摘要 :
In this work, we study hybrid exact/relaxed zero-know ledge proofs from lattices, where the proved relation is exact in one part and relaxed in the other. Such proofs arise in important real-life applications such as those requiri...
展开
In this work, we study hybrid exact/relaxed zero-know ledge proofs from lattices, where the proved relation is exact in one part and relaxed in the other. Such proofs arise in important real-life applications such as those requiring verifiable PRF evaluation and have so far not received significant attention as a standalone problem. We first introduce a general framework, LANES~+, for realizing such hybrid proofs efficiently by combining standard relaxed proofs of knowledge RPoK and the LANES framework (due to a series of works in Crypto'20, Asiacrypt'20, ACM CCS'20). The latter framework is a powerful lattice-based proof system that can prove exact linear and multiplicative relations. The advantage of LANES~+ is its ability to realize hybrid proofs more efficiently by exploiting RPoK for the high-dimensional part of the secret witness while leaving a low-dimensional secret witness part for the exact proof that is proven at a significantly lower cost via LANES. Thanks to the flexibility of LANES~+, other exact proof systems can also be supported. We apply our LANES~+ framework to construct substantially shorter proofs of rounding, which is a central tool for verifiable deterministic lattice-based cryptography. Based on our rounding proof, we then design an efficient long-term verifiable random function (VRF), named LaV. LaV leads to the shortest VRF outputs among the proposals of standard (i.e., long-term and stateless) VRFs based on quantum-safe assumptions. Of independent interest, we also present generalized results for challenge difference invertibility, a fundamental soundness security requirement for many proof systems.
收起
摘要 :
We address the problem of verifying the temporal safety of heap memory at each pointer dereference. Our whole-program analysis approach is undertaken from the perspective of pointer analysis, allowing us to leverage the advantages...
展开
We address the problem of verifying the temporal safety of heap memory at each pointer dereference. Our whole-program analysis approach is undertaken from the perspective of pointer analysis, allowing us to leverage the advantages of and advances in pointer analysis to improve precision and scalability. A dereference ω, say, via pointer q is unsafe iff there exists a deallocation ψ, say, via pointer p such that on a control-flow path p, p aliases with q (with both pointing to an object o representing an allocation), denoted A~ψ_ω(p), and ψ reaches ω on p via control flow, denoted R~ψ_ω(p). Applying directly any existing pointer analysis, which is typically solved separately with an associated control-flow reachability analysis, will render such verification highly imprecise, since ()p.A~ψ_ω(p) Λ()p.R~ψ_ω(p) ()pA~ψ_ω(p) ΛR~ψ_ω(p) (i-e., () does not distribute over a). For precision, we solve ()p.A~ψ_ω(p) a with a control-flow path p containing an allocation o, a deallocation ψ and a dereference ω abstracted by a tuple of three contexts (c_o,c_ψ,c_ω). For scalability, a demand-driven full context-sensitive (modulo recursion) pointer analysis, which operates on pre-computed def-use chains with adaptive context-sensitivity, is used to infer (c_o,c_ψ,c_ω), without losing soundness or precision. Our evaluation shows that our approach can successfully verify the safety of 81.3% (or ~(93.141)_(114.508) of all the dereferences in a set of ten C programs totalling 1,166 KLOC.
收起
摘要 :
We address the problem of verifying the temporal safety of heap memory at each pointer dereference. Our whole-program analysis approach is undertaken from the perspective of pointer analysis, allowing us to leverage the advantages...
展开
We address the problem of verifying the temporal safety of heap memory at each pointer dereference. Our whole-program analysis approach is undertaken from the perspective of pointer analysis, allowing us to leverage the advantages of and advances in pointer analysis to improve precision and scalability. A dereference ω, say, via pointer q is unsafe iff there exists a deallocation ψ, say, via pointer p such that on a control-flow path p, p aliases with q (with both pointing to an object o representing an allocation), denoted A~ψ_ω(p), and ψ reaches ω on p via control flow, denoted R~ψ_ω(p). Applying directly any existing pointer analysis, which is typically solved separately with an associated control-flow reachability analysis, will render such verification highly imprecise, since ()p.A~ψ_ω(p) Λ()p.R~ψ_ω(p) ()pA~ψ_ω(p) ΛR~ψ_ω(p) (i-e., () does not distribute over a). For precision, we solve ()p.A~ψ_ω(p) a with a control-flow path p containing an allocation o, a deallocation ψ and a dereference ω abstracted by a tuple of three contexts (c_o,c_ψ,c_ω). For scalability, a demand-driven full context-sensitive (modulo recursion) pointer analysis, which operates on pre-computed def-use chains with adaptive context-sensitivity, is used to infer (c_o,c_ψ,c_ω), without losing soundness or precision. Our evaluation shows that our approach can successfully verify the safety of 81.3% (or ~(93.141)_(114.508) of all the dereferences in a set of ten C programs totalling 1,166 KLOC.
