Filters








76,841 Hits in 2.8 sec

Types and effects for asymmetric cryptographic protocols

Andrew D. Gordon, Alan Jeffrey, S. Schneider
2004 Journal of Computer Security  
The most significant new features of our type system are: (1) a separation of public types (for data possibly sent to the opponent) from tainted types (for data possibly received from the opponent) via  ...  We present the first type and effect system for proving authenticity properties of security protocols based on asymmetric cryptography.  ...  Conclusions and Further Work This paper presents a type and effect system for asymmetric cryptographic protocols.  ... 
doi:10.3233/jcs-2004-123-406 fatcat:ignujdcmezdj7kdyvmj7tliiyu

Secrecy types for a simulatable cryptographic library

Peeter Laud
2005 Proceedings of the 12th ACM conference on Computer and communications security - CCS '05  
We present a type system for checking secrecy of messages handled by protocols that use the Backes-Pfitzmann-Waidner library for cryptographic operations.  ...  The type system is similar to the Abadi-Blanchet type system for asymmetric communication.  ...  Let us also mention some of the work in the area of type systems for cryptographic protocol analysis.  ... 
doi:10.1145/1102120.1102126 dblp:conf/ccs/Laud05 fatcat:eyhavvlrqndohbmrgpemr47r2m

Admissible Interference by Typing for Cryptographic Protocols [chapter]

Alaaeddine Fellah, John Mullins
2005 Lecture Notes in Computer Science  
Also, we extend the type system of process with another type system based on a standard message algebra used in the literature of cryptographic protocols.  ...  Many security properties of cryptographic protocols can be expressed by using information flow policies as non-interference.  ...  Also, we extend this type system to verify admissible interference in cryptographic protocol. The rules for typing message in cryptographic are oriented to the verification of the secrecy property.  ... 
doi:10.1007/11602897_11 fatcat:chahq7bzy5a4lbk75aoelhye5a

A Type-based Formal Specification for Cryptographic Protocols

Paventhan Vivekanandan
2018 Journal of Internet Services and Information Security  
This paper presents a new approach for the formal specification of cryptographic schemes using types.  ...  It discusses specifying a cryptographic protocol using homotopy type theory which adds the notion of higher inductive type and univalence to Martin-Löf's intensional type theory.  ...  In this paper, we discuss a new approach to specify cryptographic protocols based on types. This approach involves correlating a type with a cryptographic implementation.  ... 
doi:10.22667/jisis.2018.11.30.016 dblp:journals/jisis/Vivekanandan18 fatcat:e5j53njyyrazffj7wmzlzezxtm

Cryptographically sound implementations for typed information-flow security

Cédric Fournet, Tamara Rezk
2008 Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages - POPL '08  
We build a translation from well-typed source programs and policies to cryptographic implementations. To establish its correctness, we develop a type system for the target language.  ...  Our typing rules enforce a correct usage of cryptographic primitives against active adversaries; from an information-flow viewpoint, they capture controlled forms of robust declassification and endorsement  ...  Types We supplement the data type Data of Section 2 with types for cryptographic values.  ... 
doi:10.1145/1328438.1328478 dblp:conf/popl/FournetR08 fatcat:zhthikajmze6vbbf4ifnctxtmi

Cryptographically sound implementations for typed information-flow security

Cédric Fournet, Tamara Rezk
2008 SIGPLAN notices  
We build a translation from well-typed source programs and policies to cryptographic implementations. To establish its correctness, we develop a type system for the target language.  ...  Our typing rules enforce a correct usage of cryptographic primitives against active adversaries; from an information-flow viewpoint, they capture controlled forms of robust declassification and endorsement  ...  Types We supplement the data type Data of Section 2 with types for cryptographic values.  ... 
doi:10.1145/1328897.1328478 fatcat:7wsurfw4hfb4dotlftq3c4lxbe

How to prevent type-flaw and multi-protocol attacks on cryptographic protocols under Exclusive-OR [article]

Sreekanth Malladi
2010 arXiv   pre-print
Type-flaw attacks and multi-protocol attacks on security protocols have been frequently reported in the literature.  ...  This is the problem we consider in this paper: We prove that, under certain assumptions, tagging encrypted components still prevents type-flaw and multi-protocol attacks even in the presence of the XOR  ...  A few months back, Chevalier-Rusinowitch report a nice way to compile cryptographic protocols into executable roles and retain the results for combination of equational theories in the context of compiling  ... 
arXiv:1004.2522v3 fatcat:55m6moaycvb7fcwmtrvmrkrtha

Equivalence Properties by Typing in Cryptographic Branching Protocols [chapter]

Véronique Cortier, Niklas Grimm, Joseph Lallemand, Matteo Maffei
2018 Lecture Notes in Computer Science  
Building upon a recent approach, we propose a type system for reasoning about branching protocols and dynamic keys. We prove our type system to entail equivalence, for all the standard primitives.  ...  Our type system has been implemented and shows a significant speedup compared to the tools for a bounded number of sessions, and compares similarly to ProVerif for an unbounded number of sessions.  ...  Equivalence is also used to express properties closer to cryptographic games like strong secrecy. Two main classes of tools have been developed for equivalence.  ... 
doi:10.1007/978-3-319-89722-6_7 fatcat:guz4fesbhrct5bnwqrglpsjfbu

