9,671 research outputs found
Type checking cryptography implementations
Proceedings da conferência Fundamentals of Software Engineering 2011Cryptographic software development is a challenging field:
high performance must be achieved, while ensuring correctness and
compliance with low-level security policies.
CAO is a domain specific language designed to assist development of
cryptographic software. An important feature of this language is the
design of a novel type system introducing native types such as predefined
sized vectors, matrices and bit strings, residue classes modulo an integer, finite fields
and finite field extensions, allowing for extensive static validation of source code.
We present the formalisation, validation and implementation of
this type system.(undefined
Formal Verification of Security Protocol Implementations: A Survey
Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implementations. This paper surveys these attempts, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography. According to these approaches, libraries are assumed to correctly implement some models. The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approac
Formal verification of a software countermeasure against instruction skip attacks
Fault attacks against embedded circuits enabled to define many new attack
paths against secure circuits. Every attack path relies on a specific fault
model which defines the type of faults that the attacker can perform. On
embedded processors, a fault model consisting in an assembly instruction skip
can be very useful for an attacker and has been obtained by using several fault
injection means. To avoid this threat, some countermeasure schemes which rely
on temporal redundancy have been proposed. Nevertheless, double fault injection
in a long enough time interval is practical and can bypass those countermeasure
schemes. Some fine-grained countermeasure schemes have also been proposed for
specific instructions. However, to the best of our knowledge, no approach that
enables to secure a generic assembly program in order to make it fault-tolerant
to instruction skip attacks has been formally proven yet. In this paper, we
provide a fault-tolerant replacement sequence for almost all the instructions
of the Thumb-2 instruction set and provide a formal verification for this fault
tolerance. This simple transformation enables to add a reasonably good security
level to an embedded program and makes practical fault injection attacks much
harder to achieve
High-level Cryptographic Abstractions
The interfaces exposed by commonly used cryptographic libraries are clumsy,
complicated, and assume an understanding of cryptographic algorithms. The
challenge is to design high-level abstractions that require minimum knowledge
and effort to use while also allowing maximum control when needed.
This paper proposes such high-level abstractions consisting of simple
cryptographic primitives and full declarative configuration. These abstractions
can be implemented on top of any cryptographic library in any language. We have
implemented these abstractions in Python, and used them to write a wide variety
of well-known security protocols, including Signal, Kerberos, and TLS.
We show that programs using our abstractions are much smaller and easier to
write than using low-level libraries, where size of security protocols
implemented is reduced by about a third on average. We show our implementation
incurs a small overhead, less than 5 microseconds for shared key operations and
less than 341 microseconds (< 1%) for public key operations. We also show our
abstractions are safe against main types of cryptographic misuse reported in
the literature
Trusty URIs: Verifiable, Immutable, and Permanent Digital Artifacts for Linked Data
To make digital resources on the web verifiable, immutable, and permanent, we
propose a technique to include cryptographic hash values in URIs. We call them
trusty URIs and we show how they can be used for approaches like
nanopublications to make not only specific resources but their entire reference
trees verifiable. Digital artifacts can be identified not only on the byte
level but on more abstract levels such as RDF graphs, which means that
resources keep their hash values even when presented in a different format. Our
approach sticks to the core principles of the web, namely openness and
decentralized architecture, is fully compatible with existing standards and
protocols, and can therefore be used right away. Evaluation of our reference
implementations shows that these desired properties are indeed accomplished by
our approach, and that it remains practical even for very large files.Comment: Small error corrected in the text (table data was correct) on page
13: "All average values are below 0.8s (0.03s for batch mode). Using Java in
batch mode even requires only 1ms per file.
- …