Refinement types for secure implementations

Authors:
Jesper Bengtson;Karthikeyan Bhargavan;Cédric Fournet;Andrew D. Gordon;Sergio Maffeis
Affiliations:
Uppsala University, Uppsala, Sweden;Microsoft Research, United Kingdom;Microsoft Research, United Kingdom;Microsoft Research, United Kingdom;Imperial College London, London, United Kingdom
Venue:
ACM Transactions on Programming Languages and Systems (TOPLAS)
Year:
2011

Citing 72
Cited 11

Implementing mathematics with the Nuprl proof development system

Implementing mathematics with the Nuprl proof development system
Logic and computation: interactive proof with Cambridge LCF

Logic and computation: interactive proof with Cambridge LCF
The calculus of constructions

Information and Computation - Semantics of Data Types
Typechecking dependent types and subtypes

Lecture notes in computer science on Foundations of logic and functional programming
Refinement types for ML

PLDI '91 Proceedings of the ACM SIGPLAN 1991 conference on Programming language design and implementation
Semantics of programming languages: structures and techniques

Semantics of programming languages: structures and techniques
A calculus for access control in distributed systems

ACM Transactions on Programming Languages and Systems (TOPLAS)
Random oracles are practical: a paradigm for designing efficient protocols

CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Reasoning about programs in continuation-passing style

Lisp and Symbolic Computation - Special issue on continuations—part I
Prudent Engineering Practice for Cryptographic Protocols

IEEE Transactions on Software Engineering
Subtypes for Specifications: Predicate Subtyping in PVS

IEEE Transactions on Software Engineering
Dependent types in practical programming

Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JFlow: practical mostly-static information flow control

Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A calculus for cryptographic protocols

Information and Computation
Secrecy by typing in security protocols

Journal of the ACM (JACM)
Using encryption for authentication in large networks of computers

Communications of the ACM
Protection in programming languages

Communications of the ACM
Subtyping dependent types

Theoretical Computer Science
Extended static checking for Java

PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Information flow inference for ML

ACM Transactions on Programming Languages and Systems (TOPLAS)
A Systematic Approach to Static Access Control

ESOP '01 Proceedings of the 10th European Symposium on Programming Languages and Systems
A Mechanisation of Name-Carrying Syntax up to Alpha-Conversion

HUG '93 Proceedings of the 6th International Workshop on Higher Order Logic Theorem Proving and its Applications
Synthesizing Proofs from Programs in the Calculus of Inductive Constructions

MPC '95 Mathematics of Program Construction
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules

CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A Semantic Model for Authentication Protocols

SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Java Security: From HotJava to Netscape and Beyond

SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Authenticity by typing for security protocols

Journal of Computer Security - Special issue on CSFW14
A compositional logic for proving security properties of protocols

Journal of Computer Security - Special issue on CSFW14
Analyzing security protocols with secrecy types and logic programs

Journal of the ACM (JACM)
Simplify: a theorem prover for program checking

Journal of the ACM (JACM)
Secrecy despite compromise: types, cryptography, and the pi-calculus

CONCUR 2005 - Concurrency Theory
A Computationally Sound Mechanized Prover for Security Protocols

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Encoding Information Flow in Haskell

CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Extended static checking for haskell

Proceedings of the 2006 ACM SIGPLAN workshop on Haskell
Access Control in a Core Calculus of Dependency

Electronic Notes in Theoretical Computer Science (ENTCS)
Protocol Composition Logic (PCL)

Electronic Notes in Theoretical Computer Science (ENTCS)
A bisimulation for dynamic sealing

Theoretical Computer Science
A Cryptographic Decentralized Label Model

SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Do As I SaY! Programmatic Access Control with Explicit Identities

CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
A Type Discipline for Authorization in Distributed Systems

CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
A type discipline for authorization policies

ACM Transactions on Programming Languages and Systems (TOPLAS) - Special Issue ESOP'05
Types and effects for asymmetric cryptographic protocols

Journal of Computer Security - Special issue on CSFW15
Engineering formal metatheory

Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Cryptographically sound implementations for typed information-flow security

Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Liquid types

Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Refinement Types for Secure Implementations

CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Evidence-Based Audit

CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Fable: A Language for Enforcing User-defined Security Policies

SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
AURA: a programming language for authorization and audit

Proceedings of the 13th ACM SIGPLAN international conference on Functional programming
A Hoare Logic for Call-by-Value Functional Programs

MPC '08 Proceedings of the 9th international conference on Mathematics of Program Construction
Verified interoperable implementations of security protocols

ACM Transactions on Programming Languages and Systems (TOPLAS)
Cryptographically verified implementations for TLS

Proceedings of the 15th ACM conference on Computer and communications security
Code-Carrying Authorization

ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Secure compilation of a multi-tier web language

Proceedings of the 4th international workshop on Types in language design and implementation
Type-based data structure verification

Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Cryptographic Protocol Synthesis and Verification for Multiparty Sessions

CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
ASPIER: An Automated Framework for Verifying Security Protocol Implementations

CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
Achieving Security Despite Compromise Using Zero-knowledge

CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
Low-level liquid types

Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Modular verification of security protocol code by typing

Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Links: web programming without tiers

FMCO'06 Proceedings of the 5th international conference on Formal methods for components and objects
Z3: an efficient SMT solver

TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
Type-preserving compilation of end-to-end verification of security enforcement

PLDI '10 Proceedings of the 2010 ACM SIGPLAN conference on Programming language design and implementation
Reliable evidence: auditability by typing

ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Computationally sound verification of source code

Proceedings of the 17th ACM conference on Computer and communications security
Typechecking higher-order security libraries

APLAS'10 Proceedings of the 8th Asian conference on Programming languages and systems
Cryptographically-Masked flows

SAS'06 Proceedings of the 13th international conference on Static Analysis
The spec# programming system: an overview

CASSIS'04 Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
ESC/Java2: uniting ESC/Java and JML

CASSIS'04 Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
Cryptographic protocol analysis on real c code

VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Security-typed languages for implementation of cryptographic protocols: a case study

ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Enforcing stateful authorization and information flow policies in fine

ESOP'10 Proceedings of the 19th European conference on Programming Languages and Systems

Naturalistic types

Proceedings of the 10th SIGPLAN symposium on New ideas, new paradigms, and reflections on programming and software
Hybrid contract checking via symbolic simplification

PEPM '12 Proceedings of the ACM SIGPLAN 2012 workshop on Partial evaluation and program manipulation
Formally based semi-automatic implementation of an open security protocol

Journal of Systems and Software
Automatically verifying typing constraints for a data processing language

CPP'11 Proceedings of the First international conference on Certified Programs and Proofs
Security protocol verification: symbolic and computational models

POST'12 Proceedings of the First international conference on Principles of Security and Trust
Abstract refinement types

ESOP'13 Proceedings of the 22nd European conference on Programming Languages and Systems
Logical foundations of secure resource management in protocol implementations

POST'13 Proceedings of the Second international conference on Principles of Security and Trust
The need for capability policies

Proceedings of the 15th Workshop on Formal Techniques for Java-like Programs
Dependent Type Theory for Verification of Information Flow and Access Control Policies

ACM Transactions on Programming Languages and Systems (TOPLAS)
A formal methodology for integral security design and verification of network protocols

Journal of Systems and Software
Union, intersection and refinement types and reasoning about type disjointness for secure protocol implementations

Journal of Computer Security - Foundational Aspects of Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present the design and implementation of a typechecker for verifying security properties of the source code of cryptographic protocols and access control mechanisms. The underlying type theory is a λ-calculus equipped with refinement types for expressing pre- and post-conditions within first-order logic. We derive formal cryptographic primitives and represent active adversaries within the type theory. Well-typed programs enjoy assertion-based security properties, with respect to a realistic threat model including key compromise. The implementation amounts to an enhanced typechecker for the general-purpose functional language F#; typechecking generates verification conditions that are passed to an SMT solver. We describe a series of checked examples. This is the first tool to verify authentication properties of cryptographic protocols by typechecking their source code.