Probabilistic relational verification for cryptographic implementations

Conference Record of the Annual ACM Symposium on Principles of Programming Languages

Volumn , Issue , 2014, Pages 193-205

  Barthe, Gilles ^a   Fournet, Cédric ^b   Grégoire, Benjamin ^c   Strub, Pierre Yves ^a   Swamy, Nikhil ^b   Zanella Béguelin, Santiago ^b  

^a IMDEA SOFTWARE INSTITUTE   (Spain)

^b MICROSOFT RESEARCH   (United States)

^c INRIA ^*  (United States)

Author keywords

probabilistic programming; program logics

Indexed keywords

CRYPTOGRAPHIC IMPLEMENTATION; DENOTATIONAL SEMANTICS; PROBABILISTIC LANGUAGE; PROBABILISTIC PROGRAMMING; PROGRAM LOGIC; RELATIONAL HOARE LOGIC; VERIFICATION CONDITION; VERIFICATION SYSTEMS;

CALCULATIONS; CRYPTOGRAPHY; JAVA PROGRAMMING LANGUAGE; NETWORK SECURITY; THEOREM PROVING;

PROBABILISTIC LOGICS;

EID: 84893437850     PISSN: 07308566     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2535838.2535847     Document Type: Conference Paper

References (47)

1. M. Abadi and C. Fournet. Private authentication. Theor. Comput. Sci., 322(3):427-476, 2004.
2. M. Aizatulin, A. D. Gordon, and J. Jürjens. Computational verification of C protocol implementations by symbolic execution. In CCS 2012, pages 712-723. ACM, 2012.
3. J. B. Almeida, M. Barbosa, G. Barthe, and F. Dupressoir. Certified computer-aided cryptography: efficient provably secure machine code from high-level implementations. In CCS 2013. ACM, 2013.
4. Also appears as Cryptology ePrint Archive, Report 2013/316.
5. A. W. Appel and D. A. McAllester. An indexed model of recursive types for foundational proof-carrying code. ACM Trans. Program. Lang. Syst., 23(5):657-683, 2001.
6. M. Arapinis, T. Chothia, E. Ritter, and M. Ryan. Analysing unlinkability and anonymity using the applied Pi calculus. In CSF 2010, pages 107-121. IEEE Computer Society, 2010.
7. P. Audebaud and C. Paulin-Mohring. Proofs of randomized algorithms in Coq. Sci. Comput. Program., 74(8):568-589, 2009.
8. G. Barthe, B. Grégoire, and S. Zanella-Béguelin. Formal certification of code-based cryptographic proofs. In POPL 2009, pages 90-101. ACM, 2009.
9. G. Barthe, B. Grégoire, S. Heraud, and S. Zanella-Béguelin. Computer-aided security proofs for the working cryptographer. In CRYPTO 2011, volume 6841 of Lecture Notes in Computer Science, pages 71-90. Springer, 2011.
10. G. Barthe, B. Grégoire, Y. Lakhnech, and S. Zanella- Béguelin. Beyond provable security. Verifiable IND-CCA security of OAEP. In CT-RSA 2011, volume 6558 of Lecture Notes in Computer Science, pages 180-196. Springer, 2011.
11. G. Barthe, B. Köpf, F. Olmedo, and S. Zanella-Béguelin. Probabilistic relational reasoning for differential privacy. In POPL 2012, pages 97-110. ACM, 2012.
12. N. Benton. Simple relational correctness proofs for static analyses and program transformations. In POPL 2004, pages 14-25. ACM, 2004.
13. K. Bhargavan, C. Fournet, and A. D. Gordon. Modular verification of security protocol code by typing. In POPL 2010, pages 445-456. ACM, 2010.
14. K. Bhargavan, C. Fournet, M. Kohlweiss, A. Pironti, and P.-Y. Strub. Implementing TLS with verified cryptographic security. In S&P 2013, pages 445-459. IEEE Computer Society, 2013.
15. B. Blanchet. Security protocol verification: Symbolic and computational models. In POST 2012, volume 7215 of Lecture Notes in Computer Science, pages 3-29. Springer, 2012.
16. J. Borgström, A. D. Gordon, M. Greenberg, J. Margetson, and J. V. Gael. Measure transformer semantics for bayesian machine learning. In ESOP 2011, volume 6602 of Lecture Notes in Computer Science, pages 77-96. Springer, 2011.
17. D. Cadé and B. Blanchet. From computationally-proved protocol specifications to implementations. In ARES 2012, pages 65-74. IEEE Computer Society, 2012.
18. R. Chadha, L. Cruz-Filipe, P. Mateus, and A. Sernadas. Reasoning about probabilistic sequential programs. Theor. Comput. Sci., 379(1-2):142-165, 2007. (Pubitemid 46726929)
19. S. Chaudhuri, S. Gulwani, and R. Lublinerman. Continuity and robustness of programs. Commun. ACM, 55(8):107-115, 2012.
