DOCSLIB.ORG

Proceedings of the First NASA Formal Methods Symposium

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Proceedings of the First NASA Formal Methods Symposium NASA/CP-2009-215407 Proceedings of the First NASA Formal Methods Symposium Edited by Ewen Denney Dimitra Giannakopoulou Corina S. Păsăreanu NASA Ames Research Center April 2009 NASA/CP-2009-215407 Proceedings of the First NASA Formal Methods Symposium Edited by Ewen Denney Dimitra Giannakopoulou Corina S. Păsăreanu NASA Ames Research Center National Aeronautics and Space Administration Ames Research Center Moffett Field, California April 2009 Preface This NASA conference publication contains the proceedings of the First NASA Formal Methods Symposium (NFM 2009), held at the NASA Ames Research Center, in Moffett Field, CA, USA, on April 6 – 8, 2009. NFM 2009 is a forum for theoreticians and practitioners from academia and industry, with the goals of identifying challenges and providing solutions to achieving assurance in safety-critical systems. Within NASA, for example, such systems include autonomous robots, separation assurance algorithms for aircraft, and autonomous rendezvous and docking for spacecraft. Moreover, emerging paradigms such as code generation and safety cases are bringing with them new challenges and opportunities. The focus of the symposium is on formal techniques, their theory, current capabilities, and limitations, as well as their application to aerospace, robotics, and other safety-critical systems. The NASA Formal Methods Symposium is a new annual event intended to highlight the state of formal methods’ art and practice. It follows the earlier Langley Formal Methods Workshop series and aims to foster collaboration between NASA researchers and engineers, as well as the wider aerospace, safety-critical and formal methods communities. The specific topics covered by NFM 2009 included but were not limited to: formal verification, including theorem proving, model checking, and static analysis; automated testing and simulation tech- niques; model-based development; techniques and algorithms for scaling formal methods, such as ab- straction and symbolic methods, compositional techniques, as well as parallel and/or distributed tech- niques; code generation; safety cases; accident/safety analysis; formal approaches to fault tolerance; theoretical advances and empirical evaluations of formal methods techniques for safety-critical systems, including hybrid and embedded systems. We considered two types of papers: regular papers describe fully developed work and complete results, and short papers describe interesting work in progress and/or preliminary results. Both categories must describe original work that has not been published elsewhere. We received 47 submissions (26 long papers and 19 short papers) out of which 22 were accepted (14 long, 8 short). All submissions went through a rigorous reviewing process, where each paper received a minimum of 3 reviews. The program selection was performed through an electronic Program Committee meeting. In addition to the refereed papers, the symposium featured five invited talks given by Ed Clarke (CMU, Turing Award 2007) on Model Checking – My 27-year Quest to Overcome the State Explosion Problem, Bill Othon (NASA JSC) on Applying Formal Methods to NASA Projects: Transition from Research to Practice, Leslie Lamport (MSR) on TLA+: Whence, Wherefore, and Whither, Todd Farley (NASA Ames) on Formal Methods Applications in Air Transportation, and John O’Leary (Intel) on TITLE. The program also included a panel discussion on Formal Methods meet NASA needs that was chaired by Mats Heimdahl (U. Minnesota). We would like to thank the program committee members and the external reviewers for their contri- bution in paper selection, and the NFM Organizing Committee for its support in setting up this event. Thanks also go to Allen Dutra, Domenico Bianculli, and Chris Fattarsi for their help with the NFM 2009 local organization and to Geoff Sutcliffe for help with the EasyChair style files. Finally, we thank SGT, in particular Larry Markosian, and CMU West, in particular Jim Morris, for their support. The NFM 2009 website can be found at http://ti.arc.nasa.gov/event/nfm09/. April 2009 Ewen Denney Dimitra Giannakopoulou Corina Pas˘ areanu˘ NFM 2009 Chairs