• Publications
  • Influence
Mobile values, new names, and secure communication
A simple, general extension of the pi calculus with value passing, primitive functions, and equations among terms is introduced, and semantics and proof techniques for this extended language are developed and applied in reasoning about some security protocols. Expand
The reflexive CHAM and the join-calculus
By adding reflexion to the chemical machine of Berry and Boudol, we obtain a formal model of concurrency that is consistent with mobility and distribution. Our model provides the foundations of aExpand
VC3: Trustworthy Data Analytics in the Cloud Using SGX
We present VC3, the first system that allows users to run distributed MapReduce computations in the cloud while keeping their code and data secret, and ensuring the correctness and completeness ofExpand
Oblivious Multi-Party Machine Learning on Trusted Processors
This work proposes data-oblivious machine learning algorithms for support vector machines, matrix factorization, neural networks, decision trees, and k-means clustering and shows that their efficient implementation based on Intel Skylake processors scales up to large, realistic datasets, with overheads several orders of magnitude lower than with previous approaches. Expand
Automated verification of selected equivalences for security protocols
This work focuses on proving equivalences P/spl ap/Q in which P and Q are two processes that differ only in the choice of some terms, and shows how to treat them as predicates on the behaviors of a process that represents P andQ at the same time. Expand
The Join Calculus: A Language for Distributed Mobile Programming
It is argued that equivalences for the join calculus can be rationally organized into a five-tiered hierarchy, with some trade-off between expressiveness and proof techniques. Expand
Modern concurrency abstractions for C#
The design and implementation of the Polyphonic C language is described and examples of its use in addressing a range of concurrent programming problems are given. Expand
Formal Verification of Smart Contracts: Short Paper
This paper outlines a framework to analyze and verify both the runtime safety and the functional correctness of Ethereum contracts by translation to F*, a functional programming language aimed at program verification. Expand
Design and Semantics of a Decentralized Authorization Language
This work describes an execution strategy based on translation to datalog with constraints, and table-based resolution that is sound, complete, and always terminates, despite recursion and negation, as long as simple syntactic conditions are met. Expand
SecPAL: Design and semantics of a decentralized authorization language
An execution strategy based on translation to Datalog with Constraints, and table-based resolution is described, showing that this execution strategy is sound, complete, and always terminates, despite recursion and negation, as long as simple syntactic conditions are met. Expand