J and dom(µ 1 ) ? fnfv(µ 2 ) = ? then E, µ 2, E J . LEMMA, vol.5, issue.2 1 ,
E) then forms(E), forms(x : T ) forms(x : T ) ,
Moreover the depth of the derivation of the second judgment equals that of the first ,
{C 1 }, : {C 2 }, E J if and only if E, : {C 1 ?C 2 }, J ,
Properties of Kinding We introduced in Section 3.2 a universal type Un of data known to the opponent Lemma 15 (Public Tainted) is a standard characterization of the public and tainted kinds: a type T is public if and only if it is a subtype of Un, and a type is tainted if and only if it is a supertype of Un. The next two lemmas are needed in the proof of this main lemma, 2003. ,
T and (? <: ? ) ? E we have that: {?, ? } ? fnfv(T ) = ? if and only if {? ,
? :: pub, ? :: tnt, E T :: ?. Our second substitution lemma shows how substitution of a type T for a variable ? affects various judgments ,
(4) If E, ? :: ? ,
Let T be {y : U | C} or U for any U such that h : (H,U) For any H and U such that h, if E T <: U then E H <: H ,
Maffeis The next two lemmas assert that heating A A preserves the extracted formulas of an expression (that is, the formulas extracted from A follow from those extracted from A) and also that heating preserves types ,
Similarly, the next two lemmas assert that reduction A ? A preserves the extracted formulas of an expression and also that reduction preserves types ,
Our next results are that typing implies static safety and indeed safety ,
RESTATEMENT OF THEOREM 1 (SAFETY) If ? A : T then A is safe. PROOF. Consider any A and S such that A ? * A and A S; it suffices to show that S is statically safe, Preserves Types) this and A S imply ? S : T . By Lemma 31 (Static Safety), this implies S is statically safe ,
If O is an expression containing no assert such that (a Un) ? E for each name a ? fn(O), and (x : Un) ? E for each variable x ? fv(O), then E O : Un. Finally, we prove that robust safety follows by typing, RESTATEMENT OF THEOREM 2 (ROBUST SAFETY ,
Secrecy by typing in security protocols, Journal of the ACM, vol.46, issue.5, pp.749-786, 1999. ,
DOI : 10.1145/324133.324266
Access control in a core calculus of dependency, Computation, Meaning, and Logic: Articles dedicated to Gordon Plotkin, pp.5-31, 2007. ,
Analyzing security protocols with secrecy types and logic programs, Journal of the ACM, vol.52, issue.1, pp.102-146, 2005. ,
DOI : 10.1145/1044731.1044735
Access control based on execution history, 10th Annual Network and Distributed System Symposium (NDSS'03). Internet Society, 2003. ,
A calculus for cryptographic protocols, Proceedings of the 4th ACM conference on Computer and communications security , CCS '97, pp.1-70, 1999. ,
DOI : 10.1145/266420.266432
Prudent engineering practice for cryptographic protocols, IEEE Transactions on Software Engineering, vol.22, issue.1, pp.6-15, 1996. ,
DOI : 10.1109/32.481513
A calculus for access control in distributed systems, ACM Transactions on Programming Languages and Systems, vol.15, issue.4, pp.706-734, 1993. ,
DOI : 10.1145/155183.155225
Security-Typed Languages for Implementation of Cryptographic Protocols: A Case Study, European Symposium on Research in Computer Security (ESORICS'05), pp.197-221, 2005. ,
DOI : 10.1007/11555827_12
Cryptographically-masked flows, Static Analysis Symposium, pp.353-369, 2006. ,
Subtyping dependent types, Theoretical Computer Science, vol.266, issue.1-2, pp.273-309, 2001. ,
DOI : 10.1016/S0304-3975(00)00175-4
Engineering formal metatheory, ACM Symposium on Principles of Programming Languages (POPL'08), pp.3-17, 2008. ,
Achieving Security Despite Compromise Using Zero-knowledge, 2009 22nd IEEE Computer Security Foundations Symposium, pp.308-323, 2009. ,
DOI : 10.1109/CSF.2009.24
Secure compilation of a multi-tier web language, Proceedings of the 4th international workshop on Types in language design and implementation, TLDI '09, pp.27-38, 2009. ,
DOI : 10.1145/1481861.1481866
The Spec# Programming System: An Overview, CASSIS'05, pp.49-69, 2005. ,
DOI : 10.1007/978-3-540-30569-9_3
Random oracles are practical, Proceedings of the 1st ACM conference on Computer and communications security , CCS '93, pp.62-73, 1993. ,
DOI : 10.1145/168588.168596
Refinement types for secure implementations, 2010. ,
URL : https://hal.archives-ouvertes.fr/hal-01294973