iii Conference Organization General Chairs Ewen Denney, SGT/NASA Ames Dimitra Giannakopoulou, CMU/NASA Ames Corina S. Pas˘ areanu,˘ CMU/NASA Ames Program Committee Gilles Barthe, IMDEA, Madrid Guillaume Brat, NASA Ames Ricky Butler, NASA Langley Charles Consel, INRIA, Bordeaux Krzysztof Czarnecki, U. Waterloo Luca de Alfaro, UC Santa Cruz Ben Di Vito, NASA Langley Matt Dwyer, U. Nebraska Martin Feather, JPL Klaus Havelund, JPL Mats Heimdahl, U. Minnesota Gerard Holzmann, JPL John Kelly, NASA HQ Mike Lowry, NASA Ames John Matthews, Galois Inc. Cesar´ Munoz,˜ NASA Langley John Penix, Google Kristin Yvonne Rozier, NASA Ames Wolfram Schulte, Microsoft Research Koushik Sen, UC Berkeley Natarajan Shankar, SRI Doug Smith, Kestrel Institute Mike Whalen, Rockwell Collins Organizing Committee Ewen Denney, NASA Ames Ben Di Vito, NASA Langley Dimitra Giannakopoulou, NASA Ames Klaus Havelund, JPL Gerard Holzmann, JPL Cesar´ Munoz,˜ NASA Langley Corina S. Pas˘ areanu,˘ NASA Ames James Rash, NASA Goddard Kristin Yvonne Rozier, NASA Ames iv External Reviewers Michal Antkiewicz Thiago Bartolomei Jacob Burnim Zinovy Diskin Alwyn Goodloe Ethan Jackson Nicholas Jalbert Pallavi Joshi Sudeep Juvekar Herman Lee Chang-Seo Park Christos Stergiou v Table of Contents Invited Talks I1. Ed Clarke. Model Checking – My 27-year Quest to Overcome the State Explosion Problem 1 I2. Bill Othon. Applying Formal Methods to NASA Projects: Transition from Research to Practice . 2 I3. Leslie Lamport. TLA+: Whence, Wherefore, and Whither . 3 I4. Todd Farley. Formal Methods Applications in Air Transportation . 4 I5. John O’Leary. Theorem Proving in Intel Hardware Design . 5 Model Checking: Techniques and Applications 1. Matthew Bolton and Ellen Bass. Building a Formal Model of a Human-interactive System: Insights into the Integration of Formal Methods and Human Factors Engineering . 6 2. Emil Vassev, Mike Hinchey and Aaron Quigley. Model Checking for Autonomic Systems Specified with ASSL . 16 3. Yi Wang and Tetsuo Tamai. A Game-Theoretic Approach to Branching Time Abstract- Check-Refine Process . 26 4. Sagar Chaki and James Ivers. Software Model Checking without Source Code . 36 Symbolic Execution and Testing 5. Suzette Person and Matthew Dwyer. Generalized Abstract Symbolic Summaries for Differ- encing Heap-manipulating Programs . 46 6. Mitsuo Takaki, Diego Cavalcanti, Rohit Gheyi, Juliano Iyoda, Marcelo d’Amorim and Ricardo Prudencio.ˆ A Comparative Study of Randomized Constraint Solvers for Random- Symbolic Testing . 56 Design and Specification 7. Tiziana Margaria, Marco Bakera, Christian Wagner, Emil Vassev, Michael Hinchey and Bernhard Steffen. Component-Oriented Behavior Extraction for Autonomic System Design 66 8. Jonathan Nicholson, Epameinondas Gasparis, Amnon Eden and Rick Kazman. Automated Verification of Design Patterns with LePUS3 . 76 9. Yann Glouche, Jean-Pierre Talpin, Paul Le Guernic and Thierry Gautier. A module lan- guage for typing by contracts . 86 10. Benjamin Aziz, Alvaro Arenas, Juan Bicarregui, Christophe Ponsard and Philippe Mas- sonet. From Goal-Oriented Requirements to Event-B Specifications . 96 Analysis: Evaluations and New Developments (Short Papers) 11. Watcharin Leungwattanakit, Cyrille Valentin Artho, Masami Hagiya, Yoshinori Tanabe and Mitsuharu Yamamoto. Introduction of Virtualization Technology to Multi-Process Model Checking . 106 12. David Cachera and David Pichardie. Comparing Techniques for Certified Static Analysis 111 13. Matt Staats. Towards a Framework for Generating Tests to Satisfy Complex Code Cover- age in Java Pathfinder . 116 14. Karthick Jayaraman, David Harvison, Vijay Ganesh and Adam Kiezun. jFuzz: A Concolic Whitebox Fuzzer for Java . 121 vi Deductive Verification 15. Thomas Gothel¨ and Sabine Glesner. Machine-Checkable Timed CSP . 126 16. Marc Daumas, Erik Martin-Dorel, David Lester and Annick Truffert. Stochastic Formal Methods for Hybrid Systems . 136 17. Manuel Barbosa, Jose´ Bacelar Almeida, Jorge Sousa Pinto and Barbara´ Vieira. Deductive Verification of Cryptographic Software . 146 18. Christine Choppy, Micaela Mayero and Laure Petrucci. Coloured Petri net refinement specification, and correctness proof with Coq . 156 Modeling and Synthesis (Short Papers) 19. Alessio Ferrari, Alessandro Fantechi, Stefano Bacherini and Niccolo´ Zingoni. Modeling Guidelines for Code Generation in the Railway Signaling Context . 