Proved generation of implementations from computationally secure protocol specifications

Journal of Computer Security

Volumn 23, Issue 3, 2015, Pages 331-402

  Cadé, David ^a   Blanchet, Bruno ^a  

^a INRIA ROCQUENCOURT   (France)

Author keywords

compiler; computational model; Cryptographic protocol; CryptoVerif; implementation; OCaml; verification

Indexed keywords

COMPUTATION THEORY; COMPUTATIONAL METHODS; NETWORK SECURITY; PROGRAM COMPILERS; SPECIFICATIONS; VERIFICATION;

COMPILER; COMPUTATIONAL MODEL; CRYPTOGRAPHIC PROTOCOLS; CRYPTOVERIF; IMPLEMENTATION; OCAML;

MOBILE SECURITY;

EID: 84936762208     PISSN: 0926227X     EISSN: None     Source Type: Journal    
DOI: 10.3233/JCS-150524     Document Type: Conference Paper

References (20)

1. http://research.microsoft.com/en-us/projects/cvk/.
2. M. Aizatulin, A.D. Gordon and J. Jürjens, Extracting and verifying cryptographic models from C protocol code by symbolic execution, in: CCS'11, ACM, New York, 2011, pp. 331-340.
3. M. Aizatulin, A.D. Gordon and J. Jürjens, Computational verification of C protocol implementations by symbolic execution, in: CCS'12, ACM, New York, 2012, pp. 712-723.
4. J.B. Almeida, M. Barbosa, G. Barthe and F. Dupressoir, Certified computer-aided cryptography: Efficient provably secure machine code from high-level implementations, in: ACMSIGSAC Conference on Computer and Communications Security (CCS'13), Berlin, Germany, November 2013, ACM, 2013, pp. 1217-1230.
5. J. Bengtson, K. Bhargavan, C. Fournet, A. Gordon and S. Maffeis, Refinement types for secure implementations, ACM TOPLAS 33(2) (2011), Article No. 8.
6. K. Bhargavan, C. Fournet, A. Gordon and S. Tse, Verified interoperable implementations of security protocols, ACM TOPLAS 31(1) (2008), Article No. 5.
7. B. Blanchet, A computationally sound mechanized prover for security protocols, IEEE Transactions on Dependable and Secure Computing 5(4) (2008), 193-207.
8. B. Blanchet, Automatically verified mechanized proof of one-encryption key exchange, in: CSF'12, IEEE, Los Alamitos, 2012, pp. 325-339.
9. B. Blanchet and D. Pointcheval, Automated security proofs with sequences of games, in: CRYPTO'06, LNCS, Vol. 4117, Springer, 2006, pp. 537-554.
10. D. Cadé and B. Blanchet, From computationally-proved protocol specifications to implementations and application to SSH, Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA) 4(1) (2013), 4-31.
11. D. Cadé and B. Blanchet, Proved generation of implementations from computationally-secure protocol specifications, in: 2nd Conference on Principles of Security and Trust (POST 2013), Rome, Italy, March 2013, D. Basin and J. Mitchell, eds, LNCS, Vol. 7796, Springer, 2013, pp. 63-82.
12. S. Chaki and A. Datta, ASPIER: An automated framework for verifying security protocol implementations, in: CSF'09, IEEE, Los Alamitos, 2009, pp. 172-185.
13. R. Corin and F.A. Manzano, Efficient symbolic execution for analysing cryptographic protocol implementations, in: Engineering Secure Software and Systems (ESSoS'11), Madrid, Spain, February 2011, Ú. Erlingsson, R.Wieringa and N. Zannone, eds, LNCS, Vol. 6542, Springer, 2011, pp. 58-72.
14. F. Dupressoir, A.D. Gordon, J. Jürjens and D.A. Naumann, Guiding a general-purpose C verifier to prove cryptographic protocols, in: CSF'11, IEEE, Los Alamitos, 2011, pp. 3-17.
15. C. Fournet, M. Kohlweiss and P.-Y. Strub, Modular code-based cryptographic verification, in: CCS'11, ACM, New York, 2011, pp. 341-350.
16. G. Milicia, Spaces: Programming security protocols, in: NWPT'02, 2002.
17. S. Owens, A sound semantics for OCaml light, in: ESOP'08, S. Drossopoulou, ed., LNCS, Vol. 4960, Springer, Heidelberg, 2008, pp. 1-15.
18. S. Owens, G. Peskine and P. Sewell, A formal specification for OCaml: The core language, 2008, available at: http://www. cl.cam.ac.uk/~so294/ocaml/caml-typedef.pdf.
19. A. Pironti and R. Sisto, Provably correct Java implementations of Spi Calculus security protocols specifications, Computers and Security 29(3) (2010), 302-314.
20. N. Swamy, J. Chen, C. Fournet, P.-Y. Strub, K. Bharagavan and J. Yang, Secure distributed programming with valuedependent types, in: ICFP'11, ACM, New York, 2011, pp. 266-278.