Cryptographically verified implementations for TLS, Proceedings of the 15th ACM conference on Computer and communications security, CCS '08, pp.459-468, 2008. ,
DOI : 10.1145/1455770.1455828
Verified interoperable implementations of security protocols, ACM Transactions on Programming Languages and Systems, vol.31, issue.1, pp.1-561, 2008. ,
DOI : 10.1145/1452044.1452049
Cryptographic Protocol Synthesis and Verification for Multiparty Sessions, 2009 22nd IEEE Computer Security Foundations Symposium, pp.124-140, 2009. ,
DOI : 10.1109/CSF.2009.26
Modular verification of security protocol code by typing, ACM Symposium on Principles of Programming Languages (POPL'10), pp.445-456, 2010. ,
An efficient cryptographic protocol verifier based on prolog rules, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001., pp.82-96, 2001. ,
DOI : 10.1109/CSFW.2001.930138
A computationally sound mechanized prover for security protocols, Cryptology ePrint Archive Report, vol.401, 2005. ,
Automated Verification of Selected Equivalences for Security Protocols, 20th Annual IEEE Symposium on Logic in Computer Science (LICS' 05), pp.3-51, 2008. ,
DOI : 10.1109/LICS.2005.8
Roles, stacks, histories: A triple for Hoare, pp.2009-97, 2009. ,
Typechecking dependent types and subtypes, Foundations of Logic and Functional Programming, pp.45-57, 1986. ,
DOI : 10.1007/3-540-19129-1_2
ASPIER: An Automated Framework for Verifying Security Protocol Implementations, 2009 22nd IEEE Computer Security Foundations Symposium, pp.172-185, 2009. ,
DOI : 10.1109/CSF.2009.20
Do As I SaY! Programmatic Access Control with Explicit Identities, 20th IEEE Computer Security Foundations Symposium (CSF'07), pp.16-30, 2007. ,
DOI : 10.1109/CSF.2007.19
Implementing mathematics with the Nuprl proof development system, 1986. ,
Links: Web Programming Without Tiers, FMCO: Proceedings of 5th International Symposium on Formal Methods for Components and Objects, 2006. ,
DOI : 10.1007/978-3-540-74792-5_12
The calculus of constructions. Information and Computation, pp.95-120, 1988. ,
URL : https://hal.archives-ouvertes.fr/inria-00076024
Lambda calculus notation with nameless dummies, a tool for automatic formula manipulation, with application to the Church-Rosser theorem, Indagationes Mathematicae, vol.34, pp.381-392, 1972. ,
Z3: An efficient SMT solver In Tools and Algorithms for the Construction and Analysis of Systems, LNCS, vol.4963, pp.337-340, 2008. ,
Java security: from HotJava to Netscape and beyond, Proceedings 1996 IEEE Symposium on Security and Privacy, 1996. ,
DOI : 10.1109/SECPRI.1996.502681
Simplify: a theorem prover for program checking, Journal of the ACM, vol.52, issue.3, pp.365-473, 2005. ,
DOI : 10.1145/1066100.1066102
On the security of public key protocols, IEEE Transactions on Information Theory, vol.29, issue.2, pp.198-208, 1983. ,
DOI : 10.1109/TIT.1983.1056650
Elements of intuitionism, 1977. ,
Why: a multi-language multi-prover verification condition generator, 2003. ,
Extended static checking for Java, ACM SIGPLAN Notices, vol.37, issue.5, pp.234-245, 2002. ,
DOI : 10.1145/543552.512558
Cryptographically sound implementations for typed informationflow security, 35th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL'08), pp.323-335, 2008. ,
A type discipline for authorization policies, ACM TOPLAS, vol.29, issue.5, 2007. ,
A type discipline for authorization policies in distributed systems, 20th IEEE Computer Security Foundations Symposium (CSF'07), pp.31-45, 2007. ,
Refinement types for ML, Programming Language Design and Implementation (PLDI'91), pp.268-277, 1991. ,
A mechanisation of name-carrying syntax up to alpha-conversion, Higher Order Logic Theorem Proving and its Applications. Proceedings number 780 in LNCS, pp.414-426, 1993. ,
DOI : 10.1007/3-540-57826-9_152
Principles and applications of refinement types A preliminary version appears as, In Proceedings of the NATO Summer School Marktoberdorf, 2009. ,
Cryptyc: Cryptographic protocol type checker. At http://cryptyc.cs.depaul, 2002. ,
Authenticity by typing for security protocols, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001., pp.451-521, 2003. ,
DOI : 10.1109/CSFW.2001.930143
Types and effects for asymmetric cryptographic protocols, Journal of Computer Security, vol.12, issue.3-4, pp.435-484, 2003. ,
