Detalhes do Documento

A deductive verification platform for cryptographic software

Autor(es): Barbosa, Manuel Bernardo cv logo 1 ; Filliâtre, Jean-Christophe cv logo 2 ; Pinto, Jorge Sousa cv logo 3 ; Vieira, Bárbara cv logo 4

Data: 2010

Identificador Persistente: http://hdl.handle.net/1822/13490

Origem: RepositóriUM - Universidade do Minho

Assunto(s): Formal program verification; Cryptography


Descrição
In this paper we describe a deductive verification platform for the CAO language. CAO is a domain-specific language for cryptography. We show that this language presents interesting challenges for formal verification, not only in the rich mathematical type system that it introduces, but also in the cryptography-oriented language constructions that it offers. We describe how we tackle these problems, and also demonstrate that, by relying on the Jessie plug-in included in the Frama-C framework, the development time of such a complex verification tool could be greatly reduced. We base our presentation on real-world examples of CAO code, extracted from the open-source code of the NaCl cryptographic library, and illustrate how various cryptography-relevant security properties can be verified.
Tipo de Documento Artigo
Idioma Inglês
delicious logo  facebook logo  linkedin logo  twitter logo 
degois logo
mendeley logo

Documentos Relacionados

Formal verification of side channel countermeasures using self-composition

Almeida, José Bacelar ; Barbosa, Manuel Bernardo ; Pinto, Jorge Sousa ; Vieira, Bárbara

mais

Data: 2011

Verifying cryptographic software correctness with respect to reference implementations

Almeida, José Bacelar ; Barbosa, Manuel Bernardo ; Pinto, Jorge Sousa ; Vieira, Bárbara

mais

Data: 2009



    Financiadores do RCAAP
Fundação para a Ciência e a Tecnologia Universidade do Minho   Governo Português Ministério da Educação e Ciência Programa Operacional da Sociedade do Conhecimento União Europeia