收起
摘要 :
Business world is getting increasingly dynamic. Information processing using knowledge-, service-, and cloud-based systems makes the use of complex, dynamic and often knowledge-intensive activities an inevitable task. Knowledge-in...
展开
Business world is getting increasingly dynamic. Information processing using knowledge-, service-, and cloud-based systems makes the use of complex, dynamic and often knowledge-intensive activities an inevitable task. Knowledge-intensive processes contain a set of coordinated tasks and activities, controlled by knowledge workers to achieve a business objective or goal. Recruitment process - i.e., the process of attracting, shortlisting, selecting and appointing suitable candidates for jobs within an organization - is an example of a knowledge-intensive process, where recruiters (i.e., knowledge workers who have the experience, understanding, information, and skills) control various tasks from advertising positions to analyzing the candidates' Curriculum Vitae. Attracting and recruiting right talent is a key differentiator in modern organizations. In this paper, we put the first step towards automating the recruitment process. We present a framework and algorithms (namely iRecruit) to: (ⅰ) imitate the knowledge of recruiters into the domain knowledge; and (ⅱ) extract data and knowledge from business artifacts (e.g., candidates' CV and job advertisements) and link them to the facts in the domain Knowledge Base. We adopt a motivating scenario of recruitment challenges to find the right fit for Data Scientists role in an organization.
收起
摘要 :
Business world is getting increasingly dynamic. Information processing using knowledge-, service-, and cloud-based systems makes the use of complex, dynamic and often knowledge-intensive activities an inevitable task. Knowledge-in...
展开
Business world is getting increasingly dynamic. Information processing using knowledge-, service-, and cloud-based systems makes the use of complex, dynamic and often knowledge-intensive activities an inevitable task. Knowledge-intensive processes contain a set of coordinated tasks and activities, controlled by knowledge workers to achieve a business objective or goal. Recruitment process - i.e., the process of attracting, shortlisting, selecting and appointing suitable candidates for jobs within an organization - is an example of a knowledge-intensive process, where recruiters (i.e., knowledge workers who have the experience, understanding, information, and skills) control various tasks from advertising positions to analyzing the candidates' Curriculum Vitae. Attracting and recruiting right talent is a key differentiator in modern organizations. In this paper, we put the first step towards automating the recruitment process. We present a framework and algorithms (namely iRecruit) to: (ⅰ) imitate the knowledge of recruiters into the domain knowledge; and (ⅱ) extract data and knowledge from business artifacts (e.g., candidates' CV and job advertisements) and link them to the facts in the domain Knowledge Base. We adopt a motivating scenario of recruitment challenges to find the right fit for Data Scientists role in an organization.
收起
摘要 :
Methods are available for estimating the probability of failure of dams for use in Quantitative Risk Assessment for all failure modes. Some, such as those for estimating the probability of failure of embankment dams by overtopping...
展开
Methods are available for estimating the probability of failure of dams for use in Quantitative Risk Assessment for all failure modes. Some, such as those for estimating the probability of failure of embankment dams by overtopping by flooding, and by liquefaction, are well developed. Others, such as those of piping and stability are less precise, and best able to estimate relative likelihoods of failure rather than absolute probabilities. As is the case with many other aspects of dam safety engineering, all methods require a considerable degree of engineering judgement.
收起
摘要 :
Methods are available for estimating the probability of failure of dams for use in Quantitative Risk Assessment for all failure modes. Some, such as those for estimating the probability of failure of embankment dams by overtopping...
展开
Methods are available for estimating the probability of failure of dams for use in Quantitative Risk Assessment for all failure modes. Some, such as those for estimating the probability of failure of embankment dams by overtopping by flooding, and by liquefaction, are well developed. Others, such as those of piping and stability are less precise, and best able to estimate relative likelihoods of failure rather than absolute probabilities. As is the case with many other aspects of dam safety engineering, all methods require a considerable degree of engineering judgement.
收起
摘要 :
By abstracting over well-known properties of De Bruijn's representation with nameless dummies, we design a new theory of syntax with variable binding and capture-avoiding substitution. We propose it as a simpler alternative to Fio...
展开
By abstracting over well-known properties of De Bruijn's representation with nameless dummies, we design a new theory of syntax with variable binding and capture-avoiding substitution. We propose it as a simpler alternative to Fiore, Plotkin, and Turi's approach, with which we establish a strong formal link. We also show that our theory easily incorporates simple types and equations between terms.
收起