A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
A New Characterization of Type-2 Feasibility
SIAM Journal on Computing
Secrecy by typing in security protocols
Journal of the ACM (JACM)
Protection in programming languages
Communications of the ACM
Semantics and Program Analysis of Computationally Secure Information Flow
ESOP '01 Proceedings of the 10th European Symposium on Programming Languages and Systems
Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Universally Composable Security: A New Paradigm for Cryptographic Protocols
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
A compositional logic for proving security properties of protocols
Journal of Computer Security - Special issue on CSFW14
Analyzing security protocols with secrecy types and logic programs
Journal of the ACM (JACM)
Secrecy types for a simulatable cryptographic library
Proceedings of the 12th ACM conference on Computer and communications security
A Computationally Sound Mechanized Prover for Security Protocols
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Simulation-Based Security with Inexhaustible Interactive Turing Machines
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Protocol Composition Logic (PCL)
Electronic Notes in Theoretical Computer Science (ENTCS)
The reactive simulatability (RSIM) framework for asynchronous systems
Information and Computation
Lightweight semiformal time complexity analysis for purely functional data structures
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
On the computational soundness of cryptographically masked flows
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Conditional reactive simulatability
International Journal of Information Security
Verified implementations of the information card federated identity-management protocol
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Cryptographically verified implementations for TLS
Proceedings of the 15th ACM conference on Computer and communications security
Cryptographic Protocol Synthesis and Verification for Multiparty Sessions
CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
ASPIER: An Automated Framework for Verifying Security Protocol Implementations
CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
CoSP: a general framework for computational soundness proofs
Proceedings of the 16th ACM conference on Computer and communications security
Modular verification of security protocol code by typing
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Computationally sound verification of source code
Proceedings of the 17th ACM conference on Computer and communications security
Inductive trace properties for computational security
Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
Computer-aided security proofs for the working cryptographer
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Guiding a General-Purpose C Verifier to Prove Cryptographic Protocols
CSF '11 Proceedings of the 2011 IEEE 24th Computer Security Foundations Symposium
Probabilistic polynomial-time semantics for a protocol security logic
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Cryptographic protocol analysis on real c code
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
The security of triple encryption and a framework for code-based game-playing proofs
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Verifying cryptographic code in c: some experience and the csec challenge
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Computational verification of C protocol implementations by symbolic execution
Proceedings of the 2012 ACM conference on Computer and communications security
ESOP'13 Proceedings of the 22nd European conference on Programming Languages and Systems
Proved generation of implementations from computationally secure protocol specifications
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Logical foundations of secure resource management in protocol implementations
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Probabilistic relational verification for cryptographic implementations
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
Journal of Computer Security - Foundational Aspects of Security
Hi-index | 0.00 |
Type systems are effective tools for verifying the security of cryptographic programs. They provide automation, modularity and scalability, and have been applied to large security protocols. However, they traditionally rely on abstract assumptions on the underlying cryptographic primitives, expressed in symbolic models. Cryptographers usually reason on security assumptions using lower level, computational models that precisely account for the complexity and success probability of attacks. These models are more realistic, but they are harder to formalize and automate. We present the first modular automated program verification method based on standard cryptographic assumptions. We show how to verify ideal functionalities and protocols written in ML by typing them against new cryptographic interfaces using F7, a refinement type checker coupled with an SMT-solver. We develop a probabilistic core calculus for F7 and formalize its type safety in Coq. We build typed module and interfaces for MACs, signatures, and encryptions, and establish their authenticity and secrecy properties. We relate their ideal functionalities and concrete implementations, using game-based program transformations behind typed interfaces. We illustrate our method on a series of protocol implementations.