Semantics of programming languages: structures and techniques
Semantics of programming languages: structures and techniques
Secrecy by typing in security protocols
Journal of the ACM (JACM)
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Using encryption for authentication in large networks of computers
Communications of the ACM
Protection in programming languages
Communications of the ACM
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
TAPS: A First-Order Verifier for Cryptographic Protocols
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Authenticity by typing for security protocols
Journal of Computer Security - Special issue on CSFW14
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A Computationally Sound Mechanized Prover for Security Protocols
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Verified Interoperable Implementations of Security Protocols
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Types and effects for asymmetric cryptographic protocols
Journal of Computer Security - Special issue on CSFW15
Breaking and fixing public-key Kerberos
Information and Computation
Verified implementations of the information card federated identity-management protocol
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Cryptographically verified implementations for TLS
Proceedings of the 15th ACM conference on Computer and communications security
ASPIER: An Automated Framework for Verifying Security Protocol Implementations
CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
Cryptographic protocol analysis on real c code
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Implementation and performance evaluation of the RSEP protocol on ARM and intel platforms
Proceedings of the 3rd international conference on Security of information and networks
Compositional System Security with Interface-Confined Adversaries
Electronic Notes in Theoretical Computer Science (ENTCS)
Computationally sound verification of source code
Proceedings of the 17th ACM conference on Computer and communications security
A theory of design-by-contract for distributed multiparty interactions
CONCUR'10 Proceedings of the 21st international conference on Concurrency theory
Refinement types for secure implementations
ACM Transactions on Programming Languages and Systems (TOPLAS)
Typechecking higher-order security libraries
APLAS'10 Proceedings of the 8th Asian conference on Programming languages and systems
Cryptographic verification by typing for a sample protocol implementation
Foundations of security analysis and design VI
Computer-aided security proofs for the working cryptographer
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Secure distributed programming with value-dependent types
Proceedings of the 16th ACM SIGPLAN international conference on Functional programming
Modular code-based cryptographic verification
Proceedings of the 18th ACM conference on Computer and communications security
Type-based automated verification of authenticity in asymmetric cryptographic protocols
ATVA'11 Proceedings of the 9th international conference on Automated technology for verification and analysis
Self-certification: bootstrapping certified typecheckers in F* with Coq
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Formally based semi-automatic implementation of an open security protocol
Journal of Systems and Software
A unified formal model for service oriented architecture to enforce security contracts
Proceedings of the 11th annual international conference on Aspect-oriented Software Development Companion
Union and intersection types for secure protocol implementations
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Formal analysis of the EMV protocol suite
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Verifying implementations of security protocols by refinement
VSTTE'12 Proceedings of the 4th international conference on Verified Software: theories, tools, experiments
Security protocol verification: symbolic and computational models
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Verifying cryptographic code in c: some experience and the csec challenge
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Computational verification of C protocol implementations by symbolic execution
Proceedings of the 2012 ACM conference on Computer and communications security
Logical foundations of secure resource management in protocol implementations
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Probabilistic relational verification for cryptographic implementations
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
Journal of Computer Security - Foundational Aspects of Security
Efficient construction of machine-checked symbolic protocol security proofs
Journal of Computer Security
Hi-index | 0.00 |
We propose a method for verifying the security of protocol implementations. Our method is based on declaring and enforcing invariants on the usage of cryptography. We develop cryptographic libraries that embed a logic model of their cryptographic structures and that specify preconditions and postconditions on their functions so as to maintain their invariants. We present a theory to justify the soundness of modular code verification via our method. We implement the method for protocols coded in F# and verified using F7, our SMT-based typechecker for refinement types, that is, types carrying formulas to record invariants. As illustrated by a series of programming examples, our method can flexibly deal with a range of different cryptographic constructions and protocols. We evaluate the method on a series of larger case studies of protocol code, previously checked using whole-program analyses based on ProVerif, a leading verifier for cryptographic protocols. Our results indicate that compositional verification by typechecking with refinement types is more scalable than the best domain-specific analysis currently available for cryptographic code.