A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
A generic type system for the Pi-calculus
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Athena: a novel approach to efficient automatic security protocol analysis
Journal of Computer Security
Types as models: model checking message-passing programs
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Secure implementation of channel abstractions
Information and Computation
The Definition of Standard ML
Language Primitives and Type Discipline for Structured Communication-Based Programming
ESOP '98 Proceedings of the 7th European Symposium on Programming: Programming Languages and Systems
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Using Replication and Partitioning to Build Secure Distributed Systems
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
A Semantic Model for Authentication Protocols
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Authenticity by typing for security protocols
Journal of Computer Security - Special issue on CSFW14
Acute: high-level programming language design for distributed computation
Proceedings of the tenth ACM SIGPLAN international conference on Functional programming
Verified Interoperable Implementations of Security Protocols
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Abstraction preservation and subtyping in distributed languages
Proceedings of the eleventh ACM SIGPLAN international conference on Functional programming
Type-safe distributed programming for OCaml
Proceedings of the 2006 workshop on ML
Language support for fast and reliable message-based communication in singularity OS
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Type checking a multithreaded functional language with session types
Theoretical Computer Science
Secure sessions for Web services
ACM Transactions on Information and System Security (TISSEC)
Fairplay—a secure two-party computation system
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Secure Implementations for Typed Session Abstractions
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Electronic Notes in Theoretical Computer Science (ENTCS)
Multiparty asynchronous session types
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Structured communication-centred programming for web services
ESOP'07 Proceedings of the 16th European conference on Programming
A protocol compiler for secure sessions in ML
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
Cryptographically sound implementations for communicating processes
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Session types for object-oriented languages
ECOOP'06 Proceedings of the 20th European conference on Object-Oriented Programming
A basic contract language for web services
ESOP'06 Proceedings of the 15th European conference on Programming Languages and Systems
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
A cryptographic protocol compiler for multiparty sessions
Proceedings of the 2009 ACM SIGPLAN workshop on ML
Secure Enforcement for Global Process Specifications
CONCUR 2009 Proceedings of the 20th International Conference on Concurrency Theory
AnBx: security protocols design and verification
ARSPA-WITS'10 Proceedings of the 2010 joint conference on Automated reasoning for security protocol analysis and issues in the theory of security
| Hi-index | 0.00 |
Distributed applications can be structured as parties that exchange messages according to some pre-arranged communication patterns. These sessions (or contracts, or protocols) simplify distributed programming: when coding a role for a given session, each party just has to follow the intended message flow, under the assumption that the other parties are also compliant. In an adversarial setting, remote parties may not be trusted to play their role. Hence, defensive implementations also have to monitor one another, in order to detect any deviation from the assigned roles of a session. This task involves low-level coding below session abstractions, thus giving up most of their benefits. We explore language-based support for sessions. We extend the ML language with session types that express flows of messages between roles, such that well-typed programs always play their roles. We compile session type declarations to cryptographic communication protocols that can shield programs from any low-level attempt by coalitions of remote peers to deviate from their roles. Our main result is that, when reasoning about programs that use our session implementation, one can safely assume that all session peers comply with their roles - without trusting their remote implementations.