Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Inductive analysis of the Internet protocol TLS
ACM Transactions on Information and System Security (TISSEC)
Using encryption for authentication in large networks of computers
Communications of the ACM
Mobile values, new names, and secure communication
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The Order of Encryption and Authentication for Protecting Communications (or: How Secure Is SSL?)
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
On the Security of RSA Encryption in TLS
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Automatic verification of the TLS handshake protocol
Proceedings of the 2004 ACM symposium on Applied computing
Equational Approach to Formal Analysis of TLS
ICDCS '05 Proceedings of the 25th IEEE International Conference on Distributed Computing Systems
A modular correctness proof of IEEE 802.11i and TLS
Proceedings of the 12th ACM conference on Computer and communications security
Secrecy types for a simulatable cryptographic library
Proceedings of the 12th ACM conference on Computer and communications security
Verified Interoperable Implementations of Security Protocols
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Computationally Sound Compositional Logic for Key Exchange Protocols
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Security Analysis of Crypto-based Java Programs using Automated Theorem Provers
ASE '06 Proceedings of the 21st IEEE/ACM International Conference on Automated Software Engineering
Computationally sound secrecy proofs by mechanized flow analysis
Proceedings of the 13th ACM conference on Computer and communications security
Analysis of the SSL 3.0 protocol
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
Finite-state analysis of SSL 3.0
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Computationally Sound Mechanized Proofs of Correspondence Assertions
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
HMAC is a randomness extractor and applications to TLS
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Computationally sound mechanized proofs for basic and public-key Kerberos
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Provably secure browser-based user-aware mutual authentication over TLS
Proceedings of the 2008 ACM symposium on Information, computer and communications security
A Computationally Sound Mechanized Prover for Security Protocols
IEEE Transactions on Dependable and Secure Computing
ASPIER: An Automated Framework for Verifying Security Protocol Implementations
CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
The TLS Handshake Protocol: A Modular Analysis
Journal of Cryptology
Application of dependency graphs to security protocol analysis
TGC'07 Proceedings of the 3rd conference on Trustworthy global computing
About the security of ciphers (semantic security and pseudo-random permutations)
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
A probabilistic hoare-style logic for game-based cryptographic proofs
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Padding oracle attacks on CBC-Mode encryption with secret and random IVs
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Cryptographic protocol analysis on real c code
VMCAI'05 Proceedings of the 6th international conference on Verification, Model Checking, and Abstract Interpretation
Automated security proofs with sequences of games
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Towards formal verification of TLS network packet processing written in C
PLPV '13 Proceedings of the 7th workshop on Programming languages meets program verification
Hi-index | 0.00 |
We narrow the gap between concrete implementations of cryptographic protocols and their verified models. We develop and verify a small functional implementation of the Transport Layer Security protocol (TLS 1.0). We make use of the same executable code for interoperability testing against mainstream implementations for automated symbolic cryptographic verification and automated computational cryptographic verification. We rely on a combination of recent tools and also develop a new tool for extracting computational models from executable code. We obtain strong security guarantees for TLS as used in typical deployments.