Advertisement

Look for the Proof to Find the Program: Decorated-Component-Based Program Synthesis

  • Adrià Gascón
  • Ashish Tiwari
  • Brent Carmer
  • Umang Mathur
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10427)

Abstract

We introduce a technique for component-based program synthesis that relies on searching for a target program and its proof of correctness simultaneously using a purely constraint-based approach, rather than exploring the space of possible programs in an enumerate-and-check loop. Our approach solves a synthesis problem by checking satisfiability of an \(\exists \exists \) constraint \(\phi \), whereas traditional program synthesis approaches are based on solving an \(\exists \forall \) constraint. This enables the use of SMT-solving technology to decide \(\phi \), resulting in a scalable practical approach. Moreover, our technique uniformly handles both functional and nonfunctional criteria for correctness. To illustrate these aspects, we use our technique to automatically synthesize several intricate and non-obvious cryptographic constructions.

References

  1. 1.
    Abel, A., Pientka, B., Thibodeau, D., Setzer, A.: Copatterns: programming infinite structures by observations. In: 40th ACM Symposium Principles of Programming Languages POPL (2013)Google Scholar
  2. 2.
    Alur, R., Bodík, R., Juniwal, G., Martin, M.M.K., Raghothaman, M., Seshia, S.A., Singh, R., Solar-Lezama, A., Torlak, E., Udupa, A.: Syntax-guided synthesis. In: Formal Methods in Computer-Aided Design, FMCAD, pp. 1–17 (2013)Google Scholar
  3. 3.
    Barthe, G., Crespo, J.M., Kunz, C., Schmidt, B., Gregoire, B., Lakhnech, Y., Zanella-Beguelin, S.: Fully automated analysis of padding-based encryption in the computational model (2013). http://www.easycrypt.info/zoocrypt/
  4. 4.
    Barthe, G., Dupressoir, F., Grégoire, B., Kunz, C., Schmidt, B., Strub, P.-Y.: EasyCrypt: A Tutorial. In: Aldini, A., Lopez, J., Martinelli, F. (eds.) FOSAD 2012-2013. LNCS, vol. 8604, pp. 146–166. Springer, Cham (2014). doi: 10.1007/978-3-319-10082-1_6 CrossRefGoogle Scholar
  5. 5.
    Bogdanov, D., Laur, S., Willemson, J.: Sharemind: a framework for fast privacy-preserving computations. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 192–206. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-88313-5_13 CrossRefGoogle Scholar
  6. 6.
    Boneh, D.: The decision Diffie-Hellman problem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 48–63. Springer, Heidelberg (1998). doi: 10.1007/BFb0054851 CrossRefGoogle Scholar
  7. 7.
    Carmer, B., Rosulek, M.: Linicrypt: a model for practical cryptography. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9816, pp. 416–445. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-53015-3_15 CrossRefGoogle Scholar
  8. 8.
    Chou, T., Orlandi, C.: The simplest protocol for oblivious transfer. Cryptology ePrint Archive, Report 2015/267 (2015). http://eprint.iacr.org/
  9. 9.
    Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: 4th ACM Symposium on Principles of Programming Languages, POPL, pp. 238–252 (1977)Google Scholar
  10. 10.
    Du, W., Atallah, M.J.: Protocols for secure remote database access with approximate matching. In: Ghosh, A.K. (ed.) E-Commerce Security and Privacy, pp. 87–111. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  11. 11.
    Felgentreff, T., Millstein, T., Borning, A., Hirschfeld, R.: Checks and balances: constraint solving without surprises in object-constraint programming languages. In: Proceedings Conference on Object-oriented Programming, Systems, Languages, and Applications, OOPSLA (2015)Google Scholar
  12. 12.
    Frankle, J., Osera, P., Walker, D., Zdancewic, S.: Example-directed synthesis: a type-theoretic interpretation. In: POPL, pp. 802–815. ACM (2016)Google Scholar
