Guiding a General-Purpose C Verifier to Prove Cryptographic Protocols

Francois Dupressoir, Andrew D. Gordon, Jan Jürjens, David A. Naumann

    Research output: Contribution to journalArticle (Academic Journal)peer-review

    15 Citations (Scopus)

    Abstract

    We describe how to verify security properties of C code for cryptographic protocols by using a general-purpose verifier. We prove security theorems in the symbolic model of cryptography. Our techniques include: use of ghost state to attach formal algebraic terms to concrete byte arrays and to detect collisions when two distinct terms map to the same byte array; decoration of a crypto API with contracts based on symbolic terms; and expression of the attacker model in terms of C programs. We rely on the general-purpose verifier VCC; we guide VCC to prove security simply by writing suitable header files and annotations in implementation files, rather than by changing VCC itself. We formalize the symbolic model in Coq in order to justify the addition of axioms to VCC.
    Original languageEnglish
    Pages (from-to)823-866
    Number of pages44
    JournalJournal of Computer Security
    DOIs
    Publication statusPublished - 11 Jul 2014

    Access to Document

    Handle.net

    Fingerprint

    Dive into the research topics of 'Guiding a General-Purpose C Verifier to Prove Cryptographic Protocols'. Together they form a unique fingerprint.
    View full fingerprint
    • 15 Citations
    • 1 Conference Contribution (Conference Proceeding)

    • Guiding a General-Purpose C Verifier to Prove Cryptographic Protocols

      Dupressoir, F., Gordon, A. D., Jürjens, J. & Naumann, D. A., 11 Aug 2011, Proceedings of the 2011 IEEE 24th Computer Security Foundations Symposium (CSF). 15 p.

      Research output: Chapter in Book/Report/Conference proceedingConference Contribution (Conference Proceeding)

      30 Citations (Scopus)

    Cite this