1,240 research outputs found
Deductive verification of cryptographic software
We apply state-of-the art deductive verification tools to check security-relevant properties of cryptographic software, including safety, absence of error propagation, and correctness with respect to reference implementations. We also develop techniques to help us in our task, focusing on methods oriented towards increased levels of automation, in scenarios where there are clear obvious limits to such automation. These techniques allow us to integrate automatic proof tools with an interactive proof assistant, where the latter is used off-line to prove once-and-for-all fundamental lemmas about properties of programs. The techniques developed have independent interest for practical deductive verification in general.Fundação para a Ciência e a Tecnologia (FCT
Deductive Verification of Cryptographic Software
We report on the application of an off-the-shelf verification platform to the RC4 stream cipher cryptographic software implementation (as available in the openSSL library), and introduce a deductive verification technique based on self-composition for proving the absence of error propagation
RPP: Automatic Proof of Relational Properties by Self-Composition
Self-composition provides a powerful theoretical approach to prove relational
properties, i.e. properties relating several program executions, that has been
applied to compare two runs of one or similar programs (in secure dataflow
properties, code transformations, etc.). This tool demo paper presents RPP, an
original implementation of self-composition for specification and verification
of relational properties in C programs in the FRAMA-C platform. We consider a
very general notion of relational properties invoking any finite number of
function calls of possibly dissimilar functions with possible nested calls. The
new tool allows the user to specify a relational property, to prove it in a
completely automatic way using classic deductive verification, and to use it as
a hypothesis in the proof of other properties that may rely on it
Formal verification of cryptographic software implementations
Tese de doutoramento em InformáticaSecurity is notoriously difficult to sell as a feature in software products. In addition to
meeting a set of security requirements, cryptographic software has to be cheap, fast,
and use little resources. The development of cryptographic software is an area with
specific needs in terms of software development processes and tools. In this thesis we
explore how formal techniques, namely deductive verification techniques, can be used
to increase the guarantees that cryptographic software implementations indeed work as
prescribed. This thesis is organized in two parts.
The first part is focused on the identification of relevant security policies that may
be at play in cryptographic systems, as well as the language-based mechanisms that can
be used to enforce such policies in those systems. We propose methodologies based on
deductive verification to formalise and verify relevant security policies in cryptographic
software. We also show the applicability of those methodologies by presenting some
case studies using a deductive verification tool integrated in the Frama-c framework.
In the second part we propose a deductive verification tool (CAOVerif) for a domainspecific
language for cryptographic implementations (CAO). Our aim is to apply the
methodologies proposed in the first part of this thesis work to verify the cryptographic
implementations written in CAO. The design of CAOVerif follows the same approach
used in other scenarios for general-propose languages and it is build on top of a plug-in
from the Frama-c framework. At the very end, we conclude the work of this thesis by
reasoning about the soundness of our verification tool.O software criptográfico possui requisitos específicos para garantir a segurança da
informação que manipula. Além disso, este tipo de software necessita de ser barato,
rápido e utilizar um número reduzido de recursos. Garantir a segurança da informação
que é manipulada por tais sistemas é um grande desafio, sendo por isso de grande objecto
de estudo actualmente. Nesta tese exploramos como as técnicas formais, nomeadamente
as técnicas de verificação dedutiva, podem ser utilizadas por forma a garantir que as
implementações de software criptográfico funcionam, de facto, como prescrito. O
trabalho desta tese está organizado em duas partes.
A primeira parte foca-se essencialmente na identificação de políticas de segurança
relevantes nos sistemas criptográficos, bem como nos mecanismos baseados em linguagens
que podem ser aplicados para garantir tais políticas. Neste contexto, propomos
metodologias baseadas em verificação dedutiva para formalizar e verificar políticas
de segurança. Mostramos também como essas metodologias podem ser aplicadas na
verificação de casos de estudo reais, utilizando a ferramenta de verificação dedutiva
integrada na ferramenta Frama-c.
