Skip to main content
SpringerLink
Log in

A Categorical Approach to Secure Compilation

  • Conference paper
  • First Online:
Coalgebraic Methods in Computer Science (CMCS 2020)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 12094))

Included in the following conference series:

Abstract

We introduce a novel approach to secure compilation based on maps of distributive laws. We demonstrate through four examples that the coherence criterion for maps of distributive laws can potentially be a viable alternative for compiler security instead of full abstraction, which is the preservation and reflection of contextual equivalence. To that end, we also make use of the well-behavedness properties of distributive laws to construct a categorical argument for the contextual connotations of bisimilarity.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    The authors use the term “Mathematical Operational Semantics”. The term “Bialgebraic Semantics” is also used in the literature.

  2. 2.

    A copointed endofunctor is an endofunctor F equipped with a natural transformation \(F \Longrightarrow \mathrm {Id}\).

  3. 3.

    We write \(B^{\infty }\) for the cofree comonad over B, which satisfies \(B^\infty X \cong X \times B B^\infty X\).

  4. 4.

    The list operator itself arises from the derivative of the free monad operator.

  5. 5.

    Note that we can not conclude that preservation of bisimilarity would imply preservation of contextual equivalence.

  6. 6.

    We are not referring to the store, but to the internal, algebraic state.

  7. 7.

    Examples of this are enclaves in Intel SGX  [15] and object capabilities in CHERI  [51].

References

  1. Abadi, M.: Protection in programming-language translations. In: Secure Internet Programming, Security Issues for Mobile and Distributed Objects, pp. 19–34 (1999). https://doi.org/10.1007/3-540-48749-2_2

  2. Abate, C., et al.: Journey beyond full abstraction: exploring robust property preservation for secure compilation (2018). arXiv: 1807.04603 [cs.PL]

  3. Abate, C., et al.: When good components go bad: formally secure compilation despite dynamic compromise. In: Lie, D. et al. (ed.) Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS 2018, Toronto, ON, Canada, 15–19 October 2018, pp. 1351–1368 (2018). https://doi.org/10.1145/3243734.3243745, ISBN: 978-1-4503-5693-0

  4. Abbott, M.G., Altenkirch, T., Ghani, N.: Containers: constructing strictly positive types. Theor. Comput. Sci. 342(1), 3–27 (2005). https://doi.org/10.1016/j.tcs.2005.06.002

  5. Abbott, M.G., et al.: For data: differentiating data structures. Fundam. Inform. 65(1-2), 1–28 (2005). http://content.iospress.com/articles/fundamenta-informaticae/fi65-1-2-02

  6. Abou-Saleh, F.: A coalgebraic semantics for imperative programming languages. PhD thesis. Imperial College London, UK (2014). http://hdl.handle.net/10044/1/13693

  7. Abou-Saleh, F., Pattinson, D.: Towards effects in mathematical operational semantics. Electr. Notes Theor. Comput. Sci. 276, 81–104 (2011). https://doi.org/10.1016/j.entcs.2011.09.016

  8. Agten, P., et al.: Secure compilation to modern processors. In: Chong, S. (ed.) 25th IEEE Computer Security Foundations Symposium, CSF 2012, Cambridge, MA, USA, 25–27 June 2012. IEEE Computer Society, pp. 171–185 (2012). https://doi.org/10.1109/CSF.2012.12, ISBN: 978-1-4673-1918-8

  9. Ahmed, A., Blume, M.: An equivalence-preserving CPS translation via multi-language semantics. In: Chakravarty, M.M.T., Hu, Z., Danvy, O. (eds.) Proceeding of the 16th ACM SIGPLAN International Conference on Functional Programming, ICFP 2011, Tokyo, Japan, 19–21 September 2011, pp. 431–444. ACM (2011). https://doi.org/10.1145/2034773.2034830, ISBN: 978-1-4503-0865-6

  10. Ahmed, A., et al.: Secure compilation (Dagstuhl Seminar 18201). In: Ahmed, A., et al. (ed.) Dagstuhl Reports 8.5 (2018), pp. 1–30. ISSN: 2192–5283.https://doi.org/10.4230/DagRep.8.5.1, http://drops.dagstuhl.de/opus/volltexte/2018/9891

