Computational verification of C protocol implementations by symbolic execution
Proceedings of the 2012 ACM conference on Computer and communications security
Proved generation of implementations from computationally secure protocol specifications
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Probabilistic relational verification for cryptographic implementations
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
Hi-index | 0.00 |
This paper presents a novel framework for proving specifications of security protocols in the computational model and generating runnable implementations from such proved specifications. We rely on the computationally-sound protocol verifier CryptoVerif for proving the specification, and we have implemented a compiler that translates a CryptoVerif specification into an implementation in OCaml. We have applied this compiler to the SSH Transport Layer protocol: we proved the authentication of the server and the secrecy of the session keys in this protocol and verified that the generated implementation successfully interacts with OpenSSH. The secrecy of messages sent over the SSH tunnel cannot be proved due to known weaknesses in SSH with CBC-mode encryption.