Semantics of programming languages: structures and techniques
Semantics of programming languages: structures and techniques
A calculus for cryptographic protocols: the spi calculus
Proceedings of the 4th ACM conference on Computer and communications security
The inductive approach to verifying cryptographic protocols
Journal of Computer Security
Mobile values, new names, and secure communication
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Semantics and Program Analysis of Computationally Secure Information Flow
ESOP '01 Proceedings of the 10th European Symposium on Programming Languages and Systems
Formal Eavesdropping and Its Computational Interpretation
TACS '01 Proceedings of the 4th International Symposium on Theoretical Aspects of Computer Software
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Cryptographic protocols
A composable cryptographic library with nested operations
Proceedings of the 10th ACM conference on Computer and communications security
Symmetric Encryption in a Simulatable Dolev-Yao Style Cryptographic Library
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
A Computationally Sound Mechanized Prover for Security Protocols
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Verified Interoperable Implementations of Security Protocols
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Cryptographically Sound Theorem Proving
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
The reactive simulatability (RSIM) framework for asynchronous systems
Information and Computation
Refinement Types for Secure Implementations
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
On the security of multi-party ping-pong protocols
SFCS '83 Proceedings of the 24th Annual Symposium on Foundations of Computer Science
Computational soundness of observational equivalence
Proceedings of the 15th ACM conference on Computer and communications security
Cryptographically verified implementations for TLS
Proceedings of the 15th ACM conference on Computer and communications security
ASPIER: An Automated Framework for Verifying Security Protocol Implementations
CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
CoSP: a general framework for computational soundness proofs
Proceedings of the 16th ACM conference on Computer and communications security
Modular verification of security protocol code by typing
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Guessing attacks and the computational soundness of static equivalence
FOSSACS'06 Proceedings of the 9th European joint conference on Foundations of Software Science and Computation Structures
Cryptographically sound implementations for communicating processes
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Computationally sound implementations of equational theories against passive adversaries
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Cryptographic protocol analysis on real c code
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Completing the picture: soundness of formal encryption in the presence of active adversaries
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Refinement types for secure implementations
ACM Transactions on Programming Languages and Systems (TOPLAS)
Cryptographic verification by typing for a sample protocol implementation
Foundations of security analysis and design VI
Computer-aided security proofs for the working cryptographer
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Modular code-based cryptographic verification
Proceedings of the 18th ACM conference on Computer and communications security
Union and intersection types for secure protocol implementations
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Security protocol verification: symbolic and computational models
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Computational soundness without protocol restrictions
Proceedings of the 2012 ACM conference on Computer and communications security
Computational verification of C protocol implementations by symbolic execution
Proceedings of the 2012 ACM conference on Computer and communications security
JavaSPI: A Framework for Security Protocol Implementation
International Journal of Secure Software Engineering
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Journal of Computer Security - Foundational Aspects of Security
Hi-index | 0.00 |
Increasing attention has recently been given to the formal verification of the source code of cryptographic protocols. The standard approach is to use symbolic abstractions of cryptography that make the analysis amenable to automation. This leaves the possibility of attacks that exploit the mathematical properties of the cryptographic algorithms themselves. In this paper, we show how to conduct the protocol analysis on the source code level (F# in our case) in a computationally sound way, i.e., taking into account cryptographic security definitions. We build upon the prominent F7 verification framework (Bengtson et al., CSF 2008) which comprises a security type-checker for F# protocol implementations using symbolic idealizations and the concurrent lambda calculus RCF to model a core fragment of F#. To leverage this prior work, we give conditions under which symbolic security of RCF programs using cryptographic idealizations implies computational security of the same programs using cryptographic algorithms. Combined with F7, this yields a computationally sound, automated verification of F# code containing public-key encryptions and signatures. For the actual computational soundness proof, we use the CoSP framework (Backes, Hofheinz, and Unruh, CCS 2009). We thus inherit the modularity of CoSP, which allows for easily extending our proof to other cryptographic primitives.