DIENS

Séminaires des Equipes

Les équipes organisent leurs propres séminaires thématiques

Cascade Parkas Talgo Valda Willow

Séminaire Général du DIENS

Ce séminaire rassemble des exposés généraux conçus pour être accessibles à tous (élèves/étudiants, doctorants, chercheurs).
Une participation régulière pendant la scolarité à ENS (environ 24 séminaires) peut permettre d’obtenir 3 ECTS pour le diplôme de l’ENS. L’élève/étudiant devra veiller que ses coordonnées soient bien inscrites sur la feuille de présence lors de chaque séminaire et demander la validation de ces ECTS lors de sa dernière année de scolarité.
La personne responsable est Marc Pouzet.
Les exposés ont lieu au 45, rue d'Ulm, 75005 Paris, en général "Salle Henri Cartan", et certains sont filmés et consultables sur : savoirs.ens.fr

2021

Sémantique et Programmation Quantique

Marc DE VISME (INRIA Paris Saclay - Equipe QUACS)

Mercredi 08 Décembre 2021 à 17h00

Salle Henri Cartan

Lors de ce séminaire, nous allons aborder trois approches fondamentalement différentes pour la sémantique des langages de programmation, ainsi que les liens qui les unissent : la sémantique opérationnelle, qui suit pas-à-pas l'évolution du programme, la sémantique relationnelle, qui donne une table de correspondance entre les valeurs d'entrée et de sortie du programme, et la sémantique des jeux, qui s'intéresse aux interactions entre le programme et son environnement. Nous allons ensuite voir comment mettre en œuvre chacune de ces sémantiques dans le cadre des langages de programmation quantique.

Présentation d'un projet d'un an de réalisation d'un jeu vidéo

Guillaume Bertholon, Dorian Lesbre, Baptiste Mouillon

Mercredi 01 Décembre 2021

Salle Henri Cartan

L'an dernier nous sommes plusieurs à avoir fait une césure pour créer un jeu vidéo. Nous vous présenterons les différentes étapes de ce projet, ainsi que le problèmes informatiques auxquels nous avons été confrontés. Du dessin avec OpenGL, à la réalisation d'un moteur physique en passant par l'intelligence artificielle des PNJ, ce projet nous aura fait mettre en pratique beaucoup de connaissances théoriques d'Informatique. Séminaire repoussé à une date ultérieure

Problèmes de Consensus : du calcul distribué à la théorie du contrôle

Bernadette CHARRON-BOST (DI - Equipe Antique)

Mercredi 10 Novembre 2021 à 17h00

Salle Henri Cartan

Les problèmes de consensus apparaissent dans un grand nombre de systèmes multi-agents, qu'ils soient naturels ou artificiels : les agents doivent, par exemple, se coordonner afin de se synchroniser ou encore adopter un même état mémoire.

Dans tout problème de consensus, les agents possèdent chacun une variable de sortie et doivent finir par s'accorder sur une valeur commune pour toutes ces variables. Au delà de cette clause commune d'accord, les problèmes de consensus diffèrent essentiellement de par la propriété de stabilité exigée pour les variables de sortie. Ainsi peut-on demander à chaque agent de prendre une décision irrévocable (ce qui correspond au cas où les variables de sortie sont à écriture unique). On peut affaiblir cette condition en autorisant les agents à modifier leur décision un nombre fini de fois. Ou encore leur permettre de changer d'avis infiniment souvent, auquel cas les variables de sortie doivent simplement converger vers une valeur de sortie limite commune. On parle ainsi de consensus irrévocable, de consensus stabilisant ou de consensus asymptotique.

J'examinerai sous quelle forme ces différents problèmes de consensus apparaissent selon le type d'applications considérées : alors que le consensus irrévocable est requis dans les techniques de réplication pour la tolérance aux fautes, seul un consensus asymptotique est nécessaire pour nombre de problèmes en contrôle distribué, en optimisation distribuée ou encore pour la modélisation de phénomènes naturels de synchronisation (e.g., nuées d'oiseaux, scintillement de lucioles). Quant au consensus de Nakamoto au cœur de la technologie blockchain, sa clause de stabilité se situe entre celle du consensus irrévocable et celle du consensus stabilisant dans la hiérarchie décrite plus haut.

Dans une seconde partie, je présenterai les résultats majeurs de calculabilité et de complexité pour ces différents problèmes de consensus : le théorème d'impossibilité de Fischer, Lynch et Paterson (FLP) pour les systèmes asynchrones, le théorème dit des ``généraux byzantins'' de Shostak, Pease et Lamport et le résultat spectaculaire de Moreau, prouvant la supériorité des interactions symétriques. J'esquisserai les techniques très variées mises en œuvre pour établir ces différents résultats et expliquerai comment mon travail se situe et s'articule autour de ces résultats centraux.

Soutenance de thèse : The security of the One-More Discrete-Logarithm assumption and Blind Schnorr Signatures

Antoine Plouviez (CASCADE, DIENS, ENS-PSL)

Vendredi 29 Octobre 2021 à 16h00

https://www.gotomeet.me/david-pointcheval/phd-antoine-plouviez

Jury :

Georg Fuchsbauer, TU Wien (Directeur de thèse)
David Pointcheval, CNRS, École Normale Supérieure (Directeur de thèse)
Marc Fischlin, TU Darmstadt (Rapporteur)
Damien Vergnaud, Sorbonne Université (Rapporteur)
Yannick Seurin, ANSSI (Examinateur)
Esha Ghosh, Microsoft Research (Examinatrice)

Résumé

L’hypothèse de sécurité appelée "one more-discrete logarithm" (OMDL) est centrale dans l’analyse de sécurité des protocoles d’identification, les signatures aveugles ainsi que les récentes multi-signatures MuSig2. Malgré sa grande utilisation, il est surprenant que OMDL n’a jamais été rigoureusement analysée. Dans cette thèse, nous donnons une preuve rigoureuse de OMDL dans le Modèle du Groupe Générique (GGM) ainsi que d’autres hypothèses en lien. Les signatures de Schnorr aveugles sont un protocole qui permet d’envoyer à l’aveugle des signatures de Schnorr, qui sont parmi les signatures les plus utilisées. De même que OMDL, en dépit de leur utilité pratique, l’analyse de sécurité (basée sur OMDL) de ces signatures est insatisfaisant. Nous analysons la sécurité de ces protocoles dans le Modèle du Groupe Algébrique (AGM), qui est un modèle idéalisé plus proche du modèle standard que du GGM. Pour le renforcer, nous proposons une modification simple du protocole de signature, qui laisse les signatures inchangées.

Abstract

The one more-discrete logarithm assumption (OMDL) is central to the security analysis of identification protocols, blind signatures and multi-signature schemes, most notably blind Schnorr signatures and the recent MuSig2 multi-signatures. Despite its wide use, surprisingly, OMDL is lacking any rigorous analysis. In this work we give rigorous proofs in the Generic Group Model of OMDL and a related assumption. The Schnorr blind signing protocol allows blind issuing of Schnorr signatures, one of the most widely used signatures. As for OMDL, despite its practical relevance, its security analysis (based on OMDL) is unsatisfactory. We analyze the security of these schemes in the algebraic group model (AGM), an idealized model closer to the standard model than the GGM.

Soutenance de thèse : Attacks and Proofs for PAKE Protocols

Petra Sala (Univ. Luxembourg & Security, DIENS, ENS/PSL)

Mercredi 15 Septembre 2021 à 18h00

https://unilu.webex.com/unilu/onstage/g.php?MTID=eaacdfa9f2eef913f3fe31ab968d1e7a6

Jury:

Prof. David Naccach, Ecole normale supérieure (ENS) Paris (Co-supervisor)
Prof. Peter Y.A. Ryan, University of Luxembourg, (Supervisor)
Prof. Michel Abdalla, Ecole normale supérieure (ENS) Paris
Prof. Jean-Sebastien Coron, University of Luxembourg (Chairman)
Prof. Manuel Borbosa, University of Porto
Prof. Marc Joye, Zama
Prof. Kristian Gjøsteen, Norwegian University of Science and Technology (NTNU)
Prof. Whitfield Diffie, Emeritus, Stanford

Abstract:

The vast majority of communication on the Internet and private networks heavily relies on Public-key infrastructure (PKI). One possible solution, to avoid complexities around PKI, is to use Password Authenticated Key-Exchange (PAKE) protocols.

