p: • Solution to the generalized dining philosophers • Encodingof p into ppacompleted and proved correct wrt a notion of testing semantics LIX

6. Features of PROPIS • PRObabilistic PI for Security • ppaenriched with cryptographic primitives similar to those of the spi-calculus [Abadi and Gordon] • The probability features will allow to analyse security protocols at a finer level (cryptographic level), i.e. beyond the Dolew-Yao assumptions of perfect cryptography:In our approach an attacker can try to guess a key, for instance. The point is to prove that the probability that his attack can be effective is negligible. • The probability features will also allow to express protocols that require randomization. LIX

7. Example: The dining cryptographers An example of achieving anonymity Crypt(0) notpays0 pays0 Master Crypt(1) Crypt(2) LIX

8. The dining cryptographers • The Problem: • Three cryptographers share a meal • The meal is paid either by the organization (master) or by one of them. The master decides who pays • Each of the cryptographers is informed by the master whether or not he is paying • Goal: • The cryptographers would like to know whether the meal is being paid by the master or by one of them, but without knowing who is paying (if it is one of them). LIX

9. The dining cryptographers: Solution • Solution:Each cryptographer tosses a coin (probabilistic choice). Each coin is in between two cryptographers. • The result of each coin-tossing is visible to the adjacent cryptographers, and only to them. • Each cryptographer examines the two adjacent coins • If he is paying, he announces “agree” if the results are the same, and “disagree” otherwise. • If he is not paying, he says the opposite • Claim 1: if the number of “disagree” is even, then the master is paying. Otherwise, one of them is paying. • Claim 2: In the latter case, if the coin is fair the non paying cryptographers will not be able to deduce whom exactly is paying LIX

10. The dining cryptographers: Solution Crypt(0) notpays0 pays0 Coin(0) Coin(1) look20 Master out1 Crypt(1) Crypt(2) Coin(2) LIX