Internet Archive Scholar

From Computationally-Proved Protocol Specifications to Implementations and Application to SSH

David Cadé, Bruno Blanchet
2013 Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (452.6 kB)
https://web.archive.org/web/20210102125942/http://isyou.info/jowua/papers/jowua-v4n1-1.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL. The file type is application/pdf.

This paper presents a novel technique for obtaining implementations of security protocols, proved secure in the computational model. We formally specify the protocol to prove, we prove this specification using the computationally-sound protocol verifier CryptoVerif, and we automatically translate it into an implementation in OCaml using a new compiler that we have implemented. We applied this approach to the SSH Transport Layer protocol: we proved the authentication of the server and the
more » ... of the session keys in this protocol and verified that the generated implementation successfully interacts with OpenSSH. We explain these proofs, as well as an extension of CryptoVerif needed for the proof of secrecy of the session keys. The secrecy of messages sent over the SSH tunnel cannot be proved due to known weaknesses in SSH with CBC-mode encryption.
doi:10.22667/jowua.2013.03.31.004 dblp:journals/jowua/CadeB13 fatcat:4v5farrgwbgobibgahki6m3p5m
Citation

David Cadé, Bruno Blanchet. "From Computationally-Proved Protocol Specifications to Implementations and Application to SSH." Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (2013) 4-31