166 20. Srinivas Nedunuri, William Cook and Douglas Smith. Tactical Synthesis of Efficient Global Search Algorithms . 171 21. Manuela Luminita Bujorianu and Marius Bujorianu. Towards Co-Engineering Communi- cating Autonomous Cyber-physical Systems . 176 22. Juhan Ernits, Richard Dearden and Miles Pebody. Formal Methods for Automated Diag- nosis of Autosub 6000 . 181 vii Model Checking – My 27-year Quest to Overcome the State Explosion Problem Ed Clarke Computer Science Department, Carnegie Mellon University Pittsburgh, PA Turing Award 2007 Abstract Model Checking is an automatic verification technique for state-transition systems that are finite- state or that have finite-state abstractions. In the early 1980’s in a series of joint papers with my graduate students E.A. Emerson and A.P. Sistla, we proposed that Model Checking could be used for verifying concurrent systems and gave algorithms for this purpose. At roughly the same time, Joseph Sifakis and his student J.P. Queille at the University of Grenoble independently developed
Load more

Recommended publications
  • Tarjan Transcript Final with Timestamps
    A.M. Turing Award Oral History Interview with Robert (Bob) Endre Tarjan by Roy Levin San Mateo, California July 12, 2017 Levin: My name is Roy Levin. Today is July 12th, 2017, and I’m in San Mateo, California at the home of Robert Tarjan, where I’ll be interviewing him for the ACM Turing Award Winners project. Good afternoon, Bob, and thanks for spending the time to talk to me today. Tarjan: You’re welcome. Levin: I’d like to start by talking about your early technical interests and where they came from. When do you first recall being interested in what we might call technical things? Tarjan: Well, the first thing I would say in that direction is my mom took me to the public library in Pomona, where I grew up, which opened up a huge world to me. I started reading science fiction books and stories. Originally, I wanted to be the first person on Mars, that was what I was thinking, and I got interested in astronomy, started reading a lot of science stuff. I got to junior high school and I had an amazing math teacher. His name was Mr. Wall. I had him two years, in the eighth and ninth grade. He was teaching the New Math to us before there was such a thing as “New Math.” He taught us Peano’s axioms and things like that. It was a wonderful thing for a kid like me who was really excited about science and mathematics and so on. The other thing that happened was I discovered Scientific American in the public library and started reading Martin Gardner’s columns on mathematical games and was completely fascinated.
    [Show full text]
  • 1. Course Information Are Handed Out
    6.826—Principles of Computer Systems 2006 6.826—Principles of Computer Systems 2006 course secretary's desk. They normally cover the material discussed in class during the week they 1. Course Information are handed out. Delayed submission of the solutions will be penalized, and no solutions will be accepted after Thursday 5:00PM. Students in the class will be asked to help grade the problem sets. Each week a team of students Staff will work with the TA to grade the week’s problems. This takes about 3-4 hours. Each student will probably only have to do it once during the term. Faculty We will try to return the graded problem sets, with solutions, within a week after their due date. Butler Lampson 32-G924 425-703-5925 [email protected] Policy on collaboration Daniel Jackson 32-G704 8-8471 [email protected] We encourage discussion of the issues in the lectures, readings, and problem sets. However, if Teaching Assistant you collaborate on problem sets, you must tell us who your collaborators are. And in any case, you must write up all solutions on your own. David Shin [email protected] Project Course Secretary During the last half of the course there is a project in which students will work in groups of three Maria Rebelo 32-G715 3-5895 [email protected] or so to apply the methods of the course to their own research projects. Each group will pick a Office Hours real system, preferably one that some member of the group is actually working on but possibly one from a published paper or from someone else’s research, and write: Messrs.