PAKE protocols enable a secure communication link between the two parties who only share a low-entropy secret (password). PAKEs were introduced in the 1990s, and with the introduction of the first security models and security proofs in the early 2000s, it was clear that PAKEs have a potential for wide deployment - filling the gap where PKI falls short. PAKEs' PKI-free nature, resistance to phishing attacks and forward secrecy are just some of the properties that make them interesting and important to study. This dissertation includes three works on various aspects of PAKEs: an attack on an existing PAKE proposal, an application of PAKEs in login (for password leak detection) and authentication protocols (HoneyPAKEs), and a security analysis of J-PAKE protocol, that is used in practice, and its variants.

In our first work, we provide an empirical analysis on zkPAKE protocol proposed in 2015. Our findings show that zkPAKE is not safe against offline dictionary attacks, which is one of the basic security requirements of the PAKE protocols.

Further, we demonstrate an implementation of an efficient offline dictionary attack, which emphasizes, when proposing a new protocol, it is necessary to provide a rigorous security proof.

In our second contribution, we propose a combined security mechanism called HoneyPAKE. The HoneyPAKE construction aims to detect the loss of password files and ensures that PAKE intrinsically protects that password. This makes the PAKE part of the HoneyPAKE more resilient to server-compromise and pre-computation attacks which are a serious security threat in a client-server communication.

Our third contribution facilitates the wider adoption of PAKEs. In this work, we revisit J-PAKE and simplify it by removing a non-interactive zero knowledge proof from the last round of the protocol and derive a lighter and more efficient version called sJ-PAKE. Furthermore, we prove sJ-PAKE secure in the indistinguishability game-based model, the so-called Real-or-Random, also satisfying the notion of perfect forward secrecy.

Soutenance de thèse : A Semantic Approach to Machine-Level Software Security

Georges-Axel Jaloyan (Security, DIENS, ENS/PSL)

Mardi 14 Septembre 2021 à 14h00

https://www.gotomeet.me/DavidNACCACHE/jaloyanphd

Résumé :

L'informatique se fonde sur de nombreuses couches d'abstraction, allant des couches matérielles jusqu'à l'algorithmique en passant par le cahier des charges à la base de la conception du produit. Dans le cadre de la sécurité informatique, les vulnérabilités proviennent souvent de la confusion résultant des différentes abstractions décrivant un même objet. La définition de sémantiques aide à la description formelle de ces abstractions dans l'objectif de les faire coïncider. Dans cette thèse, nous améliorons différents procédés ou programmes en corrélant les diverses représentations sémantiques sous-jacentes.

Nous introduisons brièvement les termes et concepts fondamentaux avec lesquels nous construisons le concept de langage assembleur ainsi que les différentes abstractions utilisées dans l'exploitation de programmes binaires.

Dans une première partie, nous utilisons des constructions sémantiques de haut niveau pour simplifier la conception de codes d'exploitation avancés sur des jeux d'instructions récents. Nous présentons didactiquement trois exemples répondant à des contraintes de plus en plus complexes. Spécifiquement, nous présentons une méthode pour produire des shellcodes alphanumériques sur ARMv8-A et RISC-V, ainsi que la première analyse de faisabilité d'attaques de type return-oriented programming sur RISC-V.

Dans une deuxième partie, nous étudions l'application des méthodes formelles à l'amélioration de la sécurité et de la sûreté de langages de programmation à travers trois exemples : une optimisation de primitives de synchronisation, une analyse statique compatible avec la vérification déductive limitant l'aliasing de pointeurs dans un langage impératif ou encore un formalisme permettant de représenter de façon compacte du code binaire dans le but d'analyser des problèmes de synchronisation de protocole.

Abstract:

Computer science is built on many layers of abstraction, from hardware to algorithms or statements of work. In the context of computer security, vulnerabilities often originate from the discrepancies between these different abstraction levels. Such inconsistencies may lead to cyberattacks incurring losses. As a remedy, providing semantics helps formally describe and close the gap between these layers. In this thesis, we improve methods and programs by connecting the various semantic representations involved using their relationship to each level of abstraction.

We briefly introduce the fundamental concepts and terminology to build assembly languages from scratch and various abstractions built atop and used in the context of binary exploitation.

In the first part, we leverage higher-level semantic constructs to reduce the design complexity of advanced exploits on several recent instruction set architectures. In a tutorial-like fashion, we present three examples addressing increasingly more complex constraints. Specifically, we describe a methodology to automatically turn arbitrary programs into alphanumeric shellcodes on ARMv8-A and on RISC-V. We also provide the first analysis on the feasibility of return-oriented programming attacks on RISC-V.

In the second part, we see how the use of formal methods can improve the safety and security of various languages or constructs, through three examples that respectively optimize the implementation of Hoare monitors, a well-known synchronization construct, prevent harmful aliasing in an imperative language without impeding deductive verification, or abstract binary code into a compact representation which enables further protocol desynchronization analyses.

Jury :

David NACCACHE - Ecole normale supérieure (Directeur de thèse)
Aymeric VINCENT - Commissariat à l'énergie atomique et aux énergies alternatives (Encadrant de thèse)
Lorenzo CAVALLARO - University College London (Rapporteur)
Sylvain GUILLEY - Télécom ParisTech (Rapporteur)
Whitfield DIFFIE - Stanford University (Examinateur)
Konstantinos MARKANTONAKIS - Royal Holloway University of London (Examinateur)
Clémentine MAURICE - Centre national de la recherche scientifique (Examinatrice)
Xavier RIVAL - Ecole normale supérieure (Examinateur)
Hovav SHACHAM - University of Texas at Austin (Professeur invité)

Soutenance de thèse : Security of cryptographic protocols and data structures: design and optimisation

Marius Lombard-Platet (Security, DIENS, ENS/PSL)

Mercredi 08 Septembre 2021 à 16h00

https://www.gotomeet.me/DavidNACCACHE/mariuslpdefense

Résumé :

Dans cette thèse, nous nous intéresserons à deux thématiques majeures : la sécurité des données dans des protocoles d'échange cryptographiques, ainsi que l'analyse et la sécurisation des structures de données. Pour cela, nous appliquons des analyses formelles, reposant autant sur des outils cryptographiques existants que des modélisations ad-hoc pour le problème envisagé. En premier lieu, nous étudierons la sécurité de détecteurs de doublons, ainsi qu'une optimisation de l'utilisation de l'espace de stockage disponible. Ensuite, nous nous tournerons sur un cas pratique de modélisation, proposant un nouveau modèle formel pour la blockchain. Enfin, nous nous pencherons sur la problématique d'externalisation de protocoles de bandit manchot. Nous verrons comment externaliser les calculs, tout en prouvant que les nœuds du réseau apprennent aussi peu d'information que possible.

Abstract:

In this thesis, we are interested in two major themes: data security in exchange protocols, and the analysis and securing of data structures. To do so, we apply formal analyses, based on existing cryptographic tools as well as ad-hoc modelling for the problem under consideration. Firstly, we will study the security of duplicate detectors, as well as an optimisation of the use of available storage space. Then, we will turn to a practical modelling case, proposing a new formal model for blockchain. Finally, we will study the problem of outsourcing bandit learning protocols. We will see how to outsource calculations, while proving that the network learns as little as possible.

Soutenance de thèse : On the efficiency of local methods in image classification and energy regression in physics

Louis Thiry (Data, DIENS, ENS/PSL)

Vendredi 09 Juillet 2021 à 13h30

Amphi Galois -- ENS, Paris

Résumé :

The recent success of convolutional neural networks in high-dimensional learning problems motivated the development of new machine learning techniques in different fields. In particular, a lot of progress has been made in image classification and energy regression in physics in the last years. These two problems are multi-scale. Molecules' and solids' energy results from interactions at different scales, e.g., ionic and covalent bonds at the short scale, Van-der-Waals interactions at the mesoscale, Coulomb interactions at the large scale. One can classify an image using texture information at the small scale, pattern information at a larger scale, or shape information at the object scale. There is a natural analogy between local image classification techniques based on small image patches and local energy regression techniques based on small atomic neighborhood descriptions.

Abstract:

This dissertation studies the efficiency of local methods in image classification and energy regression. We observe that local methods perform surprisingly well in image classification and energy regression despite these two problems' multi-scale nature. We first study comparatively multi-scale and local energy regression techniques for molecules and solids. We notice that local methods perform very well, even for solids with long-range energy components. We present a new strategy to regress the vibrational entropy in solids. Again, we observe that a local method based on atomic neighborhood description has better predictive power than a multi-scale strategy. We introduce a structured convolutional network architecture for image classification based on patch encoding that reaches an accuracy that is competitive with standard convolutional networks on ImageNet. We present an image classifier based on image patches K-nearest-neighbors computations that achieves state-of-the-art performance as a non-learned representation. We end this dissertation with an opening on artistic creativity in the context of human-machine interactive systems.