Analysing Privacy-Type Properties in Cryptographic Protocols (Invited Talk)

Stéphanie Delaune, Michael Wagner
2018 International Conference on Rewriting Techniques and Applications  
Privacy-type security properties (e.g. anonymity, unlinkability, vote secrecy, . . . ) are expressed relying on a notion of behavioural equivalence, and are actually more difficult to analyse than confidentiality  ...  Cryptographic protocols aim at securing communications over insecure networks such as the Internet, where dishonest users may listen to communications and interfere with them.  ...  Some examples We briefly describe in this section some cryptographic protocols on which privacy-type properties are particularly relevant.  ... 
doi:10.4230/lipics.fscd.2018.1 dblp:conf/rta/Delaune18 fatcat:mbzxlhqg5bdoxcjzxegydzpsba

Cryptographic Verification by Typing for a Sample Protocol Implementation [chapter]

Cédric Fournet, Karthikeyan Bhargavan, Andrew D. Gordon
2011 Lecture Notes in Computer Science  
Type systems are effective tools for verifying the security of cryptographic protocols and implementations.  ...  In this tutorial, we illustrate the use of types for verifying authenticity properties, first using a symbolic model of cryptography, then relying on a concrete computational assumption.  ...  Refined, Ideal Interface for Cryptographic MACs To capture the intended properties of MACs, we rely on another, refined ideal interface for the Mac module, as follows: type bytespub = bytes type key type  ... 
doi:10.1007/978-3-642-23082-0_3 fatcat:5cibhxk26ffc5ely3jmt5awnc4

Type-Based Automated Verification of Authenticity in Cryptographic Protocols [chapter]

Daisuke Kikuchi, Naoki Kobayashi
2009 Lecture Notes in Computer Science  
Gordon and Jeffrey have proposed a type and effect system for checking authenticity in cryptographic protocols.  ...  To automate the verification of cryptographic protocols, we modify Gordon and Jeffrey's type system and develop a type inference algorithm.  ...  Section 3 introduces our new type system for checking authenticity of cryptographic protocols.  ... 
doi:10.1007/978-3-642-00590-9_17 fatcat:45eulcqqkrg75c435uwab5vnoa

Resource-Aware Authorization Policies for Statically Typed Cryptographic Protocols

Michele Bugliesi, Stefano Calzavara, Fabienne Eigner, Matteo Maffei
2011 2011 IEEE 24th Computer Security Foundations Symposium  
Type systems for authorization are a popular device for the specification and verification of security properties in cryptographic applications.  ...  The type system allows us to analyze a number of cryptographic protocol patterns and security properties, which are out of reach for existing verification frameworks based on static analysis.  ...  The distinctive feature of our type system is that the derivability of affine information is witnessed by the (affine) type of the cryptographic material.  ... 
doi:10.1109/csf.2011.13 dblp:conf/csfw/BugliesiCEM11 fatcat:pbd4yemi4fh2rn4n5tuac2dwru

Type-Based Automated Verification of Authenticity in Asymmetric Cryptographic Protocols [chapter]

Morten Dahl, Naoki Kobayashi, Yunde Sun, Hans Hüttel
2011 Lecture Notes in Computer Science  
Gordon and Jeffrey developed a type system for verification of asymmetric and symmetric cryptographic protocols.  ...  or explicit type casts.  ...  cryptographic protocols [18] .  ... 
doi:10.1007/978-3-642-24372-1_7 fatcat:762trstt7rc4xat2rpmxfnafvm

Security-Typed Languages for Implementation of Cryptographic Protocols: A Case Study [chapter]

Aslan Askarov, Andrei Sabelfeld
2005 Lecture Notes in Computer Science  
This paper discusses security assurance provided by security-typed languages when implementing cryptographic protocols.  ...  Our results are based on a case study using Jif, a Java-based security-typed language, for implementing a non-trivial cryptographic protocol that allows playing online poker without a trusted third party  ...  Conclusion As a proof of concept, we have implemented a non-trivial cryptographic protocol in a security-typed language.  ... 
doi:10.1007/11555827_12 fatcat:dwp2i5g63vcarg67ctxrv5ejhe

Type-based analysis of key management in PKCS#11 cryptographic devices

Matteo Centenaro, Riccardo Focardi, Flaminia L. Luccio, Pierpaolo Degano, Joshua D. Guttman
2013 Journal of Computer Security  
PKCS#11, is a security API for cryptographic tokens. It is known to be vulnerable to attacks which can directly extract, as cleartext, the value of sensitive keys.  ...  We formally analyse existing fixes for PKCS#11 and we propose a new one, which is type-checkable and prevents conflicting roles by deriving different keys for different roles.  ...  Finally, rules [enc-any] and [dec-any] are conservative rules for cryptographic operations using generic keys of type Any.  ... 
doi:10.3233/jcs-130479 fatcat:o76upupjdnby5mgr6h5uznyjlu
« Previous Showing results 1 — 15 out of 76,841 results