    [Show full text]
  • The Growth of Cryptography
    The growth of cryptography Ronald L. Rivest Viterbi Professor of EECS MIT, Cambridge, MA James R. Killian Jr. Faculty Achievement Award Lecture February 8, 2011 Outline Some pre-1976 context Invention of Public-Key Crypto and RSA Early steps The cryptography business Crypto policy Attacks More New Directions What Next? Conclusion and Acknowledgments Outline Some pre-1976 context Invention of Public-Key Crypto and RSA Early steps The cryptography business Crypto policy Attacks More New Directions What Next? Conclusion and Acknowledgments The greatest common divisor of two numbers is easily computed (using “Euclid’s Algorithm”): gcd(12; 30) = 6 Euclid – 300 B.C. There are infinitely many primes: 2, 3, 5, 7, 11, 13, . Euclid – 300 B.C. There are infinitely many primes: 2, 3, 5, 7, 11, 13, . The greatest common divisor of two numbers is easily computed (using “Euclid’s Algorithm”): gcd(12; 30) = 6 Greek Cryptography – The Scytale An unknown period (the circumference of the scytale) is the secret key, shared by sender and receiver. Euler’s Theorem (1736): If gcd(a; n) = 1, then aφ(n) = 1 (mod n) ; where φ(n) = # of x < n such that gcd(x; n) = 1. Pierre de Fermat (1601-1665) Leonhard Euler (1707–1783) Fermat’s Little Theorem (1640): For any prime p and any a, 1 ≤ a < p: ap−1 = 1 (mod p) Pierre de Fermat (1601-1665) Leonhard Euler (1707–1783) Fermat’s Little Theorem (1640): For any prime p and any a, 1 ≤ a < p: ap−1 = 1 (mod p) Euler’s Theorem (1736): If gcd(a; n) = 1, then aφ(n) = 1 (mod n) ; where φ(n) = # of x < n such that gcd(x; n) = 1.
    [Show full text]
  • The RSA Algorithm
    The RSA Algorithm Evgeny Milanov 3 June 2009 In 1978, Ron Rivest, Adi Shamir, and Leonard Adleman introduced a cryptographic algorithm, which was essentially to replace the less secure National Bureau of Standards (NBS) algorithm. Most impor- tantly, RSA implements a public-key cryptosystem, as well as digital signatures. RSA is motivated by the published works of Diffie and Hellman from several years before, who described the idea of such an algorithm, but never truly developed it. Introduced at the time when the era of electronic email was expected to soon arise, RSA implemented two important ideas: 1. Public-key encryption. This idea omits the need for a \courier" to deliver keys to recipients over another secure channel before transmitting the originally-intended message. In RSA, encryption keys are public, while the decryption keys are not, so only the person with the correct decryption key can decipher an encrypted message. Everyone has their own encryption and decryption keys. The keys must be made in such a way that the decryption key may not be easily deduced from the public encryption key. 2. Digital signatures. The receiver may need to verify that a transmitted message actually origi- nated from the sender (signature), and didn't just come from there (authentication). This is done using the sender's decryption key, and the signature can later be verified by anyone, using the corresponding public encryption key. Signatures therefore cannot be forged. Also, no signer can later deny having signed the message. This is not only useful for electronic mail, but for other electronic transactions and transmissions, such as fund transfers.