Soutenance de thèse : Homomorphic Cryptography and Privacy

Chloé Hébant (Cascade, DIENS)

Jeudi 20 Mai 2021 à 09h30

ENS, Paris

Résumé:

Avec l’utilisation massive du stockage dématérialisé, l’homomorphisme est devenu l’une des propriétés les plus largement employées en cryptologie. Dans cette thèse, nous allons étudier comment l’utiliser dans des protocoles multi-utilisateurs concrets qui nécessitent non seulement de la confidentialité, mais aussi de l’anonymat, de l’authentification ou encore de la vérifiabilité. Pour cela, nous utilisons des schémas homomorphes de chiffrement, de signature numérique et de preuves à divulgation nulle de connaissances, mais, à chaque fois, nous devrons limiter leurs capacités de malléabilité pour atteindre le niveau de sécurité préalablement défini.
Tout d’abord, l’aspect confidentiel est abordé au travers de l’étude de calculs sur des bases de données externalisées. Être capable d’appliquer des fonctions sur des données chiffrées sans avoir à les télécharger pour les déchiffrer entièrement est permet de profiter de la puissance de calcul du serveur qui est généralement supérieure à celle du client. Cela peut être également indispensable lorsqu’une société sans droit d’accès à une base de données de clients souhaite obtenir le résultat d’un calcul. La quantité d’information apprise ne doit pas être supérieure à celle contenue dans le résultat du calcul. Nous proposons pour cela un schéma de chiffrement décentralisé qui permet d’évaluer des fonctions quadratiques sur les données externalisées tout en ayant un contrôle des opérations grâce à un groupe d’inspecteurs.
Cependant, la confidentialité des données n’est pas toujours la propriété la plus recherchée pour un système car elle ne protège pas l’identité de l’expéditeur. Pour le vote électronique, chaque bulletin chiffré doit être associé à un électeur afin de vérifier que celui-ci était autorisé à voter, mais après la phase de vote, l’anonymat doit être assuré. Pour cela une solution est de mélanger plusieurs fois l’urne de sorte que, au moment du dépouillement, qui correspond au déchiffrement, aucun lien entre le vote et l’électeur ne puisse être fait. C’est le fonctionnement d’un réseau de serveurs-mélangeurs dont nous proposons une nouvelle construction basée sur des signatures linéairement homomorphes avec un coût de vérification de l’urne finale indépendant du nombre de mélanges. Ce protocole est donc d’autant plus efficace que le nombre de mélanges augmente et représente un progrès par rapport aux constructions déjà connues.
Dans certains cas, avoir un anonymat parfait permettrait l’utilisation malveillante d’un système et la cryptologie doit aussi tenir compte de ces abus potentiels. La troisième contribution de cette thèse consiste en la proposition du premier protocole d’accréditation anonyme multi-autorités traçable : un utilisateur demande une accréditation auprès d’une autorité émettrice et peut l’utiliser pour accéder à un système tout en restant anonyme. En cas d’abus, une autorité juge peut lever l’anonymat et retrouver un utilisateur malveillant grâce au traçage. De plus, ce protocole, tout en étant aussi efficace que les précédents pour une seule autorité émettrice, permet d’agréger des accréditations d’autorités émettrices distinctes pour avoir une accréditation de taille optimale.

Jury:

Dario Catalano - Université de Catane, Italie (Rapporteur)
Caroline Fontaine - CNRS/ENS Paris-Saclay (Examinatrice)
Benoit Libert - CNRS/ENS Lyon (Rapporteur)
Duong Hieu Phan - Telecom Paris (Directeur de thèse)
David Pointcheval - CNRS/ENS Paris (Directeur de thèse)
Olivier Sanders - Orange Labs (Examinateur)

Abstract:

With the massive use of dematerialized storage, homomorphism has become one of the most widely used properties in cryptology. In this thesis we will study how to use it in concrete multi-users protocols requiring not only confidentiality but also anonymity, authentication or verifiability. Homomorphic encryption schemes, homomorphic digital signatures and homomorphic zero-knowledge proofs will be used together, but each time restricted to achieve the desired level of security.
First, the confidential aspect is studied for computations on large outsourced databases. Being able to apply functions on encrypted data without having to download and decrypt it entirely may be essential and allows to take advantage of the computational power of the server. This can also be interesting when a third-party company without right-access to the database wants to obtain the result of a computation. However, some guarantees on the learned information need to be taken. To this end, we present a decentralized encryption scheme that allows controlled evaluation of quadratic functions on outsourced data thanks to a group of controllers.
However, sometimes confidentiality of the data is not the most desired property for a system as it does not protect the sender. For electronic voting, each encrypted ballot must be associated with its voter to verify that he is allowed to vote. After the voting phase, anonymity is achieved by shuffling so that, during the count, which corresponds to the decryption, no link between votes and voters can be made. We propose a new construction of mix-network based on linearly homomorphic signatures which allows for the first time a verification which is cost-independent of the number of mix-servers. This scalable mix-net improves the efficiency compared to already known constructions, especially with an increasing number of shuffles.
Nevertheless, with perfect anonymity comes the threat of malicious use of the system. Cryptology must consider these possible abuses and we propose the first multi-authority anonymous credential protocol with traceability property: a user asks a credential issuer for a credential and uses it to access a system while remaining anonymous. In case of abuse, an authority can revoke anonymity and trace a malicious user. The scheme is as efficient as the previously known credential schemes while achieving the multi-credential issuer functionality.

Perfectly Parallel Fairness Certification of Neural Networks

Caterina Urban (DI / Antique)

Mercredi 19 Mai 2021 à 17h00

ENS, Paris

Recently, there is growing concern that machine-learned software, which currently assists or even automates decision making, reproduces, and in the worst case reinforces, bias present in the training data. The development of tools and techniques for certifying fairness of this software or describing its biases is, therefore, critical. To meet these needs, we propose a perfectly parallel static analysis for certifying fairness of feed-forward neural networks used for classification of tabular data. When certification succeeds, our approach provides definite guarantees, otherwise, it describes and quantifies the biased input space regions. We design the analysis to be sound, in practice also exact, and configurable in terms of scalability and precision, thereby enabling pay-as-you-go certification. We implement our approach in an open-source tool called Libra and demonstrate its effectiveness on neural networks trained on popular datasets.

Cryptographic tests of quantumness

Thomas Vidick (Caltech)

Mercredi 17 Mars 2021 à 17h00

ENS, Paris

Quantum computers are physical devices that leverage the laws of quantum mechanics to accomplish certain computations, such as the simulation of physical, chemical, or biological systems, in an exponentially more efficient way than can be achieved by the best classical algorithms. By its very nature, the outcome of such a computation cannot be predicted by a classical computer. Moreover, there is strong evidence that the outcome cannot even be verified by classical means. How can we tell if the quantum device produced the right prediction? This question is made all the more urgent by recent advances in practical quantum devices. In this talk I will formulate the question using the language of interactive proofs from complexity theory and present recent advances on the topic. We will start from the problem of testing that a quantum computer generates a truly uniformly random bit and build towards protocols for verifying delegated quantum computations. The talk will be mostly based on joint work with Brakerski, Christiano, Mahadev and Vazirani, arXiv:1804.00640, as well as subsequent works.

Recent Advances on Coding for DNA Storage

Eitan Yaakobi (Technion --- Israel Institute of Technology)

Mercredi 17 Février 2021 à 17h00

ENS, Paris

DNA-based storage has attracted significant attention due to recent demonstrations of the viability of storing information in macromolecules. Given the trends in cost decreases of DNA synthesis and sequencing, it is estimated that within the next decade DNA storage may become a highly competitive archiving technology. This technology introduces new challenges in finding coding solutions to address various problems associated with the implementation of DNA-based storage systems. This talk will review the main ideas of recent coding methods and techniques of advanced coding schemes that are specifically targeted for the unique structure and error behavior of DNA-based storage systems. These problems will focus on the design of codes for clustering, trace-reconstruction techniques, error-correction codes, and constrained codes. These families of codes are most suitable and applicable for long-term storage and recovery of data recorded in DNA, while overcoming the unique challenges associated with the synthesis, storage, and sequencing phases of the DNA storage channel.

