A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Filters
Guiding a General-Purpose C Verifier to Prove Cryptographic Protocols
[article]
2013
arXiv
pre-print
Preserved Fulltext
We describe how to verify security properties of C code for cryptographic protocols by using a general-purpose verifier. We prove security theorems in the symbolic model of cryptography. ...
We rely on the general-purpose verifier VCC; we guide VCC to prove security simply by writing suitable header files and annotations in implementation files, rather than by changing VCC itself. ...
Conclusion We describe a method for guiding a general-purpose C verifier to prove both memory safety and authentication and weak secrecy properties of security protocols and their implementations. ...
arXiv:1312.6532v1
fatcat:fxoqlmwb4ffbxchnizwxi4eyma
Guiding a General-Purpose C Verifier to Prove Cryptographic Protocols
2011
2011 IEEE 24th Computer Security Foundations Symposium
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
We describe how to verify security properties of C code for cryptographic protocols by using a general-purpose verifier. We prove security theorems in the symbolic model of cryptography. ...
We rely on the general-purpose verifier VCC; we guide VCC to prove security simply by writing suitable header files and annotations in implementation files, rather than by changing VCC itself. ...
CONCLUSION We describe a method for guiding a general-purpose C verifier to prove both memory safety and authentication and weak secrecy properties of security protocols and their implementations. ...
doi:10.1109/csf.2011.8
dblp:conf/csfw/DupressoirGJN11
fatcat:uwelmvxjbrbijnvshvntenm3wq
Guiding a general-purpose C verifier to prove cryptographic protocols
2014
Journal of Computer Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
We describe how to verify security properties of C code for cryptographic protocols by using a general-purpose verifier. We prove security theorems in the symbolic model of cryptography. ...
We rely on the general-purpose verifier VCC; we guide VCC to prove security simply by writing suitable header files and annotations in implementation files, rather than by changing VCC itself. ...
CONCLUSION We describe a method for guiding a general-purpose C verifier to prove both memory safety and authentication and weak secrecy properties of security protocols and their implementations. ...
doi:10.3233/jcs-140508
fatcat:45u5j7fyqbbannh3ce3tk3ggiq
Security Protocol Verification: Symbolic and Computational Models
[chapter]
2012
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Security protocol verification has been a very active research area since the 1990s. ...
Additionally, we briefly describe our symbolic security protocol verifier ProVerif and situate it among these approaches. ...
We thank Pierpaolo Degano for helpful comments on a draft of this paper. Sect. 2.2 is updated from [48] . This work was partly supported by the ANR project ProSe (decision ANR-2010-VERS-004-01). ...
doi:10.1007/978-3-642-28641-4_2
fatcat:fc32uobfpfbqboiqtfwj3fokee
Automated Cryptographic Analysis of the Pedersen Commitment Scheme
[chapter]
2017
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Other Versions
To formally verify the protocol, we extended the theory of EasyCrypt, a framework which allows for reasoning in the computational model, to support the discrete logarithm and an abstraction of commitment ...
This paper presents a mechanised formal verification of the popular Pedersen commitment protocol, proving its security properties of correctness, perfect hiding, and computational binding. ...
As a result, it is highly desirable to have tools that can formally and automatically verify cryptographic protocols. ...
doi:10.1007/978-3-319-65127-9_22
fatcat:lc2ro2rlzvd4jfmek2hdnu5grq
Verifying Cryptographic Code in C: Some Experience and the Csec Challenge
[chapter]
2012
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
We illustrate these techniques on C code for a simple two-message protocol. ...
of cryptographic protocols. ...
We are grateful to Cas Cremers for helpful discussions about the RPC-enc protocol and for commenting on a draft of this paper. We also thank Patrice Godefroid for discussions and comments on a draft. ...
doi:10.1007/978-3-642-29420-4_1
fatcat:4xfedw3es5cfvfa635uwya4lr4
Efficiency Evaluation of Cryptographic Protocols for Boardroom Voting
2015
2015 10th International Conference on Availability, Reliability and Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
This holds true also in the context of electronic voting, where cryptographic protocols are used to ensure a diversity of security requirements, e.g. secrecy and integrity of cast votes. ...
Hence, it is not a surprise that a number of cryptographic protocols for boardroom voting have been already proposed. ...
Zero-knowledge proofs The main purpose of zero-knowledge proofs is to prove the validity of statements without revealing anything beyond the validity of the statement. ...
doi:10.1109/ares.2015.75
dblp:conf/IEEEares/KulykNBVHKB15
fatcat:ku7l57pbfndqbhsybufypwg5ke
Formal verification of security protocol implementations: a survey
2012
Formal Aspects of Computing
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. ...
The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approach. ...