20. T. Chothia and V. Smirnov. A traceability attack against e-passports. In FC 2010, volume 6052 of Lecture Notes in Computer Science, pages 20-34. Springer, 2010.
21. M. R. Clarkson and F. B. Schneider. Hyperproperties. J. of Comput. Sec., 18(6):1157-1210, 2010.
22. L. M. de Moura and N. Bjørner. Z3: An efficient SMT solver. In TACAS 2008, volume 4963 of Lecture Notes in Computer Science, pages 337-340. Springer, 2008.
23. F. Dupressoir, A. D. Gordon, J. Jürjens, and D. A. Naumann. Guiding a general-purpose C verifier to prove cryptographic protocols. In CSF 2011, pages 3-17. IEEE Computer Society, 2011.
24. Y. A. Feldman and D. Harel. A probabilistic dynamic logic. J. Comput. Syst. Sci., 28(2):193-215, 1984.
25. C. Fournet, M. Kohlweiss, and P.-Y. Strub. Modular code-based cryptographic verification. In CCS 2011, pages 341-350. ACM, 2011.
26. J. A. Goguen and J. Meseguer. Security policies and security models. In S&P 1982, pages 11-20. IEEE Computer Society, 1982.
27. G. Gonthier, A. Mahboubi, and E. Tassi. A small scale reflection extension for the Coq system. Technical Report RR-6455, INRIA, 2008.
28. J. Hurd, A. McIver, and C. Morgan. Probabilistic guarded commands mechanized in HOL. Theor. Comput. Sci., 346(1):96-112, 2005. (Pubitemid 41606836)
29. B. Jonsson, W. Yi, and K. G. Larsen. Probabilistic extensions of process algebras. In Handbook of Process Algebra, pages 685-710. Elsevier, 2001.
30. O. Kiselyov and C.-c. Shan. Embedded probabilistic programming. In DSL 2009, volume 5658 of Lecture Notes in Computer Science, pages 360-384. Springer, 2009.
31. D. Kozen. A probabilistic PDL. J. Comput. Syst. Sci., 30(2):162-178, 1985.
32. R. Küsters, T. Truderung, and J. Graf. A framework for the cryptographic verification of Java-like programs. In CSF 2012, pages 198-212. IEEE Computer Society, 2012.
33. J. McCarthy. Towards a mathematical science of computation. In IFIP Congress, pages 21-28, 1962.
34. A. McIver and C. Morgan. Abstraction, Refinement, and Proof for Probabilistic Systems. Monographs in Computer Science. Springer, 2005.
35. A. Nanevski, G. Morrisett, A. Shinnar, P. Govereau, and L. Birkedal. Ynot: dependent types for imperative programs. In ICFP 2008, pages 229-240. ACM, 2008.
36. S. Park, F. Pfenning, and S. Thrun. A probabilistic language based upon sampling functions. In POPL 2005, pages 171-182. ACM, 2005.
37. T. P. Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In CRYPTO '91, volume 576 of Lecture Notes in Computer Science, pages 129-140. Springer, 1991.
38. N. Ramsey and A. Pfeffer. Stochastic lambda calculus and monads of probability distributions. In POPL 2002, pages 154-165. ACM, 2002.
39. J. H. Reif. Logics for probabilistic programming (extended abstract). In STOC 1980, pages 8-13. ACM, 1980.
40. B. Reus and N. Charlton. A guide to program logics for higher-order store, 2012. Unpublished manuscript.
41. A. Rial and G. Danezis. Privacy-preserving smart metering. In WPES 2011, pages 49-60. ACM, 2011.
42. A. Sabelfeld and A. C. Myers. Language-based information-flow security. IEEE Journal on Selected Areas in Communications, 21(1):5-19, 2003.
43. G. Stewart, A. Banerjee, and A. Nanevski. Dependent types for enforcement of information flow and erasure policies in heterogeneous data structures. In PPDP 2013, pages 145-156. ACM, 2013.
44. P.-Y. Strub, N. Swamy, C. Fournet, and J. Chen. Self-certification: Bootstrapping certified typecheckers in F*with Coq. In POPL 2012, pages 571-584. ACM, 2012.
45. K. Svendsen, L. Birkedal, and A. Nanevski. Partiality, state and dependent types. In TLCA 2011, pages 198-212. Springer, 2011.
46. N. Swamy, J. Chen, C. Fournet, P.-Y. Strub, K. Bhargavan, and J. Yang. Secure distributed programming with value-dependent types. In ICFP 2011, pages 266-278. ACM, 2011.
47. N. Swamy, J. Weinberger, C. Schlesinger, J. Chen, and B. Livshits. Verifying higher-order programs with the Dijkstra monad. In PLDI 2013, pages 387-398. ACM, 2013.