    [Show full text]
  • A Library of Graph Algorithms and Supporting Data Structures
    Washington University in St. Louis Washington University Open Scholarship All Computer Science and Engineering Research Computer Science and Engineering Report Number: WUCSE-2015-001 2015-01-19 Grafalgo - A Library of Graph Algorithms and Supporting Data Structures Jonathan Turner This report provides an overview of Grafalgo, an open-source library of graph algorithms and the data structures used to implement them. The programs in this library were originally written to support a graduate class in advanced data structures and algorithms at Washington University. Because the code's primary purpose was pedagogical, it was written to be as straightforward as possible, while still being highly efficient. afalgoGr is implemented in C++ and incorporates some features of C++11. The library is available on an open-source basis and may be downloaded from https://code.google.com/p/grafalgo/. Source code documentation is at www.arl.wustl.edu/~jst/doc/grafalgo. While not designed as... Read complete abstract on page 2. Follow this and additional works at: https://openscholarship.wustl.edu/cse_research Part of the Computer Engineering Commons, and the Computer Sciences Commons Recommended Citation Turner, Jonathan, "Grafalgo - A Library of Graph Algorithms and Supporting Data Structures" Report Number: WUCSE-2015-001 (2015). All Computer Science and Engineering Research. https://openscholarship.wustl.edu/cse_research/242 Department of Computer Science & Engineering - Washington University in St. Louis Campus Box 1045 - St. Louis, MO - 63130 - ph: (314) 935-6160. This technical report is available at Washington University Open Scholarship: https://openscholarship.wustl.edu/ cse_research/242 Grafalgo - A Library of Graph Algorithms and Supporting Data Structures Jonathan Turner Complete Abstract: This report provides an overview of Grafalgo, an open-source library of graph algorithms and the data structures used to implement them.
    [Show full text]
  • Leonard (Len) Max Adleman 2002 Recipient of the ACM Turing Award Interviewed by Hugh Williams August 18, 2016
    Leonard (Len) Max Adleman 2002 Recipient of the ACM Turing Award Interviewed by Hugh Williams August 18, 2016 HW: = Hugh Williams (Interviewer) LA = Len Adelman (ACM Turing Award Recipient) ?? = inaudible (with timestamp) or [ ] for phonetic HW: My name is Hugh Williams. It is the 18th day of August in 2016 and I’m here in the Lincoln Room of the Law Library at the University of Southern California. I’m here to interview Len Adleman for the Turing Award winners’ project. Hello, Len. LA: Hugh. HW: I’m going to ask you a series of questions about your life. They’ll be divided up roughly into about three parts – your early life, your accomplishments, and some reminiscing that you might like to do with regard to that. Let me begin with your early life and ask you to tell me a bit about your ancestors, where they came from, what they did, say up to the time you were born. LA: Up to the time I was born? HW: Yes, right. LA: Okay. What I know about my ancestors is that my father’s father was born somewhere in modern-day Belarus, the Minsk area, and was Jewish, came to the United States probably in the 1890s. My father was born in 1919 in New Jersey. He grew up in the Depression, hopped freight trains across the country, and came to California. And my mother is sort of an unknown. The only thing we know about my mother’s ancestry is a birth certificate, because my mother was born in 1919 and she was an orphan, and it’s not clear that she ever met her parents.
    [Show full text]
  • RON RIVEST Viterbi Professor of Computer Science, MIT's Department of Electrical Engineering and Computer Science
    Feb 1st 10:30 am - noon, Newcomb Hall, South Meeting Room RON RIVEST Viterbi Professor of Computer Science, MIT's Department of Electrical Engineering and Computer Science Security of Voting Systems While running an election sounds simple, it is in fact extremely challenging. Not only are there millions of voters to be authenticated and millions of votes to be carefully collected, count- ed, and stored, there are now millions of "voting machines" containing millions of lines of code to be evaluated for security vulnerabilities. Moreover, voting systems have a unique requirement: the voter must not be given a "receipt" that would allow them to prove how they voted to some- one else---otherwise the voter could be coerced or bribed into voting a certain way. The lack of receipts makes the security of voting system much more challenging than, say, the security of banking systems (where receipts are the norm). We discuss some of the recent trends and innovations in voting systems, as well as some of the new requirements being placed upon voting systems in the U.S., and describe some promising directions for resolving the conflicts inherent in voting system requirements, including some approaches based on cryptography. Professor Rivest is the Viterbi Professor of Computer Science in MIT's Department of Electrical Engineering and Computer Science. He is a member of MIT's Computer Science and Artificial Intelligence Laboratory, and Head of its Center for Information Security and Privacy. Professor Rivest has research interests in cryptography, computer and network security, and algo- rithms. Professor Rivest is an inventor, with Adi Shamir and Len Adleman of the RSA public-key cryp- tosystem, and a co-founder of RSA Data Security.
