5 research outputs found
Cryptographically Secure Information Flow Control on Key-Value Stores
We present Clio, an information flow control (IFC) system that transparently
incorporates cryptography to enforce confidentiality and integrity policies on
untrusted storage. Clio insulates developers from explicitly manipulating keys
and cryptographic primitives by leveraging the policy language of the IFC
system to automatically use the appropriate keys and correct cryptographic
operations. We prove that Clio is secure with a novel proof technique that is
based on a proof style from cryptography together with standard programming
languages results. We present a prototype Clio implementation and a case study
that demonstrates Clio's practicality.Comment: Full version of conference paper appearing in CCS 201
Mechanizing Game-Based Proofs of Security Protocols
Proceedings of the summer school MOD 2011International audienceAfter a short introduction to the field of security protocol verification, we present the automatic protocol verifier CryptoVerif. In contrast to most previous protocol verifiers, CryptoVerif does not rely on the Dolev-Yao model, but on the computational model. It produces proofs presented as sequences of games, like those manually done by cryptographers; these games are formalized in a probabilistic process calculus. CryptoVerif provides a generic method for specifying security properties of the cryptographic primitives. It can prove secrecy and correspondence properties (including authentication). It produces proofs valid for any number of sessions, in the presence of an active adversary. It also provides an explicit formula for the probability of success of an attack against the protocol, as a function of the probability of breaking each primitive and of the number of sessions
Static Analysis of Circuits for Security
The purpose of the present work is to deïŹne a methodology to analyze a system description given in VHDL code and test its security properties. In particular the analysis is aimed at ensuring that a malicious user cannot make a circuit output the secret data it contains