Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Logical and mathematical reasoning about imperative programs: preliminary report
POPL '85 Proceedings of the 12th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Certification of programs for secure information flow
Communications of the ACM
An axiomatic basis for computer programming
Communications of the ACM
JML (poster session): notations and tools supporting detailed design in Java
OOPSLA '00 Addendum to the 2000 proceedings of the conference on Object-oriented programming, systems, languages, and applications (Addendum)
The SLAM project: debugging system software via static analysis
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A Type-Based Approach to Program Security
TAPSOFT '97 Proceedings of the 7th International Joint Conference CAAP/FASE on Theory and Practice of Software Development
A Semantic Approach to Secure Information Flow
MPC '98 Proceedings of the Mathematics of Program Construction
Simple relational correctness proofs for static analyses and program transformations
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Secure Information Flow by Self-Composition
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Stack-based access control and secure information flow
Journal of Functional Programming
Simplify: a theorem prover for program checking
Journal of the ACM (JACM)
Enforcing robust declassification and qualified robustness
Journal of Computer Security - Special issue on CSFW17
A Cryptographic Decentralized Label Model
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
ACM Computing Surveys (CSUR)
The Why/Krakatoa/Caduceus platform for deductive program verification
CAV'07 Proceedings of the 19th international conference on Computer aided verification
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
The spec# programming system: an overview
CASSIS'04 Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
A design for a security-typed language with certificate-based declassification
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Privacy-sensitive information flow with JML
CADE' 20 Proceedings of the 20th international conference on Automated Deduction
Secure information flow as a safety problem
SAS'05 Proceedings of the 12th international conference on Static Analysis
From coupling relations to mated invariants for checking information flow
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Formal verification of side-channel countermeasures using self-composition
Science of Computer Programming
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Hi-index | 0.00 |
We apply state-of-the art deductive verification tools to check security-relevant properties of cryptographic software, including safety, absence of error propagation, and correctness with respect to reference implementations. We also develop techniques to help us in our task, focusing on methods oriented towards increased levels of automation, in scenarios where there are clear obvious limits to such automation. These techniques allow us to integrate automatic proof tools with an interactive proof assistant, where the latter is used off-line to prove once-and-for-all fundamental lemmas about properties of programs. The techniques developed have independent interest for practical deductive verification in general.