In [DGJN11] , C implementations of security protocols are annotated with semantic information, so that a general purpose C verifier can prove security properties in the Dolev-Yao model. ...
doi:10.1007/s00165-012-0269-9
fatcat:z7bgh5nnuzh4leo7wgf5rwd5ci
A Formal Treatment of Hardware Wallets
[chapter]
2019
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
We deduce the wallet's security by proving that it is secure under common cryptographic assumptions, provided that there is no deviation in the protocol execution. ...
We present a modular treatment of a hardware wallet ecosystem, by realizing the wallet functionality in a hybrid setting defined by a set of protocols. ...
The hardware protocol π hw , uses a signature scheme Σ ≡ KeyGen, Verify, Sign , a cryptographic hash function H and a pseudorandom key generation function HierarchicalKeyGen(msk, i), in order to derive ...
doi:10.1007/978-3-030-32101-7_26
fatcat:fton66gsnnakvewrb7ggyxig6a
TAuth: Verifying Timed Security Protocols
[chapter]
2014
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Verifying timed security protocols is however challenging as both arbitrary attacking behaviors and quantitative timing may lead to undecidability. ...
In this work, we develop a service framework to support intuitive modeling of the timed protocol, as well as automatic verification with an unbounded number of sessions. ...
The authors are grateful to Jun Pang, Jingyi Wang and the anonymous reviewers for valuable comments on earlier versions of this paper. ...
doi:10.1007/978-3-319-11737-9_20
fatcat:lfirsqocsnhcjhg7lx4wvmyy6y
Geppetto: Versatile Verifiable Computation
2015
2015 IEEE Symposium on Security and Privacy
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
Geppetto is implemented in a full-fledged, scalable compiler and runtime that consume LLVM code generated from a variety of source C programs and cryptographic libraries. ...
Cloud computing sparked interest in Verifiable Computation protocols, which allow a weak client to securely outsource computations to remote parties. ...
To support bounded proof bootstrapping, Geppetto includes a QAP-friendly C library for general-purpose cryptographic computations. Such computations arise in many outsourcing applications. ...
doi:10.1109/sp.2015.23
dblp:conf/sp/CostelloFHKKNPZ15
fatcat:pjikpgcgpjg5zayhvhrzkmfcjm
Bringing Zero-Knowledge Proofs of Knowledge to Practice
[chapter]
2013
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
As a result, implementation cycles of ZK-PoK are time-consuming and error-prone, in particular for developers with minor or no cryptographic skills. ...
To this end we are developing compilers and related tools that support and partially automate the design, implementation, verification and secure implementation of ZK-PoK protocols. ...
As a result there is no methodological formal way to guide cryptographic protocol designers. ...
doi:10.1007/978-3-642-36213-2_9
fatcat:xvzpg5firvgkrexr5s65e57cpq
Bringing Zero-Knowledge Proofs of Knowledge to Practice
[chapter]
2013
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
As a result, implementation cycles of ZK-PoK are time-consuming and error-prone, in particular for developers with minor or no cryptographic skills. ...
To this end we are developing compilers and related tools that support and partially automate the design, implementation, verification and secure implementation of ZK-PoK protocols. ...
As a result there is no methodological formal way to guide cryptographic protocol designers. ...
doi:10.1007/978-3-642-36213-2_10
fatcat:ahte6wocoza77hp4f25z7xjh6e
A Roadmap for High Assurance Cryptography
[chapter]
2018
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
A new unified API with both formally verified primitives and an easy-to-use interface is needed to replace OpenSSL in future security-critical applications. 1. first defining clear security goals; 2. then ...
bundling of these cryptographic primitives in a new API that prevents common developer mistakes. ...
Harry Halpin would like to thank Peter Schwabe for many of the original ideas in this paper and for some of the text itself, while taking sole responsibility for any lack of clarity or problems with this ...
doi:10.1007/978-3-319-75650-9_6
fatcat:fxwimrpesjddnjfvflveuqbz2q
Verification of STAR-Vote and Evaluation of FDR and ProVerif
[chapter]
2017
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
We present the first automated privacy analysis of STAR-Vote, a real world voting system design with sophisticated "end-to-end" cryptography, using FDR and ProVerif. ...
Despite the complexity of the voting system, we were able to verify that our abstracted formal model of STAR-Vote provides ballot-secrecy using both formal approaches. ...
We would like to thank Ben Smyth, Olivier Pereira, and Thomas Gibson-Robinson for their helpful technical discussions. ...
doi:10.1007/978-3-319-66845-1_28
fatcat:lp7xdzj2ynfu7i2awklf2pzd3q
« Previous
Showing results 1 — 15 out of 3,623 results