Programming Language Processing (PLP)

Eran Yahav (Technion --- Israel Institute of Technology)

Mercredi 06 Janvier 2021 à 17h00

ENS, Paris

This talk will provide a survey of neural methods for programming-language processing (PLP), starting from a basic background all the way to recent results. We will cover a number of challenging PLP tasks and a wide range of neural techniques for tackling them.

2020

Soutenance de thèse : Transferable e-cash: an analysis in the Algebraic Group Model

Balthazar Bauer (CASCADE, DIENS)

Lundi 14 Décembre 2020 à 14h30

ENS, Paris

Résumé:

L’accélération de la numérisation des communications mondiales s’accompagne d’une sensibilisation croissante de pans entiers de la société concernant la notion de vie privée. En particulier, la confidentialité des transactions commerciale fait débat. Dans les années 80-90, Chaum, un cryptographe, élabore, puis déploie avec son entreprise Digicash un système de paiement numérique «anonyme» dont les garanties reposent entre autres sur des preuves mathématiques inspirées par le paradigme encore balbutiant de «sécurité prouvée». Si son entreprise Digicash fait faillite au bout de quelques années, les milieux académiques continuent d’étudier les systèmes de paiements numériques anonymes en cherchant à développer de nouvelles fonctionnalités, dont la transferabilité.

L’objectif de cette thèse, financée par l’agence nationale de la recherche était de revisiter les modèles de sécurité concernant l’anonymat d’un paiement, puis de proposer un système de paiement théoriquement déployable reposant également sur le paradigme de la sécurité prouvée. Lors de la défense de cette thèse (qui se fera en anglais), je parlerais à la fois des modèles de sécurité garantissant l’anonymat, et de questions plus fondamentales concernant toutes une famille d’hypothèses cryptographiques couramment utilisées en sécurité prouvée.

Jury:

Georg Fuchsbauer - TU Wien, Austria (Directeur de thèse)
David Pointcheva - CNRS/ENS (Directeur de thèse)
Eike Kiltz - Ruhr-University Bochum, Germany (Rapporteur)
Olivier Blazy - Université Limoges (Rapporteur)
Carla Rafols - Universitat Pompeu Fabra, Barcelona, Spain (Examinatrice)
Olivier Sanders - Orange Labs, Rennes (Examinateur)
Damien Vergnaud - Sorbonne Université (Examinateur)

Abstract:

As the digitization of global communications accelerates, there is a growing awareness of privacy issues among large segments of society. In particular, the confidentiality of commercial transactions is under debate. In the 1980s and 1990s, Chaum, a cryptographer, developed and then deployed with his company Digicash an "anonymous" digital payment system whose guarantees were based, among other things, on mathematical proof inspired by the still nascent paradigm of "proven security". Although his company Digicash goes bankrupt after a few years, the academic community continues to study anonymous digital payment systems, seeking to develop new functionalities, including transferability.

The aim of this thesis, funded by the French national research agency, was to revisit security models concerning the anonymity of payments, and then to propose a theoretically deployable payment system also based on the paradigm of proven security. During the defense of this thesis, I will talk about security models guaranteeing anonymity, as well as more fundamental questions concerning a family of cryptographic assumptions commonly used in proven security.

Réunion de présentation des stages de L3 et des exposés maths-info

Pierre Aboulker & Francis Bach

Mercredi 09 Décembre 2020 à 17h00

Soutenance de thèse : "Proving the security of software-intensive embedded systems by abstract interpretation"

Marc Chevalier (ANTIQUE, DIENS)

Vendredi 27 Novembre 2020 à 14h00

ENS, Paris

Programs are in charge of many systems whose failure may be catastrophic in many ways, from mere information leaks to deaths. Fortunately, there are methods that allows us to find all bugs, and thus, that are able to prove that programs are correct. The method we use, abstract interpretation, is based on overapproximation of the semantics. Usually, verification efforts are centered on end-user programs, but software systems are big stacks of components, from regular programs to silicon, where each step may fail. Consequently, we need to prove the correctness each component.

In this thesis, we intend to analyze a real-world embedded operating system for x86 architecture, in collaboration with an industrial partner. Such low-level code raises two kinds of difficulties. Firstly, C code includes assembly blocks. They are useful to use the processor's features, and to perform computation in a more precise way than what C allows. Such mixed code is difficult to analyze because both languages are mixed with fine-grained interactions, but works in very different ways.

The second issue is the kind of computations the OS needs to do, for instance, to use CPU's memory protection features. They make no sense for a regular program, but they can be abstracted precisely using ghost variables, that is, helping values that do not appear in the real execution, but help the analysis.

In this thesis, we treated both problems: we propose a quite extensive support of mixed C and x86 assembly (including arbitrary dynamic jumps, mixed calls, and dynamic code), and a new reduced product of abstract domains that allows dynamic management of ghost variables in a decentralized way.

Jury:

Isabella MASTROENI (reviewer)
David PICHARDIE (reviewer)
Patrick COUSOT
Peter MÜLLER
Marc POUZET
Sukyoung RYU
Mihaela SIGHIREANU
Jérôme FERET (supervisor)

Learning Geometry

Rom Kimmel (Technion --- Israel Institute of Technology)

Mercredi 25 Novembre 2020 à 17h00

ENS, Paris

Deep learning is a disruptive line of research that changes the way computational problems are being addressed and solved. Many parameters are optimized for, and tuned to train a given computational architecture to classify, segment, identify, and reconstruct objects. This methodology works great as long as there is some assumption about the size of the data, or its spatial or temporal shift invariance property that allow convolutional neural networks to operate on the given data. The question we will address is what can be done for geometric structures for which there is no linear shift invariance mechanism to rely on. We will relate to matching geometric structures, measuring geodesic distances, classifying objects, and ways to import axiomatic constructions into the learning arena, that give birth to novel semi-supervised learning procedures. Finally, if time permits I will comment on a new and interesting line of research we have started to explore dealing with computational pathology.

Réunion pour les stages de M1

Marc POUZET et Jérôme Feret

Jeudi 12 Novembre 2020 à 17h00

ENS, Paris

Soutenance de thèse : Neural architectures for estimating correspondences between images

Ignacio Rocco (WILLOW, DIENS)

Mardi 27 Octobre 2020 à 14h00

INRIA, Paris

L’objectif de cette thèse est de développer des méthodes pour la mise en correspondance entre de paires d’images dans des situations difficiles, telles que des changements extrêmes d’éclairage, des scènes avec peu de texture ou comprenant des structures répétitives, ou la mise en correspondance entre parties d’objets qui appartiennent à la même classe mais qui peuvent présenter de grandes différences d’apparence intra-classe. Nos contributions sont les suivantes : (i) nous développons une approche entraînable pour l’alignement paramétrique d’images en utilisant un modèle de réseau siamois, (ii) nous concevons une approche d’entraînement faiblement supervisée, qui permet l’entraînement à partir de paires d’images réelles annotées seulement au niveau des paires d’images, (iii) nous proposons les Réseaux de Consensus de Voisinage qui peuvent être utilisés pour estimer de manière robuste les correspondances pour des tâches où des correspondances discrètes sont requises et (iv) nous développons une variante plus efficace qui peut réduire les besoins en mémoire et le temps d’exécution des Réseaux de Consensus de Voisinage par un facteur dix.

