A framework for executable UC specifications.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

120 lines
5.5KB

  1. module Yggdrasil.Security where
  2. open import Agda.Builtin.FromNat using (Number)
  3. import Data.Nat.Literals as ℕLit
  4. import Data.Rational.Literals as ℚLit
  5. import Data.Integer.Literals as ℤLit
  6. open import Data.List using (_∷_; []; map)
  7. open import Data.Product using (_×_; Σ; Σ-syntax; proj₁; proj₂; ∃; ∃-syntax) renaming (_,_ to ⟨_,_⟩)
  8. open import Data.Nat using (ℕ; zero; suc; _≤_; _^_)
  9. open import Data.Integer using (ℤ)
  10. open import Data.Maybe using (Maybe) renaming (map to mmap)
  11. open import Data.Unit using (⊤; tt)
  12. open import Data.Rational using (ℚ)
  13. open import Function using (_∘_)
  14. open import Level using (Level; Lift; lift) renaming (suc to lsuc)
  15. open import Relation.Binary.PropositionalEquality using (_≡_; _≢_; refl)
  16. open import Relation.Nullary.Decidable using (fromWitnessFalse)
  17. open import Yggdrasil.List using (_∈_; here; there; with-proof; map≡-implies-∈≡)
  18. open import Yggdrasil.World using (WorldType; WorldState; World; Oracle; Call; Strategy; Node; Action; weaken; call; call↓; _↑_; stnode; _∷_; []; ⌊exec⌋; _⊑_; Query; _∈↑_; abort; dist; _>>=_; call↯; query; path; _↑; strat)
  19. open import Yggdrasil.Probability using (Dist; _>>=_; pure; _≈[_]≈_)
  20. open import Yggdrasil.Rational using (_÷_)
  21. open WorldType
  22. open Node
  23. open Strategy
  24. instance
  25. ℕnumber : Number ℕ
  26. ℕnumber = ℕLit.number
  27. ℤnumber : Number ℤ
  28. ℤnumber = ℤLit.number
  29. ℚnumber : Number ℚ
  30. ℚnumber = ℚLit.number
  31. data Guess {ℓ : Level} : Set ℓ where
  32. real? ideal? : Guess
  33. data Action↯ {ℓ : Level} (Γᵢ Γᵣ : WorldType ℓ)
  34. {hon-≡ : map weaken (hon Γᵢ) ≡ map weaken (hon Γᵣ)} : Set ℓ →
  35. Set (lsuc ℓ) where
  36. query : ∀ {Γ′ q} → q ∈ qry (node Γ′) → Γ′ ⊑ Γᵢ → (x : Query.A q) → Action↯ Γᵢ Γᵣ (Query.B q x)
  37. abort : ∀ {A} → Action↯ Γᵢ Γᵣ A
  38. dist : ∀ {A} → Dist A → Action↯ Γᵢ Γᵣ A
  39. call↯ : ∀ {Γ′} {f : Call ℓ (node Γ′)} → f ∈ (adv Γ′) → Γ′ ⊑ Γᵣ → (x : Call.A f) →
  40. Action↯ Γᵢ Γᵣ (Call.B f x)
  41. _>>=_ : ∀ {A B} → Action↯ Γᵢ Γᵣ {hon-≡} A → (A → Action↯ Γᵢ Γᵣ {hon-≡} B) →
  42. Action↯ Γᵢ Γᵣ B
  43. record Simulator {ℓ : Level} (Γᵢ Γᵣ : WorldType ℓ) : Set (lsuc ℓ) where
  44. field
  45. hon-≡ : map weaken (hon Γᵢ) ≡ map weaken (hon Γᵣ)
  46. state : Set ℓ
  47. initial : state
  48. call↯-map : ∀ {Γ′} {f : Call ℓ (node Γ′)} → f ∈ (adv Γ′) → Γ′ ⊑ Γᵢ →
  49. (x : Call.A f) → Action↯ Γᵢ Γᵣ {hon-≡} (Call.B f x)