    [Show full text]
  • IACR Fellows Ceremony Crypto 2010
    IACR Fellows Ceremony Crypto 2010 www.iacr.org IACR Fellows Program (°2002): recognize outstanding IACR members for technical and professional contributions that: Advance the science, technology, and practice of cryptology and related fields; Promote the free exchange of ideas and information about cryptology and related fields; Develop and maintain the professional skill and integrity of individuals in the cryptologic community; Advance the standing of the cryptologic community in the wider scientific and technical world and promote fruitful relationships between the IACR and other scientific and technical organizations. IACR Fellows Selection Committee (2010) Hugo Krawczyk (IBM Research) Ueli Maurer (IBM Zurich) Tatsuaki Okamoto (NTT research), chair Ron Rivest (MIT) Moti Yung (Google Inc and Columbia University) Current IACR Fellows Tom Berson Ueli Maurer G. Robert Jr. Blakley Kevin McCurley Gilles Brassard Ralph Merkle David Chaum Silvio Micali Don Coppersmith Moni Naor Whitfield Diffie Michael O. Rabin Oded Goldreich Ron Rivest Shafi Goldwasser Martin Hellman Adi Shamir Hideki Imai Gustavus (Gus) Simmons Arjen K. Lenstra Jacques Stern James L. Massey New IACR Fellows in 2010 Andrew Clark Ivan Damgård Yvo Desmedt Jean-Jacques Quisquater Andrew Yao Ivan Damgard IACR Fellow, 2010 For fundamental contributions to cryptography, for sustained educational leadership in cryptography, and for service to the IACR. Jean-Jacques Quisquater IACR Fellow, 2010 For basic contributions to cryptographic hardware and to cryptologic education and for
    [Show full text]
  • Oral History Interview with Martin Hellman
    An Interview with MARTIN HELLMAN OH 375 Conducted by Jeffrey R. Yost on 22 November 2004 Palo Alto, California Charles Babbage Institute Center for the History of Information Technology University of Minnesota, Minneapolis Copyright 2004, Charles Babbage Institute Martin Hellman Interview 22 November 2004 Oral History 375 Abstract Leading cryptography scholar Martin Hellman begins by discussing his developing interest in cryptography, factors underlying his decision to do academic research in this area, and the circumstances and fundamental insights of his invention of public key cryptography with collaborators Whitfield Diffie and Ralph Merkle at Stanford University in the mid-1970s. He also relates his subsequent work in cryptography with Steve Pohlig (the Pohlig-Hellman system) and others. Hellman addresses his involvement with and the broader context of the debate about the federal government’s cryptography policy—regarding to the National Security Agency’s (NSA) early efforts to contain and discourage academic work in the field, the Department of Commerce’s encryption export restrictions (under the International Traffic of Arms Regulation, or ITAR), and key escrow (the so-called Clipper chip). He also touches on the commercialization of cryptography with RSA Data Security and VeriSign, as well as indicates some important individuals in academe and industry who have not received proper credit for their accomplishments in the field of cryptography. 1 TAPE 1 (Side A) Yost: My name is Jeffrey Yost. I am from the Charles Babbage Institute and am here today with Martin Hellman in his home in Stanford, California. It’s November 22nd 2004. Yost: Martin could you begin by giving a brief biographical background of yourself—of where you were born and where you grew up? Hellman: I was born October 2nd 1945 in New York City.
