On the development and formalization of an extensible code generator for real life security protocols

Authors:
Michael Backes;Alex Busenius;Cătălin Hriţcu
Affiliations:
Saarland University, Germany and MPI-SWS, Germany;Saarland University, Germany;Saarland University, Germany and University of Pennsylvania, United States
Venue:
NFM'12 Proceedings of the 4th international conference on NASA Formal Methods
Year:
2012

Citing 14
Cited 0

A calculus for cryptographic protocols

Information and Computation
Athena: a novel approach to efficient automatic security protocol analysis

Journal of Computer Security
Featherweight Java: a minimal core calculus for Java and GJ

ACM Transactions on Programming Languages and Systems (TOPLAS)
AGVI - Automatic Generation, Verification, and Implementation of Security Protocols

CAV '01 Proceedings of the 13th International Conference on Computer Aided Verification
Adding wildcards to the Java programming language

Proceedings of the 2004 ACM symposium on Applied computing
Spi2Java: Automatic Cryptographic Protocol Java Code Generation from spi calculus

AINA '04 Proceedings of the 18th International Conference on Advanced Information Networking and Applications - Volume 2
Analyzing security protocols with secrecy types and logic programs

Journal of the ACM (JACM)
A machine-checked model for a Java-like language, virtual machine, and compiler

ACM Transactions on Programming Languages and Systems (TOPLAS)
Variant parametric types: A flexible subtyping scheme for generics

ACM Transactions on Programming Languages and Systems (TOPLAS)
Compiling cryptographic protocols for deployment on the web

Proceedings of the 16th international conference on World Wide Web
Engineering formal metatheory

Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Verified interoperable implementations of security protocols

ACM Transactions on Programming Languages and Systems (TOPLAS)
Type-checking zero-knowledge

Proceedings of the 15th ACM conference on Computer and communications security
Verifying a compiler for java threads

ESOP'10 Proceedings of the 19th European conference on Programming Languages and Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper introduces Expi2Java, a new code generator for cryptographic protocols that translates models written in an extensible variant of the Spi calculus into executable code in a substantial fragment of Java, featuring concurrency, synchronization between threads, exception handling and a sophisticated type system with generics and wildcards. Our code generator is highly extensible and customizable, which allows it to generate interoperable implementations of complex real life protocols from detailed verified specifications. As a case study, we have generated an interoperable implementation of TLS v1.0 client and server from a protocol model verified with ProVerif. Furthermore, we have formalized the translation algorithm of Expi2Java using the Coq proof assistant, and proved that the generated programs are well-typed if the original models are well-typed. This constitutes an important step towards the first machine-checked correctness proof of a code generator for cryptographic protocols.