  50. query-map : ∀ {q} → q ∈↑ Γᵣ → (x : Query.A q) → Action↯ Γᵢ Γᵣ {hon-≡} (Query.B q x)
  51. open Simulator
  52. Actionᵢ⇒Actionᵣ : ∀ {ℓ : Level} {Γᵢ Γᵣ : WorldType ℓ} {A : Set ℓ} →
  53. Simulator Γᵢ Γᵣ → Oracle Γᵢ → ℕ → Action Γᵢ A → Action Γᵣ A
  54. Action↯⇒Action : ∀ {ℓ : Level} {Γᵢ Γᵣ : WorldType ℓ} {A : Set ℓ} →
  55. (S : Simulator Γᵢ Γᵣ) → Oracle Γᵢ → ℕ → Action↯ Γᵢ Γᵣ {hon-≡ S} A → Action Γᵣ A
  56. Actionᵢ⇒Actionᵣ _ _ zero _ = abort
  57. Actionᵢ⇒Actionᵣ S O (suc g) ((call↓ ∈Γᵢ x) ↑) with map≡-implies-∈≡ (hon-≡ S) ∈Γᵢ
  58. ... | ⟨ _ , ⟨ ∈Γᵣ , refl ⟩ ⟩ = call↓ ∈Γᵣ x ↑
  59. Actionᵢ⇒Actionᵣ _ _ _ abort = abort
  60. Actionᵢ⇒Actionᵣ _ _ _ (dist D) = dist D
  61. Actionᵢ⇒Actionᵣ S O (suc g) (call↯ ∈Γ Γ⊑ x) = Action↯⇒Action S O g (call↯-map S ∈Γ Γ⊑ x)
  62. Actionᵢ⇒Actionᵣ S O (suc g) (α >>= β) = (Actionᵢ⇒Actionᵣ S O (suc g) α) >>=
  63. (Actionᵢ⇒Actionᵣ S O g ∘ β)
  64. Action↯⇒Action _ _ zero _ = abort
  65. Action↯⇒Action S O (suc g) (query ∈Γ Γ⊑ x) = Actionᵢ⇒Actionᵣ S O g (O (path Γ⊑ ∈Γ) x)
  66. Action↯⇒Action _ _ _ abort = abort
  67. Action↯⇒Action _ _ _ (dist D) = dist D
  68. Action↯⇒Action _ _ _ (call↯ ∈Γ Γ⊑ x) = call↯ ∈Γ Γ⊑ x
  69. Action↯⇒Action S O (suc g) (α >>= β) = (Action↯⇒Action S O (suc g) α) >>=
  70. (Action↯⇒Action S O g ∘ β)
  71. extract-oracle : ∀ {ℓ Γᵢ Γᵣ} → Simulator {ℓ} Γᵢ Γᵣ → Oracle Γᵢ → ℕ → Oracle Γᵣ
  72. extract-oracle S O g ∈Γ x = Action↯⇒Action S O g (query-map S ∈Γ x)
  73. simulated-strategy : ∀ {ℓ Γᵢ Γᵣ A} → Simulator {ℓ} Γᵢ Γᵣ → Strategy Γᵢ A → ℕ →
  74. Strategy Γᵣ A
  75. simulated-strategy S str g = strat
  76. (Actionᵢ⇒Actionᵣ S (oracle str) g (init str))
  77. (extract-oracle S (oracle str) g)
  78. record Challenge {ℓ : Level} : Set (lsuc ℓ) where
  79. field
  80. Γᵢ : WorldType ℓ
  81. Γᵣ : WorldType ℓ
  82. Σᵢ : WorldState Γᵢ
  83. Σᵣ : WorldState Γᵣ
  84. sim : Simulator Γᵢ Γᵣ
  85. record Adv[_]≤_ {ℓ : Level} (c : Challenge {ℓ}) (ε : ℚ) :
  86. Set (lsuc (lsuc ℓ)) where
  87. field
  88. g-exec-min : ℕ
  89. g-sim-min : ℕ
  90. proof : (g-exec g-sim : ℕ) → g-exec-min ≤ g-exec → g-sim-min ≤ g-sim →
  91. (str : Strategy (Challenge.Γᵢ c) Guess) →
  92. (⌊exec⌋ str (Challenge.Σᵢ c) g-exec)
  93. ≈[ ε ]≈
  94. (⌊exec⌋ (simulated-strategy (Challenge.sim c) str g-sim) (Challenge.Σᵣ c)
  95. g-exec)
  96. Perfect : {ℓ : Level} → Challenge {ℓ} → Set (lsuc (lsuc ℓ))
  97. Perfect c = Adv[ c ]≤ 0
  98. private
  99. ^≢0 : ∀ {n m} → (suc n) ^ m ≢ 0
  100. ^≢0 {n} {zero} ()
  101. ^≢0 {n} {suc m} ()
  102. Computational : {ℓ : Level} → ℕ → (ℕ → Challenge {ℓ}) → Set (lsuc (lsuc ℓ))
  103. Computational κ f = Adv[ f κ ]≤ (_÷_ 1 (2 ^ κ) {fromWitnessFalse (^≢0 {1} {κ})})