Guiding a general-purpose C verifier to prove cryptographic protocols

Francois Dupressoir; Andrew D. Gordon; Jan Juerjens; David A. Naumann

首页> 外文期刊>Journal of computer security >Guiding a general-purpose C verifier to prove cryptographic protocols

【24h】

Guiding a general-purpose C verifier to prove cryptographic protocols

机译：指导通用C验证程序来证明密码协议

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

We describe how to verify security properties of C code for cryptographic protocols by using a general-purpose verifier. We prove security theorems in the symbolic model of cryptography. Our techniques include: use of ghost state to attach formal algebraic terms to concrete byte arrays and to detect collisions when two distinct terms map to the same byte array; decoration of a crypto API with contracts based on symbolic terms; and expression of the attacker model in terms of C programs. We rely on the general-purpose verifier VCC; we guide VCC to prove security simply by writing suitable header files and annotations in implementation files, rather than by changing VCC itself. We formalize the symbolic model in Coq in order to justify the addition of axioms to VCC.

机译：我们描述了如何通过使用通用验证程序来验证用于密码协议的C代码的安全性。我们在密码学的符号模型中证明了安全性定理。我们的技术包括：使用重影状态将形式代数项附加到具体的字节数组，并在两个不同的项映射到同一字节数组时检测冲突；使用基于符号条款的合同装饰加密API;和攻击者模型在C程序方面的表达。我们依靠通用验证器VCC；我们指导VCC仅通过在实现文件中编写合适的头文件和注释来证明安全性，而不是通过更改VCC本身来证明。我们在Coq中将符号模型形式化，以证明向VCC添加公理是合理的。

著录项

来源
《Journal of computer security》 |2014年第5期|823-866|共44页
作者
Francois Dupressoir; Andrew D. Gordon; Jan Juerjens; David A. Naumann;
展开▼
作者单位

The Open University, Milton Keynes, UK;

Microsoft Research. Cambridge, UK and University of Edinburgh, Edinburgh, UK;

TU Dortmund and Fraunhofer ISST, Dortmund, Germany;

Stevens Institute of Technology, Hoboken, NJ, USA;

展开▼
收录信息美国《工程索引》(EI);
原文格式 PDF
正文语种 eng
中图分类
关键词
Symbolic cryptography; program verification; C implementations; security properties; general-purpose verifiers; protocol verification; cryptographic invariants;

机译：符号加密;程序验证;C实现;安全属性;通用验证程序;协议验证;密码不变式;

相似文献

外文文献
中文文献
专利

1. Mechanized Verification of Cryptographic Security of Cryptographic Security Protocol Implementation in JAVA through Model Extraction in the Computational Model [J] . Zimao Li, Bo Meng, Dejun Wang, Journal of Software Engineering . 2015,第1期

机译：通过计算模型中的模型提取对JAVA中的加密安全协议实现的加密安全进行机械化验证
2. Verification of stateful cryptographic protocols with exclusive OR [J] . Dreier Jannik, Hirschi Lucca, Radomirovic Sasa, Journal of computer security . 2020,第1期

机译：用独占或验证有状态加密协议
3. Automated Verification of Equivalence Properties of Cryptographic Protocols [J] . Chadha Rohit, Cheval Vincent, Ciobaca Stefan, ACM transactions on computational logic . 2016,第4期

机译：自动验证密码协议的等效属性
4. Guiding a General-Purpose C Verifier to Prove Cryptographic Protocols [C] . Dupressoir Francois, Gordon Andrew D., Jurjens Jan, 24th IEEE Computer Security Foundations Symposium . 2011

机译：指导通用C验证器证明加密协议
5. Equational unification and its application in formal verification of cryptographic protocols [D] . Wang, Lida 2004

机译：方程式统一及其在密码协议形式验证中的应用
6. Physical cryptographic verification of nuclear warheads [O] . R. Scott Kemp, Areg Danagoulian, Ruaridh R. Macdonald, 2016

机译：核弹头的物理密码验证
7. Guiding a general-purpose C verifier to prove cryptographic protocols [O] . Dupressoir, François, Gordon, Andrew, Jürjens, Jan, 2014

机译：指导通用C验证程序来证明加密协议
8. Formal Verification of Cryptographic Protocols: A Survey. [R] . Meadows, C. A. 1995

机译：密码协议的形式验证：一项调查。

Guiding a general-purpose C verifier to prove cryptographic protocols

摘要

著录项

相似文献

相关主题

期刊订阅