Generating network security protocol implementations from formal specifications

IFIP Advances in Information and Communication Technology

Volumn 177, Issue , 2005, Pages 34-53

  Tobler, Benjamin ^a   Hutchison, Andrew C M ^a  

^a UNIVERSITY OF CAPE TOWN   (South Africa)

Author keywords

Code generation; Formal methods; Java; Process algebra; Prolog; Security; Spi calculus

Indexed keywords

CALCULATIONS; CODES (SYMBOLS); CRYPTOGRAPHY; FORMAL METHODS; FORMAL SPECIFICATION; NETWORK COMPONENTS; NETWORK PROTOCOLS; SPECIFICATIONS;

CODE GENERATION; JAVA; PROCESS ALGEBRAS; PROLOG; SPI CALCULUS;

NETWORK SECURITY;

EID: 84900395207     PISSN: 18684238     EISSN: None     Source Type: Book Series    
DOI: None     Document Type: Article

References (25)

1. [AG98] M. Abadi and A. D. Gordon. A Calculus for Cryptographic Protocols: The Spi Calculus. Technical Report SRC Research Report 149, Digital Systems Research Centre, 1998.
2. [BS99] E. Borger and W. Schulte. A programmer friendly modular definition of the semantics of java. In J. Alves-Foss, editor, Forma! Syntax and Semantics of Java, volume 1523 of Led. Notes in Comp. Sci., pages 353-404. Springer-Verlag, 1999.
3. [CERa] CERT. CERT{eth} Advisory CA-2003-26 Multiple Vulnerabilities in SSL/TLS Implementations.
4. [CERb] CERT. Microsoft private communication technology (pet) fails to properly validate message inputs.
5. [CERc] CERT. Vulnerability Note VU#104280 Multiple vulnerabilities in SSL/TLS implementations.
6. [CHP90] J. Bowen C. A. R. Hoare, H. Jifeng and P. Pandya. ESPRIT BRA 3104 ProCoS project: Provably Correci Systems. Technical report, Oxford University Computing Laboratory, 1990.
7. [Cra03] F. Crazzolara. Language, Semantics, and Methods for Security Protocols. PhD thesis. University of Aarhus, 2003.
8. [DenOO] G. Denker. Design of a CIL connector to Maude. In N. Hcintze H. Vcith and E. Clarke, editors. Workshop on Format Methods and Comuter Security. Carnegie Mellon University, July 2000.
9. [Did] X. Didelot. COSP-J: A Compile for Security Protocols. Master's thesis, Univer sity of Oxford.
10. [DPD04] Riccardo Sisto Davide Pozza and Luca Durante. Spi2Java: Automatic Cryptographic Protocol Java Code Generation from spi calculus. In 18th International Conference on Advanced Infomuition Networking and Applications (AINA'04) Volume 1, page 400. IEEE, 2004.
11. [DXSP01] Adrian Perrig Dawn Xiaodong Song and Doantam Phan. AGVI-Automatic Generation, Verification, and Implementation of Security Protocols. In Proceedings of the 13th International Conference on Computer Aided Verification, pages 241-245. Springer-Verlag, 2001.
12. [DYS 1] D. Dolev and A. C. Yao. On the security of public key protocols. Technical report, Stanford University, 1981.
13. [KDE] KDE. KDE Security Advisory: KDE 2. 2/Konqucror Embedded SSL vulnerability.
14. [LGY90] R. Needham L. Gong and R. Yahalom. Reasoning about belief in cryptographic protocols. In Deborah Cooper and Teresa Lunt, editors, Proceedings 1990 IEEE Symposium on Research in Security and Privacy, pages 234-248. IEEE Computer Society, 1990.
15. [Low95] G. Lowe. An attack on the needham-schroeder public-key authentication protocol. Information Processing Letters, 56(3): 131-133, 1995.
16. [Low96] G. Lowe. Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In Tools and Algorithms for the Construction and Analysis of Systems (TACAS), volume 1055. pages 147-166. Springer-Verlag. Berlin Germany, 1996.
17. [MBN96] M. Abadi M. Burrows and R. Needham. A logic of authentication, from proceedings of the royal society, volume 426, number 1871, 1989. In William Stallings, Practical Cryptography for Data Internetworks. IEEE Computer Society Press, 1996.
18. [MM01] J. Millcn and F. Muller. Cryptographic protocol generation from CAPSL. Technical Report SRI-CSL-01-07, SRI International, December 2001.
19. [Mor98] C. Morgan. Programming from specifications (2nd ed.). Prentice Hall International (UK) Ltd., 1998.
20. [MPW92] Robin Milner, Joachim Parrow, and David Walker. A calculus of mobile processes, Parts I and II. Journal of Information and Computation. 100(1): 1-40 and 41-77, 1992.
21. [PYS03] C. R. Ramakrishnan Ping Yang and Scott A. Smolka. A logical encoding of the pi-calculus: Model checking mobile processes using tabled resolution. In Verification, Model Checking and Abstract Interpretation (VMCAI), volume 2575 of Lecture Notes in Computer Science, pages 116-131, New York, NY, January 2003. Springer.
22. [SGS95] SGS-THOMSON Microelectronics Limiled. Occam 2. 1 reference manual. 1995.
23. [THG99] J. Thayer, J. Herzog, and J. Guttman. Strand spaces: Proving security protocols correct. Journal of Computer Security, 1999.
24. [WH99] M. W. Whalen and M. P. E. Heimdahl. On the requirements of high-inlegrity code generation. In Pivceedings of the Fourth IEEE High Assurance in Systems Engineering Workshop, November 1999.
25. [Wie03] J. Wielemaker. SWI-Prolog 5. 2. 10 Reference Manual, 2003.