  13. 13.
    Gascón, A., Subramanyan, P., Dutertre, B., Tiwari, A., Jovanovic, D., Malik, S.: Template-based circuit understanding. In: Formal Methods in Computer-Aided Design, FMCAD, pp. 83–90. IEEE (2014)Google Scholar
  14. 14.
    Gascón, A., Tiwari, A.: Synudic: synthesis using dual interpretation on components (2016). https://github.com/adriagascon/synudic
  15. 15.
    Gilboa, N.: Two party RSA key generation. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 116–129. Springer, Heidelberg (1999). doi: 10.1007/3-540-48405-1_8 Google Scholar
  16. 16.
    Gulwani, S., Jha, S., Tiwari, A., Venkatesan, R.: Synthesis of loop-free programs. In: Proceedings of ACM Conference on Programing Language Design and Implementation PLDI, pp. 62–73 (2011)Google Scholar
  17. 17.
    Gulwani, S., Srivastava, S., Venkatesan, R.: Program analysis as constraint solving. In: Proceedings of ACM Conference on Programming Language Design and Implementation, PLDI, pp. 281–292 (2008)Google Scholar
  18. 18.
    Hoang, V., Katz, J., Malozemoff, A.: Automated analysis and synthesis of authenticated encryption schemes. In: ACM CCS (2015)Google Scholar
  19. 19.
    Jha, S., Gulwani, S., Seshia, S.A., Tiwari, A.: Oracle-guided component-based program synthesis. In: Proceedings of ICSE, vol. 1, pp. 215–224. ACM (2010)Google Scholar
  20. 20.
    Kneuss, E., Kuraj, I., Kuncak, V., Suter, P.: Synthesis modulo recursive functions. In: OOPSLA, pp. 407–426. ACM (2013)Google Scholar
  21. 21.
    Lindell, Y.: How to simulate it - a tutorial on the simulation proof technique. Cryptology ePrint Archive, Report 2016/046 (2016). http://eprint.iacr.org/2016/046
  22. 22.
    Malozemoff, A.J., Katz, J., Green, M.D.: Automated analysis and synthesis of block-cipher modes of operation. In: IEEE 27th Computer Security Foundations Symposium, CSF, pp. 140–152. IEEE (2014)Google Scholar
  23. 23.
    Manna, Z., Waldinger, R.J.: Toward automatic program synthesis. Commun. ACM 14(3), 151–165 (1971)CrossRefzbMATHGoogle Scholar
  24. 24.
    Microsoft Research: Z3: an efficient SMT solver. http://research.microsoft.com/projects/z3/
  25. 25.
    Naor, M., Pinkas, B.: Efficient oblivious transfer protocols. In: Proceedings of 12th ACM-SIAM Symposium on Discrete Algorithms, SODA, pp. 448–457 (2001)Google Scholar
  26. 26.
    Polikarpova, N., Kuraj, I., Solar-Lezama, A.: Program synthesis from polymorphic refinement types. In: PLDI, pp. 522–538. ACM (2016)Google Scholar
  27. 27.
    Smith, C., Albarghouthi, A.: Mapreduce program synthesis. In: PLDI, pp. 326–340. ACM (2016)Google Scholar
  28. 28.
    Solar-Lezama, A., Rabbah, R.M., Bodík, R., Ebcioglu, K.: Programming by sketching for bit-streaming programs. In: PLDI (2005)Google Scholar
  29. 29.
    Solar-Lezama, A., Tancau, L., Bodík, R., Saraswat, V., Seshia, S.: Combinatorial sketching for finite programs. In: ASPLOS (2006)Google Scholar
  30. 30.
    SRI International: Yices: an SMT solver. http://yices.csl.sri.com/
  31. 31.
    Srivastava, S., Gulwani, S., Foster, J.S.: Template-based program verification and program synthesis. STTT 15(5–6), 497–518 (2013)CrossRefGoogle Scholar
  32. 32.
    Tiwari, A., Gascón, A., Dutertre, B.: Program synthesis using dual interpretation. In: Felty, A.P., Middeldorp, A. (eds.) CADE 2015. LNCS (LNAI), vol. 9195, pp. 482–497. Springer, Cham (2015). doi: 10.1007/978-3-319-21401-6_33 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Adrià Gascón
    • 1
  • Ashish Tiwari
    • 2
  • Brent Carmer
    • 3
  • Umang Mathur
    • 4
  1. 1.University of Warwick and The Alan Turing InstituteLondonUK
  2. 2.SRI InternationalMenlo ParkUSA
  3. 3.Oregon State UniversityCorvallisUSA
  4. 4.University of Illinois at Urbana-ChampaignChampaignUSA

Personalised recommendations