Jury:

Andrea Vedaldi - University of Oxford (rapporteur)
Vincent Lepetit - École des Ponts ParisTech (rapporteur)
Diane Larlus - NAVER LABS Europe (examinateur)
Patrick Pérez - Valeo.ai (examinateur)
Josef Sivic - ENS - Inria (directeur de thèse)
Relja Arandjelović - DeepMind (Co-directeur de thèse)

Soutenance de thèse : Large-scale Learning from Video and Natural Language

Antoine Miech (WILLOW, DIENS)

Mercredi 14 Octobre 2020 à 14h00

INRIA, Paris

The goal of this thesis is to build and train machine learning models capable of understanding the content of videos. Current video understanding approaches mainly rely on large-scale manually annotated video datasets for training. However, collecting and annotating such dataset is cumbersome, expensive and time-consuming. To address this issue, this thesis focuses on leveraging large amounts of readily-available, but noisy annotations in the form of natural language. In particular, we exploit a diverse corpus of textual metadata such as movie scripts, web video titles and descriptions or automatically transcribed speech obtained from narrated videos. Training video models on such readily-available textual data is challenging as such annotation is often imprecise or wrong. In this thesis, we introduce learning approaches to deal with weak annotation and design specialized training objectives and neural network architectures.
Lien vers PDF

Jury

Bernard Ghanem (KAUST), Rapporteur
Dima Damen (University of Bristol), Rapporteuse
Vincent Lepetit (ENPC), Président de jury
Cordelia Schmid (Inria / Google), Examinatrice
Jean-Baptiste Alayrac (DeepMind), Examinateur
Ivan Laptev (Inria), Directeur de thèse
Josef Sivic (CTU / Inria), Directeur de thèse

Soutenance de thèse : City crowd-networking: modelling Device-to-Device on street systems using percolation theory, and economic consequences

Quentin Le Gall (DYOGENE, DIENS)

Mardi 06 Octobre 2020 à 09h00

ENS, Paris

The fifth generation of cellular networks is expected to provide coverage for an unprecedented number of devices over large areas. One of the main paradigms investigated to address this challenge, called Device-to-Device (D2D) communication, consists in allowing for short-range direct communications between network devices. An application of significant economic interest for operators is the one of the uberisation of networks, where an operator having no (or very few) network infrastructure could build a mobile network relying only on its end-devices (users). In this thesis, we study new mathematical models of D2D networks in urban environments. We see the street system of a city as a planar Poisson-Voronoi tessellation (PVT). Network users are given by a Cox process supported by the edges of the PVT while additional network relays are given by a Bernoulli process on the vertices of the PVT. The network is then modelled by a connectivity graph as follows: vertices are the atoms of both these processes and fixed-range connections between them possible only along the PVT edges or between network nodes located on adjacent PVT edges. Percolation of this random graph (existence of an infinite connected component with positive probability) is interpreted as good connectivity of the network. Using renormalisation techniques, we prove the existence of phase transitions between different connectivity regimes, in particular those where percolation can be solely ensured by the relays or, on the contrary, where a sufficient density of users is essential. Performing numerical simulations with original path-finding algorithms, we estimate critical parameters (e.g. the density of relays and users) allowing for good connectivity of the network. Finally, we also introduce appropriate cost models and use our numerical estimates to study the economic feasibility of uberisation scenarios of telecommunications networks.

Jury:

Pr. Philippe Martins (Télécom ParisTech) - Président
Pr. David Coupier (IMT Lille-Douai) - Rapporteur
Pr. Laurent Decreusefond (Télécom ParisTech) - Rapporteur
Dr. Catherine Gloaguen (Orange Labs) - Examinatrice
Pr. Justin Salez (Université Paris Dauphine) - Examinateur
Pr. Marie Théret (Université Paris Nanterre) - Examinatrice
Pr. Bartlomiej Blaszczyszyn (ENS-INRIA) - Directeur de thèse
Dr. Elie Cali (Orange Labs) - Encadrant de thèse
Dr. Taoufik En-Najjary (Orange Labs) - Encadrant de thèse

Soutenance de thèse : Privacy-Preserving Cryptographic Protocols

Patrick Towa (CASCADE, DIENS; IBM Zurich)

Mercredi 30 Septembre 2020 à 14h00

ENS, Paris

This manuscript proposes new cryptographic protocols that are respectful of users’ privacy and which have real-world applications. In a first part, the focus is on group signatures, a primitive which allows members of a user group to anonymously sign on behalf of the group, and on message confidentiality. To remove the trust on single authorities, group signatures are here defined in a setting with multiple authorities and support both threshold issuance and threshold opening. These group signatures are then used as authentication mechanism for vehicle-to-vehicle communication, and combined with zone encryption, a new primitive whereby vehicles can efficiently encrypt their communication, they provide strong, well-defined privacy guarantees for cooperative intelligent transport systems. Thereafter, public-key encryption is studied in a more general context in which users do not have access to secure storage to protect their secret keys, but can leverage passwords and interaction with servers to obtain comparable security guarantees without renouncing their privacy. In a second part, the topic of study are general-purpose cryptographic primitives which have privacy-preserving applications. First come zero-knowledge arguments, a type of cryptographic schemes which enable a computationally bounded prover to convince a verifier of a statement without disclosing any information beyond that. More specifically, we study arguments to prove the satisfiability of Diophantine equations which have logarithmic communication and round complexity, as well as their applications to privacy-preserving cryptography. Then, we tackle the problem of proving that a user algorithm selected and correctly used a truly random seed in the generation of her cryptographic key, a problem of fundamental importance to the security of any public-key cryptographic scheme.

Jury

Dario Fiore, IMDEA Software Insitute (Reviewer)
Dennis Hofheinz, ETH Zürich (Reviewer)
Benoît Libert, CNRS, École Normale Supérieure de Lyon (Examiner)
Gregory Neven, DFINITY (Examiner)
Duong Hieu Phan, Télécom Paris, Institut Polytechnique de Paris (Examiner)
David Pointcheval, CNRS, École Normale Supérieure de Paris (Examiner)
Carla Ràfols, Universitat Pompeu Fabra (Examiner)
Damien Vergnaud, Sorbonne Université, CNRS, LIP6, Institut Universitaire de France (Advisor)

Soutenance de thèse : Approches Gloutonnes pour l'Approximation de Problèmes d'Optimisation Combinatoires NP-difficiles

Mathieu Mari (TALGO, DIENS)

Vendredi 25 Septembre 2020 à 13h30

ENS, Paris

The greedy approach is natural for the design of algorithms. It is fast, easy to implement, has a good performance on average, and is applicable to many optimization problems in various settings. For those reasons, it is an important heuristic in practice. In this thesis, we present greedy algorithms for three different NP-hard optimization problems. We discuss the relation between those algorithms, their proof techniques and the structure of the problems under study. In the first part of this thesis, we focus on the Maximum Coverage problem with a connectivity constraint, which comes up for the design of wireless networks. We show that the problem is NP-hard, even when the coverage and the connectivity are induced by a set of unit disks in the plane. For that special case, we show that greedily picking two disks so as to maximize the marginal area covered while correctness achieves a 2-approximation. We further improve the approximation ratio by providing a PTAS for this problem with a small resource augmentation, using Arora's shifted grid dissection technique. In the second part of this thesis, we focus on the Maximum Independent Set problem. A natural approach is to repeatedly pick a vertex of minimum degree, and remove it and its neighbours from the graph. We present a new technique to analyze the performance of this greedy approach in various classes of graphs and address the following question: if there are several minimun-degree vertices, what vertex should the greedy algorithm pick in order to maximise the size of the final solution ? With this tool, we design an ''ultimate tie-breaking'' rule that leads to the best possible approximation ratio for sub-cubic graphs and for this type of greedy algorithms. We complement this by lower bound results that show that designing good tie-breaking rules is a difficult task. The third and last part of the thesis is devoted to the Maximum Integral Multiflows problem. The problem is difficult and well-studied. For instance, a constant factor approximation is unlikely to exist even when the supply graph is planar and cubic. In the special case where the supply graph together with the demand edges form a bounded genus graph, we present a constant factor approximation algorithm. The algorithm consists of a succession of greedy procedures that exploit topological properties of graphs and curves on surfaces.

Jury:

Claire Mathieu (CNRS, Université de Paris) - Directrice de thèse
Chien-Chung Huang (CNRS, ENS, PSL) - Directeur de thèse
Christoph Dürr (CNRS, Sorbonne Université) - Examinateur
Magnus Halldorsson (Reykjavik University) - Examinateur
Cyril Gavoille (Université de Bordeaux) - Rapporteur
Dimitrios Thilikos (CNRS, Université Montpellier) - Examinateur
Alantha Newman (CNRS, Université Grenoble Alpes) - Examinatrice
Bruce Shepherd (University of British Colombia) Rapporteur

Soutenance de thèse : Extended Security of Lattice-Based Cryptography

Mélissa Rossi (CASCADE, DIENS; Thales; ANSSI)

