Type checking cryptography implementations

Authors:
Manuel Barbosa;Andrew Moss;Dan Page;Nuno F. Rodrigues;Paulo F. Silva
Affiliations:
Departamento de Informática, Universidade do Minho, Portugal;School of Computing, Blekinge Institute of Technology, Sweden;Department of Computer Science, University of Bristol, United Kingdom;Departamento de Informática, Universidade do Minho, Portugal and DIGARC, Instituto Politécnico do Cávado e do Ave, Portugal;Departamento de Informática, Universidade do Minho, Portugal
Venue:
FSEN'11 Proceedings of the 4th IPM international conference on Fundamentals of Software Engineering
Year:
2011

Citing 5
Cited 0

Handbook of Applied Cryptography

Handbook of Applied Cryptography
Imperative Programming with Dependent Types

LICS '00 Proceedings of the 15th Annual IEEE Symposium on Logic in Computer Science
Cryptol: specification, implementation and verification of high-grade cryptographic applications

Proceedings of the 2007 ACM workshop on Formal methods in security engineering
'Galculator': functional prototype of a Galois-connection based proof assistant

Proceedings of the 10th international ACM SIGPLAN conference on Principles and practice of declarative programming
The Poly1305-AES message-authentication code

FSE'05 Proceedings of the 12th international conference on Fast Software Encryption

Quantified Score

Hi-index	0.00

Visualization

Abstract

Cryptographic software development is a challenging field: high performance must be achieved, while ensuring correctness and compliance with low-level security policies. CAO is a domain specific language designed to assist development of cryptographic software. An important feature of this language is the design of a novel type system introducing native types such as predefined sized vectors, matrices and bit strings, residue classes modulo an integer, finite fields and finite field extensions, allowing for extensive static validation of source code. We present the formalisation, validation and implementation of this type system.