Casper: a compiler for the analysis of security protocols
Journal of Computer Security
From Secrecy to Authenticity in Security Protocols
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
AGVI - Automatic Generation, Verification, and Implementation of Security Protocols
CAV '01 Proceedings of the 13th International Conference on Computer Aided Verification
A Hierarchy of Authentication Specifications
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
An Efficient Cryptographic Protocol Verifier Based on Prolog Rules
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Automatic testing equivalence verification of spi calculus specifications
ACM Transactions on Software Engineering and Methodology (TOSEM)
Spi2Java: Automatic Cryptographic Protocol Java Code Generation from spi calculus
AINA '04 Proceedings of the 18th International Conference on Advanced Information Networking and Applications - Volume 2
Automatic Generation of the C# Code for Security Protocols Verified with Casper/FDR
AINA '05 Proceedings of the 19th International Conference on Advanced Information Networking and Applications - Volume 2
Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
Visual security protocol modeling
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
Verified Interoperable Implementations of Security Protocols
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Soundness Conditions for Message Encoding Abstractions in Formal Security Protocol Models
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
A Security Protocol Compiler Generating C Source Codes
ISA '08 Proceedings of the 2008 International Conference on Information Security and Assurance (isa 2008)
Verification of Mondex Electronic Purses with KIV: From a Security Protocol to Verified Code
FM '08 Proceedings of the 15th international symposium on Formal Methods
Cryptographically verified implementations for TLS
Proceedings of the 15th ACM conference on Computer and communications security
A Computationally Sound Mechanized Prover for Security Protocols
IEEE Transactions on Dependable and Secure Computing
Cryptographic Protocol Synthesis and Verification for Multiparty Sessions
CSF '09 Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium
Automated Security Verification for Crypto Protocol Implementations: Verifying the Jessie Project
Electronic Notes in Theoretical Computer Science (ENTCS)
Modular verification of security protocol code by typing
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JACK: a tool for validation of security and behaviour of Java applications
FMCO'06 Proceedings of the 5th international conference on Formal methods for components and objects
Verification of object-oriented software: The KeY approach
Verification of object-oriented software: The KeY approach
Refinement types for secure implementations
ACM Transactions on Programming Languages and Systems (TOPLAS)
Verified reference implementations of WS-Security protocols
WS-FM'06 Proceedings of the Third international conference on Web Services and Formal Methods
Automated security proofs with sequences of games
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Hi-index | 0.00 |
This paper presents an experiment in which an implementation of the client side of the SSH Transport Layer Protocol (SSH-TLP) was semi-automatically derived according to a model-driven development paradigm that leverages formal methods in order to obtain high correctness assurance. The approach used in the experiment starts with the formalization of the protocol at an abstract level. This model is then formally proved to fulfill the desired secrecy and authentication properties by using the ProVerif prover. Finally, a sound Java implementation is semi-automatically derived from the verified model using an enhanced version of the Spi2Java framework. The resulting implementation correctly interoperates with third party servers, and its execution time is comparable with that of other manually developed Java SSH-TLP client implementations. This case study demonstrates that the adopted model-driven approach is viable even for a real security protocol, despite the complexity of the models needed in order to achieve an interoperable implementation.