Na segunda parte, propomos uma ferramenta de verificação dedutiva (CAOVerif)
para uma linguagem de domínio específico para implementações criptográficas (CAO).
O desenvolvimento de tal ferramenta tem como objectivo aplicar as metodologias desenvolvidas
na primeira parte deste trabalho às implementações criptográficas definidas em
CAO. O desenho desta ferramenta segue a mesma aproximação de outras ferramentas
de verificação dedutiva já existentes para outras linguagens. Concluímos o trabalho
desenvolvido dando um prova formal da correcção da ferramenta
A deductive verification platform for cryptographic software
In this paper we describe a deductive verification platform for the CAO language. CAO is a domain-specific language for cryptography. We show that this language presents interesting challenges for formal verification, not only in the rich mathematical type system that it introduces, but also in the cryptography-oriented language constructions that it offers. We describe how we tackle these problems, and also demonstrate that, by relying on the Jessie plug-in included in the Frama-C framework, the development time of such a complex verification tool could be greatly reduced. We base our presentation on real-world examples of CAO code, extracted from the open-source code of the NaCl cryptographic library, and illustrate how various cryptography-relevant security properties can be verified.(undefined
Data Minimisation in Communication Protocols: A Formal Analysis Framework and Application to Identity Management
With the growing amount of personal information exchanged over the Internet,
privacy is becoming more and more a concern for users. One of the key
principles in protecting privacy is data minimisation. This principle requires
that only the minimum amount of information necessary to accomplish a certain
goal is collected and processed. "Privacy-enhancing" communication protocols
have been proposed to guarantee data minimisation in a wide range of
applications. However, currently there is no satisfactory way to assess and
compare the privacy they offer in a precise way: existing analyses are either
too informal and high-level, or specific for one particular system. In this
work, we propose a general formal framework to analyse and compare
communication protocols with respect to privacy by data minimisation. Privacy
requirements are formalised independent of a particular protocol in terms of
the knowledge of (coalitions of) actors in a three-layer model of personal
information. These requirements are then verified automatically for particular
protocols by computing this knowledge from a description of their
communication. We validate our framework in an identity management (IdM) case
study. As IdM systems are used more and more to satisfy the increasing need for
reliable on-line identification and authentication, privacy is becoming an
increasingly critical issue. We use our framework to analyse and compare four
identity management systems. Finally, we discuss the completeness and
(re)usability of the proposed framework
A Deductive Verification Platform for Cryptographic Software
In this paper we describe a deductive verification platform for the CAO language. CAO is a domain-specific language for cryptography. We show that this language presents interesting challenges for formal verification, not only in the rich mathematical type system that it introduces, but also in the cryptography-oriented language constructions that it offers. We describe how we tackle these problems, and also demonstrate that, by relying on the Jessie plug-in included in the Frama-C framework, the development time of such a complex verification tool could be greatly reduced. We base our presentation on real-world examples of CAO code, extracted from the open-source code of the NaCl cryptographic library, and illustrate how various cryptography-relevant security properties can be verified
Formal verification of side-channel countermeasures using self-composition
Formal verification of cryptographic software implementations poses significant challenges for off-the-shelf tools. This is due to the domain-specific characteristics of the code, involving aggressive optimizations and non-functional security requirements, namely the critical aspect of countermeasures against side-channel attacks. In this paper, we extend previous results supporting the practicality of self-composition proofs of non-interference and generalizations thereof. We tackle the formal verification of high-level security policies adopted in the implementation of the recently proposed NaCl cryptographic library. We formalize these policies and propose a formal verification approach based on self-composition, extending the range of security policies that could previously be handled using this technique. We demonstrate our results by addressing compliance with the NaCl security policies in real-world cryptographic code, highlighting the potential for automation of our techniques.This work was partially supported by project SMART, funded by ENIAC joint Undertaking (GA 120224)
- …