  11. Bartels, F.: On generalised coinduction and probabilistic specification formats: distributive laws in coalgebraic modelling (2004)

    Google Scholar 

  12. Bonchi, F., et al.: Lax bialgebras and up-to techniques for weak bisimulations. In: Aceto, L., de Frutos-Escrig, D. (eds.) 26th International Conference on Concurrency Theory, CONCUR 2015, Madrid, Spain, September 1.4, 2015, vol. 42. LIPIcs. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik, pp. 240–253 (2015). https://doi.org/10.4230/LIPIcs.CONCUR.2015.240, ISBN: 978-3-939897-91-0

  13. Brengos, T.: Weak bisimulation for coalgebras over order enriched monads. Logical Methods Comput. Sci. 11(2) (2015). https://doi.org/10.2168/LMCS-11(2:14)2015

  14. Cockett, J.R.B.: Introduction to distributive categories. In: Math. Struct. Comput. Sci. 33, 277–307 (1993) . https://doi.org/10.1017/S0960129500000232

  15. Costan, V., Devadas, S.: Intel SGX explained. In: IACR Cryptology ePrint Archive 2016 (2016), p. 86. http://eprint.iacr.org/2016/086

  16. Devriese, D., Patrignani, M., Piessens, F.: Fully-abstract compilation by approximate back-translation. In: Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2016, St. Petersburg, FL, USA, 20–22 January 2016, pp. 164–177 (2016). https://doi.org/10.1145/2837614.2837618

  17. Dreyer, D., Ahmed, A., Birkedal, L.: Logical step-indexed logical relations. Logical Methods Comput. Sci. 7(2) (2011). https://doi.org/10.2168/LMCS-7(2:16)2011

  18. Fournet, C., et al.: Fully abstract compilation to JavaScript. In: The 40th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2013, Rome, Italy - January 23–25, 2013, pp. 371–384 (2013). https://doi.org/10.1145/2429069.2429114

  19. Groote, J.F., Vaandrager, F.W.: Structured operational semantics and bisimulation as a congruence. Inf. Comput. 100(2), 202–260 (1992). https://doi.org/10.1016/0890-5401(92)90013-6

  20. Hasuo, I., Jacobs, B., Sokolova, A.: Generic trace semantics via coinduction. Logical Methods Comput. Sci. 3(4) (2007). https://doi.org/10.2168/LMCS-3(4:11)2007

  21. Intel 64 and IA-32 Architectures Software Developer’s Manual. Intel Corporation (2016). https://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developerinstruction-set-reference-manual-325383.pdf

  22. Jacobs, B.: Introduction to coalgebra: towards mathematics of states and observation, vol. 59. Cambridge Tracts in Theoretical Computer Science. Cambridge University Press (2016). ISBN: 9781316823187. CBO9781316823187. https://doi.org/10.1017/CBO9781316823187

  23. Jacobs, B.: Parameters and parametrization in specification, using distributive categories. In: Fundam. Inform. 24(3), 209–250 (1995). https://doi.org/10.3233/FI-1995-2431

  24. Jagadeesan, R., et al.: Local memory via layout randomization. In: Proceedings of the 24th IEEE Computer Security Foundations Symposium, CSF 2011, Cernay-la-Ville, France, 27–29 June 2011, pp. 161–174. IEEE Computer Society, (2011). ISBN: 978-1-61284-644-6. https://doi.org/10.1109/CSF.2011.18

  25. Kennedy, A.: Securing the .NET programming model. In: Theor. Comput. Sci. 364(3), 311–317 (2006). https://doi.org/10.1016/j.tcs.2006.08.014

  26. Klin, B.: Bialgebras for structural operational semantics: an introduction. Theor. Comput. Sci. 412(38), 5043–5069 (2011). https://doi.org/10.1016/j.tcs.2011.03.023

  27. Klin, B., Nachyla, B.: Presenting morphisms of distributive laws. In: 6th Conference on Algebra and Coalgebra in Computer Science, CALCO 2015, 24–26 June 2015, Nijmegen, The Netherlands, pp. 190–204 (2015). https://doi.org/10.4230/LIPIcs.CALCO.2015.190

