Josyula R. Rao

Towards Sound Approaches to Counteract Power-Analysis Attacks

Side channel cryptanalysis techniques, such as the analysis of instantaneous power consumption, have been extremely effective in attacking implementations on simple hardware platforms. There are several proposed solutions to resist these attacks, most of which are ad-hoc and can easily be rendered ineffective. A scientific approach is to create a model for the physical characteristics of the device, and then design implementations provably secure in that model, i.e, they resist generic attacks with an a priori bound on the number of experiments. We propose an abstract model which approximates power consumption in most devices and in particular small single-chip devices. Using this, we propose a generic technique to create provably resistant implementations for devices where the power model has reasonable properties, and a source of randomness exists. We prove a lower bound on the number of experiments required to mount statistical attacks on devices whose physical characteristics satisfy reasonable properties.

A predicate transformer approach to semantics of parallel programs

We present an extensional semantics for parallel programs based on predicate transformers. We identify the meaning of a parallel program with three concepts: a set of initial conditions, a predicate transformer, called wlt, characterizing progress properties of the program, and a predicate transformer wsafe concerned with safety aspects. For a given program, these predicate transformers are defined in terms of fixpoints of recursive equations. The basis for our semantics are two completeness results: the first one states that the fixpoint characterization of wlt completely captures the notion of progress under weak fairness, with programs modelled as infinite directed computation trees. Similarly, the second completeness theorem relates wsafe and safety prop erties. In addition, we show that Chandy and Misra’s theory of UNITY has the same expressive power as our approach. We apply the results obtained to derive new, shorter and more direct proofs of a number of UNITY theorems and prove that for UNITY, wlt does not enjoy a number of junctivity properties such as or-continuity. Finally, we draw some connections to Temporal Logics of programs. *Supported in part by NSF-CCR-851-1354 tsupported in part by ONR contract N00014-87-K-0510 Permission to copy without fee all or part of this material is granted provided that the copies are not made or distributed for direct commercial advantage, the ACM copyright notice and the title of the publication and its date appear, and notice is given that copying is by permission of the Association for Computing Machinery. To copy otherwise, or to republish, requires a fee and/or specific permission.

Reasoning about probabilistic algorithms

The field of probabilistic algorithms holds out promise for simple and efficient algorithms to problems which may not have a deterministic solution. For the gain in simplicity, efficiency and tractability one has to trade the notion of absolute correctness of algorithms for a probabilistic notion of correctness. In this paper, we address the problem of specifying and deriving properties of probabilistic parallel programs that either hold deterministically or with probability one. We present a proof methodology based on existing proof systems for probabilistic algorithms, the theory of the weak predicate transformer and the theory of UNITY. Although the proofs of probabilistic programs are tortuous at best, we show that such programs can be derived with the same rigor and elegance that we have seen in the derivation of sequential and parallel programs.