Jeudi 10 Septembre 2020 à 16h00

ENS, Paris

Lattice-based cryptography is considered as a quantum-safe alternative for the replacement of currently deployed schemes based on RSA and discrete logarithm on prime fields or elliptic curves. It offers strong theoretical security guarantees, a large array of achievable primitives, and a competitive level of efficiency. Nowadays, in the context of the NIST post-quantum standardization process, future standards may ultimately be chosen and several new lattice-based schemes are high-profile candidates. The cryptographic research has been encouraged to analyze lattice-based cryptosystems, with a particular focus on practical aspects. This thesis is rooted in this effort. In addition to black-box cryptanalysis with classical computing resources, we investigate the extended security of these new lattice-based cryptosystems, employing a broad spectrum of attack models, e.g. quantum, misuse, timing or physical attacks. Accounting that these models have already been applied to a large variety of pre-quantum asymmetric and symmetric schemes before, we concentrate our efforts on leveraging and addressing the new features introduced by lattice structures. Our contribution is twofold: defensive, i.e. countermeasures for implementations of lattice-based schemes and offensive, i.e. cryptanalysis. On the defensive side, in view of the numerous recent timing and physical attacks, we wear our designer's hat and investigate algorithmic protections. We introduce some new algorithmic and mathematical tools to construct provable algorithmic countermeasures in order to systematically prevent all timing and physical attacks. We thus participate in the actual provable protection of the GLP, BLISS, qTesla and Falcon lattice-based signatures schemes. On the offensive side, we estimate the applicability and complexity of novel attacks leveraging the lack of perfect correctness introduced in certain lattice-based encryption schemes to improve their performance. We show that such a compromise may enable decryption failures attacks in a misuse or quantum model. We finally introduce an algorithmic cryptanalysis tool that assesses the security of the mathematical problem underlying lattice-based schemes when partial knowledge of the secret is available. The usefulness of this new framework is demonstrated with the improvement and automation of several known classical, decryption-failure, and side-channel attacks.

Jury:

Martin Albrecht, Royal Holloway, University of London (examinateur)
Pierre-Alain Fouque, Université de Rennes 1 (examinateur)
Louis Goubin, Université de Versailles-Saint-Quentin-en-Yvelines (rapporteur)
Helena Handschuh, Rambus, San Francisco (examinatrice)
Daniele Micciancio, University of California, San Diego (examinateur)
Damien Stehlé, École normale supérieure de Lyon (rapporteur)
Michel F. Abdalla, École normale supérieure de Paris (directeur de thèse)
Henri Gilbert, ANSSI, Paris (codirecteur de thèse)
Sonia Belaïd, CryptoExperts, Paris (coencadrante, invitée)
Ange Martinelli, Thales, ANSSI, Paris (coencadrant, invité)
Thomas Prest, PQShield, Oxford (coencadrant, invité)
Guénaël Renault, École polytechnique, Palaiseau (coencadrant, invité)

Soutenance de thèse : Multiscale Sparse Models of Auto-Encoders through Gaussianization

Tomas Angles (DATA, DIENS)

Vendredi 10 Juillet 2020 à 14h00

ENS, Paris

One of the most challenging and long-standing problems in signal processing, probability, statistics, and machine learning is defining non-Gaussian non-ergodic random processes to model high-dimensional datasets of natural images. Deep learning provides a new perspective on this problem. However, the random processes estimated with deep learning methods are defined by learned deep convolutional networks, which are non-linear operators whose mathematical properties are not understood. This dissertation studies the mathematical properties of random processes generated by auto-encoders and derives simplified algorithmic architectures taking advantage of prior information on the signals that are modeled. To this end, we analyze auto-encoders from the perspective of Gaussianization and inverse problems solved with sparsity constraints in learned dictionaries. We show that the encoder can be predefined up to a linear operator by considering scattering transforms, which are operators that leverage the prior information that natural images are stable to small deformations. Then, we study the non-linear inverse problem defined by the predefined encoder and show that it can be transformed into a cascade of linear inverse problems regularized with sparsity constraints in learned convolutional dictionaries. To implement this cascade of regularized inverse operators and learn the dictionaries that determine them, we propose dictionary learning algorithms based on structured deep networks.

Jury:

Eric MOULINES (Rapporteur) CMAP - École polytechnique, CNRS
Marco CUTURI (Rapporteur) CREST - ENSAE, Institut Polytechnique de Paris, Google Research
Gabriel PEYRE (Examinateur) DMA - École normale supérieure, CNRS
François ROUEFF (Examinateur) LTCI - Telecom Paris, Institut Polytechnique de Paris
Marc LELARGE (Examinateur) INRIA, DI - École normale supérieure
Stéphane MALLAT (Directeur de thèse) Collège de France, DI - École normale supérieure, CNRS

Soutenance de thèse : Mechanized Semantics and Verified Compilation for a Dataflow Synchronous Language with Reset

Lélio Brun (PARKAS, DIENS)

Lundi 06 Juillet 2020 à 08h30

ENS, Paris

Specifications based on block diagrams and state machines are used to design control software, especially in the certified development of safety-critical applications. Tools like SCADE and Simulink/Stateflow are equipped with compilers that translate such specifications into executable code. They provide programming languages for composing functions over streams as typified by dataflow synchronous languages like Lustre. In this thesis we present Vélus, a Lustre compiler verified in the interactive theorem prover Coq. We develop semantic models for the various languages in the compilation chain, and build on the verified CompCert C compiler to generate executable code and give an end-to-end correctness proof. The main challenge is to show semantic preservation between the dataflow paradigm and the imperative paradigm, and to reason about byte-level representations of program states. We treat, in particular, the modular reset construct, a primitive for resetting subsystems. This necessitates the design of suitable semantic models, compilation algorithms and corresponding correctness proofs. We introduce a novel intermediate language into the usual clock-directed modular compilation scheme of Lustre. This permits the implementation of compilation passes that generate better sequential code, and facilitates reasoning about the correctness of the successive transformations of the modular reset construct.

Jury:

Gerwin Klein (Reporter), Data61/University of NSW
Xavier Thirioux (Reporter), ISAE-SUPAERO
Jean-Louis Colaço, ANSYS
Emmanuel Ledinot, THALES Research & Technology
Xavier Leroy, Collège de France
Pascal Raymond, Université Grenoble-Alpes, CNRS, and VERIMAG
Timothy Bourke (Supervisor), Inria and ENS
Marc Pouzet (Supervisor), Sorbonne Université, ENS, and Inria

Soutenance de thèse: On the Expressive Power of Invariant Logics over Sparse Classes of Structures

Julien Grange (VALDA, DIENS)

Lundi 29 Juin 2020 à 14h00

ENS, Paris

This thesis focuses on the expressive power of two invariant logics: successor-invariant first-order logic, Succ-inv FO, and order-invariant first-order logic, <-inv FO. In these formalisms, on top of plain first-order logic, FO, an access to an additional successor relation (for Succ-inv FO) or linear order relation (for <-inv FO) on structures is granted, provided that the evaluation of sentences does not depend on the choice of a particular relation. It is well known that both Succ-inv FO and <-inv FO are more expressive than FO in general. However, if one considers only trees, these logics are no more expressive than plain FO. The two main results of this thesis extend the classes of structures on which these invariant logics collapse to FO. First, we prove that Succ-inv FO is no more expressive than FO on classes of bounded degree. For that, we show how successor relations preserving FO-similarity can be constructed. Second, we define a new class of structures, that of hollow trees. A hollow tree can be seen as an unranked tree, where a parent is only linked to its leftmost and rightmost children. Elements of a siblinghood are linearly related through another binary relation, which is symmetric. Hence, a node has access to at most two neighbors, which are indiscernible, and two children. The notion of hollow trees is a generalization of ranked trees, and we believe it to be a gateway to structures of pathwidth 2. We show that <-inv FO collapses to FO on the class of hollow trees.

Jury:

Anuj Dawar (referee)
Etienne Grandjean (referee)
Mamadou Kanté
Leonid Libkin
Luc Segoufin
Cristina Sirangelo

Rank aggregation

Claire Mathieu (CNRS, IRIF, Paris-Diderot, Paris)

Mercredi 22 Avril 2020 à 17h00

Salle Henri Cartan

How do you synthesize ranking information into a single most representative global ranking? This can be modeled as an optimization problem. There are a few possibilities for the objective. Related to the feedback arc set problem in directed graphs, its theoretical formulation is difficult to solve exactly. We will show sinple heuristics and analyze them from the viewpoint of quality of approximation.

Vacances de Paques

Pas de séminaire

Mercredi 08 Avril 2020

A Personal View of Real-Time Computing

Edward A. Lee (UC Berkeley)

Mercredi 26 Février 2020 à 17h00

Salle Henri Cartan

Computers are widely used in timing-sensitive applications such as controlling vehicles, factories, and medical devices. Today, real-time behavior of programs is a property that emerges from implementations rather than a property that is specified in models. Control over timing behavior of software is difficult to achieve, and timing behavior is neither predictable nor repeatable. I will argue that this problem can be solved by making a commitment to deterministic models that embrace temporal properties as an integral part of the modeling paradigm. I will explain how such models differ from the prevailing practice of modeling low-level computer architectures and estimating worst-case execution time. I will show moreover that deterministic timing is practical today without sacrificing performance for many useful workload models. Specifically, I will describe a class of computer architectures called PRET Machines that deliver deterministic timing with no loss of performance for a family of real-time problems consisting of sporadic event streams with hard deadlines.