  28. Lenisa, M., Power, J., Watanabe, H.: Distributivity for endofunctors, pointed and co-pointed endofunctors, monads and comonads. Electr. Notes Theor. Comput. Sci. 33, 230–260 (2000). https://doi.org/10.1016/S1571-0661(05)80350-0

  29. Mcbride, C.: The derivative of a regular type is its type of one-hole contexts (Extended Abstract) (2001)

    Google Scholar 

  30. MIPS Architecture for Programmers Volume II-A: The MIPS32 Instruction Set Manual. MIPS Technologies (2016). https://s3-eu-west-1.amazonaws.com/downloads-mips/documents/MD00086-2B-MIPS32BISAFP-6.06.pdf

  31. Morris, J.H.: Lambda-calculus models of programming languages. PhD thesis. Massachusetts Institute of Technology (1968)

    Google Scholar 

  32. New, M.S., Bowman, W.J., Ahmed, A.: Fully abstract compilation via universal embedding. In: Garrigue, J., Keller, G., Sumii, E. (eds.) Proceedings of the 21st ACM SIGPLAN International Conference on Functional Programming, ICFP 2016, Nara, Japan, 18–22 September 2016, pp. 103–116. ACM (2016). ISBN: 978-1-4503-4219- 3. https://doi.org/10.1145/2951913.2951941

  33. Patrignani, M., Ahmed, A., Clarke, D.: Formal approaches to secure compilation: a survey of fully abstract compilation and related work. ACM Comput. Surv. 51(6), 125:1–125:36 (2019). https://doi.org/10.1145/3280984, ISSN: 0360–0300

  34. Patrignani, M., Clarke, D., Piessens, F.: Secure compilation of object-oriented components to protected module architectures. In: Shan, C. Programming Languages and Systems - 11th Asian Symposium, APLAS 2013, Melbourne, VIC, Australia, 9–11 December 2013. Proceedings, vol. 8301. Lecture Notes in Computer Science, pp. 176–191. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-319-03542-0_13, ISBN: 978-3-319-03541-3

  35. Patrignani, M., Devriese, D., Piessens, F.: On modular and fully-abstract compilation. In: IEEE 29th Computer Security Foundations Symposium, CSF 2016, Lisbon, Portugal, June 27 - July 1, 2016, pp. 17–30. IEEE Computer Society (2016). ISBN: 978-1-5090-2607-4. https://doi.org/10.1109/CSF.2016.9

  36. Patrignani, M., Garg, D.: Robustly safe compilation. In: Programming Languages and Systems - 28th European Symposium on Programming, ESOP 2019, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2019, Prague, Czech Republic, 6–11 April 2019, Proceedings, pp. 469–498 (2019). https://doi.org/10.1007/978-3-030-17184-1_17

  37. Patrignani, M., et al.: Secure compilation to protected module architectures. ACM Trans. Program. Lang. Syst. 37(2), 6:1–6:50 (2015). https://doi.org/10.1145/2699503

  38. Plotkin, G.D.: A structural approach to operational semantics. J. Log. Algebr. Program. 60–61, 17–139 (2004)

    MathSciNet  MATH  Google Scholar 

  39. Popescu, A.: Weak bisimilarity coalgebraically. In: Algebra and Coalgebra in Computer Science, Third International Conference, CALCO 2009, Udine, Italy, 7–10 September 2009. Proceedings, pp. 157–172 (2009). https://doi.org/10.1007/978-3-642-03741-2_12

  40. Power, J., Watanabe, H.: Distributivity for a monad and a comonad. Electr. Notes Theor. Comput. Sci. 19, 102 (1999). https://doi.org/10.1016/S1571-0661(05)80271-3

  41. Rot, J., et al.: Enhanced coalgebraic bisimulation. Math. Struct. Comput. Sci. 27(7), 1236–1264 (2017). https://doi.org/10.1017/S0960129515000523