    [Show full text]
  • Alan Mathison Turing and the Turing Award Winners
    Alan Turing and the Turing Award Winners A Short Journey Through the History of Computer TítuloScience do capítulo Luis Lamb, 22 June 2012 Slides by Luis C. Lamb Alan Mathison Turing A.M. Turing, 1951 Turing by Stephen Kettle, 2007 by Slides by Luis C. Lamb Assumptions • I assume knowlege of Computing as a Science. • I shall not talk about computing before Turing: Leibniz, Babbage, Boole, Gödel... • I shall not detail theorems or algorithms. • I shall apologize for omissions at the end of this presentation. • Comprehensive information about Turing can be found at http://www.mathcomp.leeds.ac.uk/turing2012/ • The full version of this talk is available upon request. Slides by Luis C. Lamb Alan Mathison Turing § Born 23 June 1912: 2 Warrington Crescent, Maida Vale, London W9 Google maps Slides by Luis C. Lamb Alan Mathison Turing: short biography • 1922: Attends Hazlehurst Preparatory School • ’26: Sherborne School Dorset • ’31: King’s College Cambridge, Maths (graduates in ‘34). • ’35: Elected to Fellowship of King’s College Cambridge • ’36: Publishes “On Computable Numbers, with an Application to the Entscheindungsproblem”, Journal of the London Math. Soc. • ’38: PhD Princeton (viva on 21 June) : “Systems of Logic Based on Ordinals”, supervised by Alonzo Church. • Letter to Philipp Hall: “I hope Hitler will not have invaded England before I come back.” • ’39 Joins Bletchley Park: designs the “Bombe”. • ’40: First Bombes are fully operational • ’41: Breaks the German Naval Enigma. • ’42-44: Several contibutions to war effort on codebreaking; secure speech devices; computing. • ’45: Automatic Computing Engine (ACE) Computer. Slides by Luis C.
    [Show full text]
  • Contents 1 a Brief Introduction to Cryptography
    RSA Catherine Easton July 2007 VIGRE REU at the University of Chicago, Apprentice Program Abstract This paper examines the mathematics of the RSA code through a simple example. Contents 1 A Brief Introduction to Cryptography 1 2 RSA 2 2.1 Keys needed in RSA . 2 2.2 RSA Encryption . 2 2.3 RSA decryption . 4 1 A Brief Introduction to Cryptography In the classical explanation of cryptography, Alice wishes to write a message to Bob, but Eve continues to intercept her messages. Alice and Bob decide to encrypt their messages. Alice and Bob can meet in person and exchange a key. With this informa- tion, they can both encrypt and decrypt messages to each other. Even if Eve manages to intercept a message, she will not be able to gain any information from it, seeing as it is encoded and she does not know the key necessary for decryption. This scenario uses private-key cryptography. Now, however, let us assume that it is impossible for Alice and Bob to meet, and that they are therefore unable to exchange the key. Obviously, Alice cannot send Bob the key, seeing as their messages are being intercepted by Eve, who would then know the key as well. To overcome this barrier, Alice and Bob must use public-key cryptography. Bob selects both an encryption function and a cor- responding decryption function. He sends only the encryption function to Alice. 1 She then uses the encryption function to encrypt her message. Once her message is encrypted, Alice herself is unable to decrypt it.
    [Show full text]
  • “MIT Unlocks Cryptography for the Masses” How MIT People Played a Major Role in the Early Development of Public Key Cryptography
    “MIT Unlocks Cryptography for the Masses” How MIT people played a major role in the early development of public key cryptography. by Ed Radlo ‘67 May 30, 2020 1 Why is PKC important? It’s what made it possible to conduct confidential (encrypted) communications over open (unsecure) networks, most notably the Internet. • enabled e-commerce • enabled confidential (encrypted) e-mails over unsecure networks PKC is a two-sided coin: encryption and authentication. • Running the algorithm in forward gives encryption. • Running the algorithm in reverse gives authentication. Authentication, implemented by digital signatures, gives three things: 1. mathematical proof that the message hasn’t been altered 2. mathematical proof that the nominal sender was the actual sender 3. the sender can’t repudiate that s/he sent the message 2 History of Encryption Has been around for thousands of years. • Used by Egyptians and Phoenicians in 2000 B.C. • Mostly military applications. • Same key used for encryption and decryption (symmetric cryptography). • PKC is asymmetric cryptography. In the 1970’s, computers became increasingly widespread. • DES was the first widely used commercial encryption algorithm developed by IBM symmetric NBS (now NIST) made it a government standard in 1977 NSA made it intentionally weak o government had a monopoly until 1970’s o fear that encryption would get in the wrong hands 3 The Public Key Revolution PKC per se invented by Whitfield Diffie and Martin Hellman in 1976. • Whit Diffie – MIT ‘65 • Marty Hellman – assistant professor of Electrical Engineering at MIT (1969 – 1971) Three parts to the invention: 1. key broken into two – public portion and private portion computationally infeasible to derive the private key from the public key Rivest and Hellman also credit Ralph Merkle with this part 2.
    [Show full text]