Des systèmes dynamiques à la biologie des systèmes pour des organismes non conventionnels: place du raisonnement symbolique.

Anne Siegel (IRISA, Rennes)

Mercredi 12 Février 2020 à 17h00

Salle Henri Cartan

La biologie des systèmes est un sous-domaine à l'interface entre l'informatique, les mathématiques et la biologie. L'objectif est de développer des méthodes originales pour modéliser à l'aide de systèmes dynamiques la réponse d'organismes vivants (des bactéries à la l'humain) à des perturbations. Ce domaine est confronté à un problème de passage à l'échelle, en particulier lorsqu'il s'agit de modéliser les possibles interactions moléculaires entre des centaines de bactéries et leur hôte à partir de données lacunaires. Dans cet exposé, nous expliquerons comment une approche basée sur du raisonnement symbolique et de la résolution de problème combinatoire permet de combler les lacunes des approches usuellement utilisées pour identifier des systèmes dynamiques, dans le but de faire progresser la connaissance biologique.

Semaine intersemestrielle

Pas de séminaire

Mercredi 29 Janvier 2020

Présentation des stages de L3 et des cours de second semestre (pour les étudiants de L3)

Pierre Senellart

Mercredi 15 Janvier 2020 à 17h00

Salle Henri Cartan

2019

Quantum Protocol Zoo

Elham Kashefi (UPMC / Lip6, Paris)

Mercredi 11 Décembre 2019 à 17h00

Salle Henri Cartan

Future information and communication networks will certainly consist of both classical and quantum devices, some of which are expected to be dishonest, with various degrees of functionality, ranging from simple routers to servers executing quantum algorithms. Most of the technology required to achieve advanced stages of a quantum internet is still in its infancy, hence it is very hard to predict the potential use cases. Several applications, however, have already been characterized depending on the different stages of a quantum network such as secure delegated quantum computing, quantum key distribution, clock synchronization, leader election, quantum digital signatures, quantum money among others. Such applications promise to impact and transform the society on multiple levels including communication, accessing information and security. Therefore, it would be extremely useful to have a standard framework to describe the protocols that are relevant to quantum internet such that they become available to the diverse quantum information science community. We take the first step in this direction and call such an initiative: The Quantum Protocol Zoo which consists of an organised collection of protocols that could be implemented (or simulated) in the coming years. In this lecture I present an overview of the filed through this new platform of interaction with various communities contributing to it.

Présentation des M2 aux étudiants (pour les étudiants de M1)

Pierre Senellart

Mercredi 04 Décembre 2019

Salle U/V

Réunion Stages M1

Marc Pouzet

Mercredi 13 Novembre 2019 à 17h00

Salle Henri-Cartan

Vacances de la Toussaint

Pas de séminaire

Mercredi 30 Octobre 2019

Bridging synchrony and asynchrony

Cezara Dragoi (DI / Antique)

Mercredi 02 Octobre 2019 à 17h00

Salle Henri Cartan

Fault-tolerant distributed protocols play an important role in many critical/high-availability applications. The literature distinguishes two main classes: asynchronous vs. synchronous protocols, based on the semantics of the parallel composition. Asynchronous protocols are crucial parts of many distributed systems because networks are natively asynchronous and so these algorithms have better performance when compared against the synchronous ones. However, their correctness is very hard to obtain, due to the challenges of concurrency, faults (message loss or process crash), buffered message queues, and message re-ordering at the network. In contrast, reasoning about synchronous protocols is simpler, as they are structured in rounds and one only has to consider specific global states at round boundaries. Therefore, synchronous algorithms are less error prone and formal verification becomes tractable. The question we address in this talk is how to connect these worlds, such that we can take advantage of the more-understandable and verifiable synchronous protocols when reasoning about asynchronous protocols.

(Formal) Models for Hardware/Software Systems: Why, What and How?

Florence Maraninchi (VERIMAG, Grenoble).

Lundi 16 Septembre 2019 à 09h45

Amphithéâtre Dussane

The notion of a /model/ is well known in physics (a set of mathematical equations that help understand and predict a natural phenomenon), or in formal logic and /model-checking/ (a purely abstract object), but what does it mean for hardware/software systems (which are neither purely abstract nor natural objects) and what's the intended use of such hardware/software models?

We will explain what it means to design abstract models for hardware/software systems, the intrinsic trade-off between exploitability (simulation speed for instance) and the level of details included in the model, and how to use these models for simulation and validation purposes.

The emphasis will be on defining operational models of the hardware, on which real software can be executed. This approach is used for the early exploration and validation of a hardware/software system, w.r.t. its functional and extra-functional properties like energy consumption.

Graph rewriting as models for molecular biology

Jean KRIVINE (CNRS researcher at IRIF)

Mercredi 22 Mai 2019 à 17h00

Salle Henri Cartan, 2e sous sol, Aile Rataud, École normale supérieure, 45 rue d'Ulm, 75005 Paris.

Models that can be turned into physical systems are usually called programs, while those that are obtained by studying a pre-existing system are usually called abstractions. Thus, programs and abstractions are classes of models that are distinguished by their lineage to systems: programs beget systems, while abstractions are derived from them. Modelling can therefore be defined as the art of inferring “well behaved” abstractions of systems, while programming is the activity of producing systems that are “well-behaved” with respect to their original model. Proving that programs are “sound” with respect to a system is the aim of the well established discipline of program verification. Interestingly, claiming that a system’s abstraction is valid is always relative to an abstraction barrier, and often a disputable statement in the context of evolved systems, for which no specification is at hand. In Biology, good abstractions are generally those that reproduce data well. It is therefore difficult to “prove” that an abstraction is correct because an infinite amount of tests would be needed to assert this. In this presentation we advocate the idea that a biological model should be considered correct when it has been provably obtained by integration of falsifiable data. In this context, we present an “executable knowledge representation” of biological mechanisms in the form of a graph rewriting language named Kappa. After a brief introduction to molecular biology, we will discuss expressiveness and algorithmic issues of graph rewriting techniques.

Surely there's no ethics in mathematics or computer science?

Maurice CHIODO (University of Cambridge, UK)

Mercredi 27 Mars 2019 à 17h00

Salle Henri Cartan, 2e sous sol, Aile Rataud, École normale supérieure, 45 rue d'Ulm, Paris 5ème.

Mathematics is both the language and the instrument that connects our abstract understanding with the physical world, and computer science is the mechanism we use to realise the full potential of our mathematics. Anyone with an aptitude and training in one invariably has an understanding of the other. Together, these two intrinsically-linked disciplines run practically everything in our society. Thus, knowledge of these quickly translates to substantial knowledge and influence on the way the world works. But those who have the greatest ability to understand and manipulate the world hold the greatest capacity to do damage and inflict harm. In this talk I’ll explain that yes, there is ethics in mathematics and computer science, and that it is up to us as the ones wielding these abstract technical tools to make good ethical choices, in order to prevent our work from becoming harmful.

Réunion stages de L3

Pierre SENELLART

Mercredi 27 Février 2019 à 17h00

Salle Henri Cartan, 2e sous sol, Aile Rataud, École normale supérieure, 45 rue d'Ulm, 75005 Paris.

pour les normaliens en L3 d informatique ou L3 info et L3 maths en 2018-2019

Dynamic graph algorithms and complexity

Danupon NA NONGKAI (KTH Royal Institute of Technology, Suède) invité scientifique de l'ENS

Mercredi 13 Février 2019 à 17h00

Salle Henri Cartan, 2e sous sol, Aile Rataud, École normale supérieure, 45 rue d'Ulm, 75005 Paris.

In this talk I will attempt to answer the following questions I have been asked quite often: What are the current challenges in dynamic graph algorithms? What are good starting points for people who want to try working in this field? The talk will focus on challenges for basic graph problems (e.g. connectivity, shortest paths, maximum matching), and will survey some existing upper and lower bound results and techniques.

Présentations cours maths 2e semestre

Mercredi 23 Janvier 2019 à 17h00

Salle Henri Cartan, 2e sous sol, Aile Rataud, École normale supérieure, 45 rue d'Ulm, Paris 5ème

Présentations cours informatique 2e semestre

Mercredi 09 Janvier 2019 à 17h00

Salle Henri Cartan, 2e sous sol, Aile Rataud, École normale supérieure, 45 rue d'Ulm, Paris 5ème

2018

Présentation des masters M2 informatique

Pierre SENELLART

Mercredi 12 Décembre 2018 à 17h00

Salle Henri Cartan, 2e sous sol, Aile Rataud, École normale supérieure, 45 rue d'Ulm, Paris 5ème.

Continuous models of computation: computability, complexity, universality

Amaury POULY (The Max Planck Institute)

Mercredi 28 Novembre 2018 à 17h00

Salle Henri Cartan, 2e sous sol, Aile Rataud, École normale supérieure, 45 rue d'Ulm, Paris 5ème

In 1941, Claude Shannon introduced a continuous-time analog model of computation, namely the General Purpose Analog Computer (GPAC). The GPAC is a physically feasible model in the sense that it can be implemented in practice through the use of analog electronics or mechanical devices. It can be proved that the functions computed by a GPAC are precisely the solutions of a special class of differential equations where the right-hand side is a polynomial. Analog computers have since been replaced by digital counterpart. Nevertheless, one can wonder how the GPAC could be compared to Turing machines.

A few years ago, it was shown that Turing-based paradigms and the GPAC have the same computational power. However, this result did not shed any light on what happens at a computational complexity level. In other words, analog computers do not make a difference about what can be computed; but maybe they could compute faster than a digital computer. A fundamental difficulty of continuous-time model is to define a proper notion of complexity. Indeed, a troubling problem is that many models exhibit the so-called Zeno's phenomenon, also known as space-time contraction.

In this talk, I will present results from my thesis that give several fundamental contributions to these questions. We show that the GPAC has the same computational power as the Turing machine, at the complexity level. We also provide as a side effect a purely analog, machine- independent characterization of P and Computable Analysis.

I will present some recent work on the universality of polynomial differential equations. We show that when we impose no restrictions at all on the system, it is possible to build a fixed equation that is universal in the sense it can approximate arbitrarily well any continuous curve over R, simply by changing the initial condition of the system.

If time allows, I will also mention some recent application of this work to show that chemical reaction networks are strongly Turing complete with the differential semantics.

Introduction pratique à la compression

Pascal Massimino (Google)

Mercredi 14 Novembre 2018 à 17h00

Salle Henri Cartan, 2e sous sol, Aile Rataud, École normale supérieure, 45 rue d'Ulm, Paris 5ème.

Récemment, le domaine de la compression a vu de nouveaux développements survenir à la suite de l'introduction des systèmes numériques asymétriques (ANS) par J.Duda. Nous nous proposons de revisiter les concepts sous-jacents dans une version simplifiée de cette publication initiale. Ce sera l'occasion d'un tour d'horizon ludique du domaine de la compression, vue principalement du coté ingénierie: information, communication, codage, etc."

Reactive Probabilistic Programming

Louis MANDEL (IBM Watson, NY)

Mercredi 17 Octobre 2018 à 17h00

Salle Henri Cartan, 2e sous sol, Aile Rataud, École normale supérieure, 45 rue d'Ulm, Paris 5ème.

The idea of Probabilistic Programming is to use the expressiveness of programming languages to build probabilistic models. To implement this idea, a common approach is to take a general purpose language and extend it with (1) a function that allows to sample a value from a distribution, (2) a function that allows to condition values of variables in a program via observations, and (3) an inference procedure that build a distribution for a program using the two previous constructs.

Following this approach, we propose to extends a reactive programming language with probabilistic constructs. This new language enables the modeling of probabilistic reactive systems, that is, probabilistic models in constant interaction with their environment. Examples of such systems include time-series prediction, agent-based systems, or infrastructure self-tuning.

To demonstrate this approach, we started from ReactiveML, a reactive extension of OCaml that supports parallel composition of processes, communication through signals, preemption, and suspension. We extend the language with classic probabilistic constructs (sample, factor la WebPPL) and propose an inference scheme for reactive processes, that are, non-terminating functions.

This is a join work with Guillaume Baudart, Martin Hirzel, Kiran Kate, and Avraham Shinnar.

Formal Verification of Avionics Software

David Delmas (Airbus)

Mercredi 10 Octobre 2018 à 17h00

Salle Henri Cartan, 2e sous sol, Aile Rataud, École normale supérieure, 45 rue d'Ulm, Paris 5ème.

Verification activities are liable for about 70% of the overall effort in the development of critical avionics software. Considering the steady increase in size and complexity of this kind of software, classical V&V processes, based on massive testing campaigns and complementary intellectual reviews and analyses, no longer scale up within reasonable costs.

On the other hand, some formal verification techniques have been shown to cope with real-world industrial software, while improving automation. Such techniques have therefore been introduced into avionics verification processes, in order to replace or complement legacy methods.

We will show which formal methods are being used, and how industrial processes are being transformed to take advantage of them, i.e. improve industrial efficiency while maintaining the safety and reliability of avionics systems.

From Physical Timing Requirements to Certifiable Real-Time Systems: How to capture requirements and generate correct real-time programs?

Florence Maraninchi (Grenoble INP / Ensimag)

Mercredi 11 Avril 2018 à 17h00

Salle Henri Cartan, 2e sous sol, Aile Rataud, École normale supérieure, 45 rue d'Ulm, Paris 5ème.

Working on various industrial case-studies in the past decade, we realized that, given the very quick evolution of hardware platforms, and the growing complexity of embedded software, it is, more than ever, necessary to start with a very general point of view. On one hand we need to understand the physical timing constraints and tolerances as determined by control engineers for a given application (sampling frequencies and jitters, end-to_end latencies, etc.), without mentioning software entities like tasks or scheduling. On the other hand we need to characterize precisely the computation and communication performances of a given execution platform, and assess their predictability. Designing the implementation means finding space and time allocations for the application functional parts, in such a way that the physical constraints are met by construction, and in a provable way for certification authorities. We will use examples with the Kalray MPPA, to illustrate the nature and specification of the timing constraints, the implementation schemes, and how the constraints can be met.

Peeling Onions at ENS

Lunar (Jérémy Bobbio) and George Kadianakis (Tor project)

Mercredi 28 Février 2018 à 17h30

Salle Henri Cartan, 2e sous sol, Aile Rataud, École normale supérieure, 45 rue d'Ulm, Paris 5ème

Tor is a way to access the Internet securely and privately.
It's a way to escape the everyday surveillance that companies and governments have been imposing to people. In this talk we are going to present Tor, as a software and as an organization, as well as give an overview of new features that have been in development lately.

Modeling biological "big mechanisms"

Jean Krivine (IRIF)

Mercredi 21 Février 2018 à 17h00

Salle Henri Cartan, 2e sous sol, Aile Rataud, École normale supérieure, 45 rue d'Ulm, Paris 5ème

“Big mechanisms are large, explanatory models of complicated systems in which interactions have important causal effects. The collection of big data is increasingly automated, but the creation of big mechanisms remains a human endeavor made increasingly difficult by the fragmentation and distribution of knowledge. To the extent that the construction of big mechanisms can be automated, it could change how science is done”. Paul Cohen, DARPA 2014.
If biological big data has underlying “big mechanisms”, there is little hope that any mental construction can ever comprehend these “large explanatory models”. Moreover, because of the combinatorics of protein-protein interactions, no static map, database, or ontology list, can suffice to complement human brains in the design of these models. These simple observations have taken a large swath of molecular biologists away from any (formal or semi-formal) modeling activity. Most experimental biologists give little credit to existing models, which they know are partial, outdated and have little predictive power. Yet, while rejecting models, experimental biologists have to rely on implicit mental constructs in order to decide which experiment to set up. Thus every biologist has a model, either implicitly or explicitly. In this presentation, we argue that the lack of success story of formal models in Systems biology is not due to the impossibility of having accurate and u! seful models, but rather to the fact that one is confusing models of interactions with explanations of biological functions. Our approach is to view models as programs and biological functions as computations. If models are to be treated as programs what language one should use to assemble them is a critical point. In this talk we will present the issue of modeling biological "big mechanisms": i.e, protein-protein interaction networks whose specification is too combinatorial to be explicitly represented. In particular we will discuss the lessons that can be learned from the DARPA "BIGMEC" project, in which we took part, and that involved conjuncts efforts from A.I experts, biologists and language theory computer scientists.