From computationally-proved protocol specifications to implementations

Proceedings - 2012 7th International Conference on Availability, Reliability and Security, ARES 2012

Volumn , Issue , 2012, Pages 65-74

  Cadé, David ^a   Blanchet, Bruno ^a  

^a ECOLE NORMALE SUPÉRIEURE   (France)

Author keywords

[No Author keywords available]

Indexed keywords

CBC-MODE ENCRYPTION; COMPUTATIONAL MODEL; PROTOCOL SPECIFICATIONS; SECURITY PROTOCOLS; SESSION KEY; TRANSPORT LAYER PROTOCOLS;

INTERNET PROTOCOLS; NETWORK SECURITY; PROGRAM COMPILERS;

SPECIFICATIONS;

EID: 84869450610     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ARES.2012.63     Document Type: Conference Paper

References (32)

1. B. Blanchet, "A computationally sound mechanized prover for security protocols," IEEE Transactions on Dependable and Secure Computing, vol. 5, no. 4, pp. 193-207, 2008.
2. -, "Computationally sound mechanized proofs of correspondence assertions," in CSF'07. IEEE, 2007, pp. 97-111.
3. B. Blanchet and D. Pointcheval, "Automated security proofs with sequences of games," in CRYPTO'06, ser. LNCS, vol. 4117. Springer, 2006, pp. 537-554.
4. D. Song, A. Perrig, and D. Phan, "AGVI - Automatic Generation, Verification, and Implementation of security protocols," in CAV'01, ser. LNCS, vol. 2102. Springer, 2001, pp. 241-245.
5. G. Milicia, "χ-spaces: Programming security protocols," in NWPT'02, 2002.
6. D. Pozza, R. Sisto, and L. Durante, "Spi2Java: Automatic cryptographic protocol Java code generation from spi calculus," in AINA'04, vol. 1. IEEE, 2004, pp. 400-405.
7. A. Pironti and R. Sisto, "Provably correct Java implementations of spi calculus security protocols specifications," Computers and Security, vol. 29, no. 3, pp. 302-314, 2010.
8. -, "An experiment in interoperable cryptographic protocol implementation using automatic code generation," in ISCC'07. IEEE, 2007, pp. 839-844.
9. M. Avalle, A. Pironti, R. Sisto, and D. Pozza, "The JavaSPI framework for security protocol implementation," in ARES'11. IEEE, 2011, pp. 746-751.
10. J. Goubault-Larrecq and F. Parrennes, "Cryptographic protocol analysis on real C code," in VMCAI'05, ser. LNCS, vol. 3385. Springer, 2005, pp. 363-379.
11. J. Jürjens, "Security analysis of crypto-based Java programs using automated theorem provers," in ASE'06. IEEE, 2006, pp. 167-176.
12. E. Poll and A. Schubert, "Verifying an implementation of SSH," in WITS'07, 2007.
13. S. Chaki and A. Datta, "ASPIER: An automated framework for verifying security protocol implementations," in CSF'09. IEEE, 2009, pp. 172-185.
14. F. Dupressoir, A. D. Gordon, J. Jürjens, and D. A. Naumann, "Guiding a general-purpose C verifier to prove cryptographic protocols," in CSF'11. IEEE, 2011, pp. 3-17.
15. K. Bhargavan, C. Fournet, A. Gordon, and S. Tse, "Verified interoperable implementations of security protocols," ACM TOPLAS, vol. 31, no. 1, 2008.
16. K. Bhargavan, R. Corin, C. Fournet, and E. Zǎlinescu, "Cryptographically verified implementations for TLS," in CCS'08. ACM, 2008, pp. 459-468.
17. N. O'Shea, "Using Elyjah to analyse Java implementations of cryptographic protocols," in FCS-ARSPA-WITS'08, 2008.
18. M. Aizatulin, A. D. Gordon, and J. Jürjens, "Extracting and verifying cryptographic models from C protocol code by symbolic execution," in CCS'11. ACM, 2011, pp. 331-340.
19. J. Bengtson, K. Bhargavan, C. Fournet, A. Gordon, and S. Maffeis, "Refinement types for secure implementations," ACM TOPLAS, vol. 33, no. 2, 2011.
20. K. Bhargavan, C. Fournet, and A. Gordon, "Modular verification of security protocol code by typing," in POPL'10. ACM, 2010, pp. 445-456.
21. N. Swamy, J. Chen, C. Fournet, P.-Y. Strub, K. Bharagavan, and J. Yang, "Secure distributed programming with value-dependent types," in ICFP'11. ACM, 2011, pp. 266-278.
22. C. Fournet, M. Kohlweiss, and P.-Y. Strub, "Modular code-based cryptographic verification," in CCS'11. ACM, 2011, pp. 341-350.
23. M. Backes, D. Hofheinz, and D. Unruh, "CoSP: A general framework for computational soundness proofs," in CCS'09. ACM, 2009, pp. 66-78.
24. M. Aizatulin, A. D. Gordon, and J. Jürjens, "Computational verification of C protocol implementations by symbolic execution," unpublished manuscript available at http://users.mct.open.ac.uk/ma4962/files/ computational2012-full.pdf.
25. T. Ylönen, "RFC 4251-4254: The Secure Shell (SSH) Protocol," 2006, http://www.ietf.org/rfc/rfc425[1-4].txt.
26. M. Bellare, T. Kohno, and C. Namprempre, "The secure shell (SSH) transport layer encryption modes," 2006, http://www.ietf.org/rfc/rfc4344. txt.
27. T. Kivinen and M. Kojo, "RFC 3526: More modular exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)," 2003, http://www.ietf.org/rfc/rfc3526.txt.
28. A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone, Handbook of Applied Cryptography. CRC Press, 1996.
29. M. Bellare, T. Kohno, and C. Namprempre, "Authenticated encryption in SSH: Provably fixing the SSH binary packet protocol," in CCS'02. ACM, 2002, pp. 1-11.
30. M. R. Albrecht, K. G. Paterson, and G. J. Watson, "Plaintext recovery attacks against SSH," in IEEE Symposium on Security and Privacy. IEEE, 2009, pp. 16-26.
31. M. Bellare, A. Desai, E. Jokipii, and P. Rogaway, "A concrete security treatment of symmetric encryption," in FOCS'97. IEEE, 1997, pp. 394-403.
32. K. G. Paterson and G. J. Watson, "Plaintext-dependent decryption: A formal security treatment of SSH-CTR," in Eurocrypt 2010, ser. LNCS, vol. 6110. Springer, 2010, pp. 345-361, full version available at http://eprint.iacr.org/2010/095.