84 research outputs found
Abstraction-carrying code: a model for mobile code safety
Proof-Carrying Code (PCC) is a general approach to mobile
code safety in which programs are augmented with a certificate (or proof).
The intended benefit is that the program consumer can locally validate the
certificate w.r.t. the "untrustcd" program by means of a certificate checker a
process which should be much simpler, efficient, and automatic than generating
the original proof. The practical uptake of PCC greatly depends on the
existence of a variety of enabling technologies which allow both proving programs
correct and replacing a costly verification process by an efficient checking
proceduri on th( consumer side. In this work we propose Abstraction-
Carrying Code (ACC), a novel approach which uses abstract interpretation
as enabling technology. We argue that the large body of applications of abstract
interpretation to program verification is amenable to the overall PCC
scheme. In particular, we rely on an expressive class of safely policies which
can be defined over different abstract domains. We use an abstraction (or
abstract model) of the program computed by standard static analyzers as a
certificate. The validity of the abstraction on ihe consumer side is checked
in a single pass by a very efficient and specialized abstract-interpreter. We
believe that ACC brings the expressiveness, flexibility and automation which
is inherent in abstract interpretation techniques to the area of mobile code
safety
Full proof cryptography: verifiable compilation of efficient zero-knowledge protocols
Developers building cryptography into security-sensitive applications face a daunting task. Not only must they understand the security guarantees delivered by the constructions they choose, they must also implement and combine them correctly and efficiently. Cryptographic compilers free developers from having to implement cryptography on their own by turning high-level specifications of security goals into efficient implementations. Yet, trusting such tools is risky as they rely on complex mathematical machinery and claim security properties that are subtle and difficult to verify.
In this paper, we present ZKCrypt, an optimizing cryptographic compiler that achieves an unprecedented level of assurance without sacrificing practicality for a comprehensive class of cryptographic protocols, known as Zero-Knowledge Proofs of Knowledge. The pipeline of ZKCrypt tightly integrates purpose-built verified compilers and verifying compilers producing formal proofs in the CertiCrypt framework. By combining the guarantees delivered by each stage in the pipeline, ZKCrypt provides assurance that the implementation it outputs securely realizes the high-level proof goal given as input. We report on the main characteristics of ZKCrypt, highlight new definitions and concepts at its foundations, and illustrate its applicability through a representative example of an anonymous credential system.(undefined
Secrecy for Mobile Implementations of Security Protocols
Mobile code technology offers interesting possibilities to
the practitioner, but also raises strong concerns about security. One
aspect of security is secrecy, the preservation of confidential
information. This thesis investigates the modelling, specification and
verification of secrecy in mobile applications which access and
transmit confidential information through a possibly compromised
medium (e.g. the Internet). These applications can be expected to
communicate secret information using a security protocol, a mechanism
to guarantee that the transmitted data does not reach unauthorized
entities.
The central idea is therefore to relate the secrecy properties of the
application to those of the protocol it implements, through the
definition of a ``confidential protocol implementation'' relation.
The argument takes an indirect form, showing that a confidential
implementation transmits secret data only in the ways indicated by the
protocol.
We define the implementation relation using labelled transition
semantics, bisimulations and relabelling functions. To justify its
technical definition, we relate this property to a notion of
noninterference for nondeterministic systems derived from Cohen's
definition of Selective Independency. We also provide simple and
local conditions that greatly simplify its verification, and report on
our experiments on an architecture showing how the proposed
formulations could be used in practice to enforce secrecy of mobile
code
- …