DOI : 10.3233/JCS-2004-123-406
Secrecy Despite Compromise: Types, Cryptography, and the Pi-Calculus, CONCUR 2005?Concurrency Theory, pp.186-201, 2005. ,
DOI : 10.1007/11539452_17
Cryptographic Protocol Analysis on Real C Code, VMCAI'05, pp.363-379, 2005. ,
DOI : 10.1007/978-3-540-30579-8_24
Sage: Hybrid checking for flexible specifications, Scheme and Functional Programming Workshop, pp.93-104, 2006. ,
Semantics of programming languages, 1992. ,
Reliable Evidence: Auditability by Typing, 14th European Symposium on Research in Computer Security (ESORICS'09), pp.168-183, 2009. ,
DOI : 10.1016/S0140-3664(02)00049-X
Implementing a Formally Verifiable Security Protocol in Java Card, Security in Pervasive Computing, pp.213-226, 2003. ,
DOI : 10.1007/978-3-540-39881-3_19
Lambda-RBAC: Programming with Role-Based Access Control, Logical Methods in Computer Science, vol.4, issue.1, 2008. ,
DOI : 10.2168/LMCS-4(1:2)2008
Aura: a programming language for authorization and audit, International Conference on Functional Programming (ICFP'08), pp.27-38, 2008. ,
Type-based data structure verification, Programming Language Design and Implementation (PLDI'09), pp.304-315, 2009. ,
Encoding information flow in Haskell, IEEE Computer Security Foundations Workshop (CSFW'06), p.16, 2006. ,
Code-Carrying Authorization, 13th European Symposium on Research in Computer Security (ESORICS'08), pp.563-579, 2008. ,
DOI : 10.1007/3-540-56610-4_62
Intuitionistic type theory, Bibliopolis, 1984. ,
Protection in programming languages, Communications of the ACM, vol.16, issue.1, pp.15-21, 1973. ,
DOI : 10.1145/361932.361937
JFlow, Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages , POPL '99, pp.228-241, 1999. ,
DOI : 10.1145/292540.292561
OASIS Web Services Security: SOAP Message Security 1.0 (WS-Security, 2004. ,
Using encryption for authentication in large networks of computers, Communications of the ACM, vol.21, issue.12, pp.993-999, 1978. ,
DOI : 10.1145/359657.359659
Synthesizing proofs from programs in the Calculus of Inductive Constructions, Mathematics of Program Construction (MPC'95), pp.351-379, 1995. ,
DOI : 10.1007/3-540-60117-1_20
Logic and computation: Interactive proof with Cambridge LCF, 1987. ,
DOI : 10.1017/CBO9780511526602
Isabelle: a generic theorem prover, LNCS, vol.828, 1991. ,
DOI : 10.1007/BFb0030541
Typing and subtyping for mobile processes, [1993] Proceedings Eighth Annual IEEE Symposium on Logic in Computer Science, pp.409-454, 1996. ,
DOI : 10.1109/LICS.1993.287570
Verifying an implementation of SSH, WITS'07, pp.164-177, 2007. ,
Information flow inference for ML, ACM Transactions on Programming Languages and Systems, vol.25, issue.1, pp.117-158, 2003. ,
DOI : 10.1145/596980.596983
A systematic approach to access control, Programming Languages and Systems, pp.30-45, 2001. ,
A Hoare Logic for Call-by-Value Functional Programs, Mathematics of Program Construction, pp.305-335 ,
DOI : 10.1007/978-3-540-70594-9_17
Liquid types, Programming Language Design and Implementation (PLDI'08), pp.159-169, 2008. ,
Low-level liquid types, ACM Symposium on Principles of Programming Languages (POPL'10), pp.131-144, 2010. ,
Subtypes for specifications: predicate subtyping in PVS, IEEE Transactions on Software Engineering, vol.24, issue.9, pp.709-720, 1998. ,
DOI : 10.1109/32.713327
Reasoning about programs in continuation-passing style, LISP and Symbolic Computation, vol.6, pp.3-4289, 1993. ,
A bisimulation for dynamic sealing, TCS, vol.375, pp.1-3169, 2007. ,
A Cryptographic Decentralized Label Model, 2007 IEEE Symposium on Security and Privacy (SP '07), pp.192-206, 2007. ,
DOI : 10.1109/SP.2007.5
Evidence-Based Audit, 2008 21st IEEE Computer Security Foundations Symposium, pp.177-191, 2008. ,
DOI : 10.1109/CSF.2008.24
A semantic model for authentication protocols, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy, pp.178-194, 1993. ,
DOI : 10.1109/RISP.1993.287633
Dependent types in practical programming, Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages , POPL '99, pp.214-227, 1999. ,
DOI : 10.1145/292540.292560
Extended static checking for haskell, Proceedings of the 2006 ACM SIGPLAN workshop on Haskell , Haskell '06, pp.48-59, 2006. ,
DOI : 10.1145/1159842.1159849