  42. Rothe, J., Masulovic, D.: Towards weak bisimulation for coalgebras. Electr. Notes Theor. Comput. Sci. 68(1), 32–46 (2002). https://doi.org/10.1016/S1571-0661(04)80499-7

  43. Rutten, J.J.M.M.: A note on coinduction and weak bisimilarity for while programs. In: ITA 33.4/5, pp. 393–400 (1999). https://doi.org/10.1051/ita:1999125

  44. Skorstengaard, L., Devriese, D., Birkedal, L.: Reasoning about a machine with local capabilities. In: Ahmed, A. (ed.) ESOP 2018. LNCS, vol. 10801, pp. 475–501. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-89884-1_17

    Chapter  MATH  Google Scholar 

  45. Skorstengaard, L., Devriese, D., Birkedal, L.: StkTokens: enforcing well-bracketed control flow and stack encapsulation using linear capabilities. Proc. ACM Program. Lang. 3(POPL), 19:1–19:28 (2019). https://doi.org/10.1145/3290332, ISSN: 2475–1421

  46. Tsampas, S., Devriese, D., Piessens, F.: Temporal safety for stack allocated memory on capability machines. In: 32nd IEEE Computer Security Foundations Symposium, CSF 2019, Hoboken, NJ, USA, 25–28 June 2019, pp. 243–255. IEEE (2019). https://doi.org/10.1109/CSF.2019.00024, ISBN: 978-1-7281-1407-1

  47. Turi, D.: Categorical modelling of structural operational rules: case studies. In: Category Theory and Computer Science, 7th International Conference, CTCS ’97, Santa Margherita Ligure, Italy, 4–6 September 1997, Proceedings, pp. 127–146 (1997). https://doi.org/10.1007/BFb0026985

  48. Turi, D., Plotkin, G.D.: Towards a mathematical operational semantics. In: Proceedings, 12th Annual IEEE Symposium on Logic in Computer Science, Warsaw, Poland, June 29 - July 2, 1997, pp. 280–291 (1997). https://doi.org/10.1109/LICS.1997.614955

  49. Van Strydonck, T., Piessens, F., Devriese, D.: Linear capabilities for fully abstract compilation of separation-logic-verified code. Proc. ACM Program. Lang. ICFP (2019). accepted

    Google Scholar 

  50. Watanabe, H.: Well-behaved translations between structural operational semantics. Electr. Notes Theor. Comput. Sci. 65(1), 337–357 (2002). https://doi.org/10.1016/S1571-0661(04)80372-4

  51. Watson, R.N.M., et al.: CHERI: a hybrid capability-system architecture for scalable software compartmentalization. In: 2015 IEEE Symposium on Security and Privacy, SP 2015, San Jose, CA, USA, 17–21 May 2015, pp. 20–37. IEEE Computer Society (2015). https://doi.org/10.1109/SP.2015.9, ISBN: 978-1-4673-6949-7

Download references

Acknowledgements

This work was partially supported by the Research Fund KU Leuven. Andreas Nuyts holds a PhD fellowship from the Research Foundation - Flanders (FWO).

Author information

Authors and Affiliations

  1. KU Leuven, Leuven, Belgium

    Stelios Tsampas, Andreas Nuyts & Frank Piessens

  2. Vrije Universiteit Brussel, Brussels, Belgium

    Dominique Devriese

Authors
  1. Stelios Tsampas
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Andreas Nuyts
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dominique Devriese
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Frank Piessens
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dominique Devriese .

Editor information

Editors and Affiliations

  1. Université de Paris, CNRS, IRIF, Paris, France

    Daniela Petrişan

  2. Radboud University, Nijmegen, The Netherlands

    Jurriaan Rot

Rights and permissions

Reprints and permissions

Copyright information

© 2020 IFIP International Federation for Information Processing

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Tsampas, S., Nuyts, A., Devriese, D., Piessens, F. (2020). A Categorical Approach to Secure Compilation. In: Petrişan, D., Rot, J. (eds) Coalgebraic Methods in Computer Science. CMCS 2020. Lecture Notes in Computer Science(), vol 12094. Springer, Cham. https://doi.org/10.1007/978-3-030-57201-3_9

Download citation

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation