Article

Guiding a General-Purpose C Verifier to Prove Cryptographic Protocols

Authors:

Francois Dupressoir,

Andrew D. Gordon,

Jan Jurjens,

David A. NaumannAuthors Info & Claims

CSF '11: Proceedings of the 2011 IEEE 24th Computer Security Foundations Symposium

Pages 3 - 17

https://doi.org/10.1109/CSF.2011.8

Published: 27 June 2011 Publication History

Abstract

We describe how to verify security properties of C code for cryptographic protocols by using a general-purpose verifier. We prove security theorems in the symbolic model of cryptography. Our techniques include: use of ghost state to attach formal algebraic terms to concrete byte arrays and to detect collisions when two distinct terms map to the same byte array, decoration of a crypto API with contracts based on symbolic terms, and expression of the attacker model in terms of C programs. We rely on the general-purpose verifier VCC, we guide VCC to prove security simply by writing suitable header files and annotations in implementation files, rather than by changing VCC itself. We formalize the symbolic model in Coq in order to justify the addition of axioms to VCC.

Cited By

View all

Vanhoef MPiessens FRossow CYounan Y(2018)Symbolic execution of security protocol implementationsProceedings of the 12th USENIX Conference on Offensive Technologies10.5555/3307423.3307436(13-13)Online publication date: 13-Aug-2018
https://dl.acm.org/doi/10.5555/3307423.3307436
Backes MHriţcu CMaffei M(2014)Union, intersection and refinement types and reasoning about type disjointness for secure protocol implementationsJournal of Computer Security10.5555/2595841.259584522:2(301-353)Online publication date: 1-Mar-2014
https://dl.acm.org/doi/10.5555/2595841.2595845
Cortier VKremer S(2014)Formal Models and Techniques for Analyzing Security ProtocolsFoundations and Trends in Programming Languages10.1561/25000000011:3(151-267)Online publication date: 13-Nov-2014
https://dl.acm.org/doi/10.1561/2500000001
Show More Cited By

Guiding a General-Purpose C Verifier to Prove Cryptographic Protocols
1. Information systems
  1. Data management systems
    1. Data structures
      1. Data layout
2. Security and privacy

Recommendations

Action Language verifier: an infinite-state model checker for reactive software specifications

Action Language is a specification language for reactive software systems. In this paper, we present the syntax and the semantics of the Action Language and we also present an infinite-state symbolic model checker called Action Language Verifier (ALV) ...
Runtime verification of cryptographic protocols

There has been a significant amount of work devoted to the static verification of security protocol designs. Virtually all of these results, when applied to an actual implementation of a security protocol, rely on certain implicit assumptions on the ...
First-order verification of cryptographic protocols
CSFW13

We describe a verification method for cryptographic protocols, based on first-order invariants. For typical protocols, a suitable invariant can be generated mechanically from the program text, allowing safety properties to be proved by ordinary first-...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

CSF '11: Proceedings of the 2011 IEEE 24th Computer Security Foundations Symposium

June 2011

311 pages

ISBN:9780769543659

Publisher

IEEE Computer Society

United States

Publication History

Published: 27 June 2011

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

15
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 25 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Vanhoef MPiessens FRossow CYounan Y(2018)Symbolic execution of security protocol implementationsProceedings of the 12th USENIX Conference on Offensive Technologies10.5555/3307423.3307436(13-13)Online publication date: 13-Aug-2018
https://dl.acm.org/doi/10.5555/3307423.3307436
Backes MHriţcu CMaffei M(2014)Union, intersection and refinement types and reasoning about type disjointness for secure protocol implementationsJournal of Computer Security10.5555/2595841.259584522:2(301-353)Online publication date: 1-Mar-2014
https://dl.acm.org/doi/10.5555/2595841.2595845
Cortier VKremer S(2014)Formal Models and Techniques for Analyzing Security ProtocolsFoundations and Trends in Programming Languages10.1561/25000000011:3(151-267)Online publication date: 13-Nov-2014
https://dl.acm.org/doi/10.1561/2500000001
Barthe GBetarte GCampo JLuna CPichardie DAhn GYung MLi N(2014)System-level Non-interference for Constant-time CryptographyProceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security10.1145/2660267.2660283(1267-1279)Online publication date: 3-Nov-2014
https://dl.acm.org/doi/10.1145/2660267.2660283
Barthe GFournet CGrégoire BStrub PSwamy NZanella-Béguelin S(2014)Probabilistic relational verification for cryptographic implementationsACM SIGPLAN Notices10.1145/2578855.253584749:1(193-205)Online publication date: 8-Jan-2014
https://dl.acm.org/doi/10.1145/2578855.2535847
Barthe GFournet CGrégoire BStrub PSwamy NZanella-Béguelin SJagannathan SSewell P(2014)Probabilistic relational verification for cryptographic implementationsProceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages10.1145/2535838.2535847(193-205)Online publication date: 11-Jan-2014
https://dl.acm.org/doi/10.1145/2535838.2535847
Sun CWang ZWang G(2014)A property-based testing framework for encryption programsFrontiers of Computer Science: Selected Publications from Chinese Universities10.1007/s11704-014-3040-y8:3(478-489)Online publication date: 1-Jun-2014
https://dl.acm.org/doi/10.1007/s11704-014-3040-y
Polikarpova NFuria CPei YWei YMeyer BNotkin DCheng BPohl K(2013)What good are strong specifications?Proceedings of the 2013 International Conference on Software Engineering10.5555/2486788.2486823(262-271)Online publication date: 18-May-2013
https://dl.acm.org/doi/10.5555/2486788.2486823
Cadé DBlanchet B(2013)Proved generation of implementations from computationally secure protocol specificationsProceedings of the Second international conference on Principles of Security and Trust10.1007/978-3-642-36830-1_4(63-82)Online publication date: 16-Mar-2013
https://dl.acm.org/doi/10.1007/978-3-642-36830-1_4
Aizatulin MGordon AJürjens JYu TDanezis GGligor V(2012)Computational verification of C protocol implementations by symbolic executionProceedings of the 2012 ACM conference on Computer and communications security10.1145/2382196.2382271(712-723)Online publication date: 16-Oct-2012
https://dl.acm.org/doi/10.1145/2382196.2382271
Show More Cited By

View Options

View options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

Cited By

Recommendations

Action Language verifier: an infinite-state model checker for reactive software specifications

Runtime verification of cryptographic protocols

First-order verification of cryptographic protocols

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations