论文信息 - Verifying cryptographic protocols. Applying the symbolic model to cryptographic APIs for C

Verifying cryptographic protocols. Applying the symbolic model to cryptographic APIs for C

In this technical report we describe an approach for verifying cryptographic protocol implementations written in C. We statically prove the correctness of these implementations with the general purpose verifier VeriFast. More concretely we prove: memory safety, the absence of explicit and implicit information leaks, and functional correctness which includes protocol integrity. Our invariant-based approach requires an extension of the symbolic model of cryptography in order to work for protocol implementations in C written against an existing cryptographic API. Verifying Cryptographic Protocols Applying the symbolic model to cryptographic APIs for C Gijs Vanspauwen and Bart Jacobs iMinds-DistriNet, KU Leuven, 3001 Leuven, Belgium.

Bart Jacobs | Gijs Vanspauwen

[1] Jan Jürjens,et al. Guiding a General-Purpose C Verifier to Prove Cryptographic Protocols , 2011, CSF.

[2] Andrew D. Gordon,et al. Modular verification of security protocol code by typing , 2010, POPL '10.

[3] Ernie Cohen. TAPS: A First-Order Verifier for Cryptographic Protocols , 2000, CAV.

[4] Bart Jacobs,et al. Verifying Protocol Implementations by Augmenting Existing Cryptographic Libraries with Specifications , 2015, SEFM.