Get 20M+ Full-Text Papers For Less Than $1.50/day. Start a 14-Day Trial for You or Your Team.

Learn More →

Verified Cryptographic Implementations for TLS

Verified Cryptographic Implementations for TLS Veri ed Cryptographic Implementations for TLS ´ KARTHIKEYAN BHARGAVAN and CEDRIC FOURNET, Microsoft Research, Cambridge ˘ RICARDO CORIN and EUGEN ZALINESCU, Microsoft Research-INRIA Joint Centre, Orsay We narrow the gap between concrete implementations of cryptographic protocols and their veri ed models. We develop and verify a small functional implementation of the Transport Layer Security protocol (TLS 1.0). We make use of the same executable code for interoperability testing against mainstream implementations for automated symbolic cryptographic veri cation and automated computational cryptographic veri cation. We rely on a combination of recent tools and also develop a new tool for extracting computational models from executable code. We obtain strong security guarantees for TLS as used in typical deployments. Categories and Subject Descriptors: C.2.0 [Computer-Communication Networks]: ”Security and protection; C.2.2 [Computer-Communication Networks]: Network Protocols; D.2.4 [Software Engineering]: Software/Program Veri cation; F.3.1 [Logics and Meanings of Programs]: Specifying and Verifying and Reasoning about Programs General Terms: Security, Veri cation ACM Reference Format: Bhargavan, K., Fournet, C., Corin, R., and Zalinescu, E. 2012. Veri ed cryptographic implementations for ˘ TLS. ACM Trans. Inf. Syst. Secur. 15, 1, Article 3 (March 2012), 32 pages. DOI = 10.1145/2133375.2133378 http://doi.acm.org/10.1145/2133375.2133378 1. VERIFYING PROTOCOLS AND THEIR IMPLEMENTATIONS http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png ACM Transactions on Information and System Security (TISSEC) Association for Computing Machinery

Verified Cryptographic Implementations for TLS

Download PDF
32 pages

Loading next page...
 
/lp/association-for-computing-machinery/verified-cryptographic-implementations-for-tls-jZY3eCc0xT

References (47)

Publisher
Association for Computing Machinery
Copyright
Copyright © 2012 by ACM Inc.
ISSN
1094-9224
DOI
10.1145/2133375.2133378
Publisher site
See Article on Publisher Site

Abstract

Veri ed Cryptographic Implementations for TLS ´ KARTHIKEYAN BHARGAVAN and CEDRIC FOURNET, Microsoft Research, Cambridge ˘ RICARDO CORIN and EUGEN ZALINESCU, Microsoft Research-INRIA Joint Centre, Orsay We narrow the gap between concrete implementations of cryptographic protocols and their veri ed models. We develop and verify a small functional implementation of the Transport Layer Security protocol (TLS 1.0). We make use of the same executable code for interoperability testing against mainstream implementations for automated symbolic cryptographic veri cation and automated computational cryptographic veri cation. We rely on a combination of recent tools and also develop a new tool for extracting computational models from executable code. We obtain strong security guarantees for TLS as used in typical deployments. Categories and Subject Descriptors: C.2.0 [Computer-Communication Networks]: ”Security and protection; C.2.2 [Computer-Communication Networks]: Network Protocols; D.2.4 [Software Engineering]: Software/Program Veri cation; F.3.1 [Logics and Meanings of Programs]: Specifying and Verifying and Reasoning about Programs General Terms: Security, Veri cation ACM Reference Format: Bhargavan, K., Fournet, C., Corin, R., and Zalinescu, E. 2012. Veri ed cryptographic implementations for ˘ TLS. ACM Trans. Inf. Syst. Secur. 15, 1, Article 3 (March 2012), 32 pages. DOI = 10.1145/2133375.2133378 http://doi.acm.org/10.1145/2133375.2133378 1. VERIFYING PROTOCOLS AND THEIR IMPLEMENTATIONS

Journal

ACM Transactions on Information and System Security (TISSEC)Association for Computing Machinery

Published: Mar 1, 2012

There are no references for this article.