Visible to the public Fully-abstract Compilation by Approximate Back-translation

TitleFully-abstract Compilation by Approximate Back-translation
Publication TypeConference Paper
Year of Publication2016
AuthorsDevriese, Dominique, Patrignani, Marco, Piessens, Frank
Conference NameProceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-3549-2
Keywordscompiler security, compositionality, cross- language logical relations, Fully-abstract compilation, logical relations, Metrics, pubcrawl, Resiliency, Scalability, scalable verification, secure compilation, step-indexed logical relations
Abstract

A compiler is fully-abstract if the compilation from source language programs to target language programs reflects and preserves behavioural equivalence. Such compilers have important security benefits, as they limit the power of an attacker interacting with the program in the target language to that of an attacker interacting with the program in the source language. Proving compiler full-abstraction is, however, rather complicated. A common proof technique is based on the back-translation of target-level program contexts to behaviourally-equivalent source-level contexts. However, constructing such a back-translation is problematic when the source language is not strong enough to embed an encoding of the target language. For instance, when compiling from the simply-typed l-calculus (lt) to the untyped l-calculus (lu), the lack of recursive types in lt prevents such a back-translation. We propose a general and elegant solution for this problem. The key insight is that it suffices to construct an approximate back-translation. The approximation is only accurate up to a certain number of steps and conservative beyond that, in the sense that the context generated by the back-translation may diverge when the original would not, but not vice versa. Based on this insight, we describe a general technique for proving compiler full-abstraction and demonstrate it on a compiler from lt to lu . The proof uses asymmetric cross-language logical relations and makes innovative use of step-indexing to express the relation between a context and its approximate back-translation. We believe this proof technique can scale to challenging settings and enable simpler, more scalable proofs of compiler full-abstraction.

URLhttp://doi.acm.org/10.1145/2837614.2837618
DOI10.1145/2837614.2837618
Citation Keydevriese_fully-abstract_2016