High-level Cryptographic Abstractions

The interfaces exposed by commonly used cryptographic libraries are clumsy, complicated, and assume an understanding of cryptographic algorithms. The challenge is to design high-level abstractions that require minimum knowledge and effort to use while also allowing maximum control when needed. This paper proposes such high-level abstractions consisting of simple cryptographic primitives and full declarative configuration. These abstractions can be implemented on top of any cryptographic library in any language. We have implemented these abstractions in Python, and used them to write a wide variety of well-known security protocols, including Signal, Kerberos, and TLS. We show that programs using our abstractions are much smaller and easier to write than using low-level libraries, where size of security protocols implemented is reduced by about a third on average. We show our implementation incurs a small overhead, less than 5 microseconds for shared key operations and less than 341 microseconds (< 1%) for public key operations. We also show our abstractions are safe against main types of cryptographic misuse reported in the literature

Preface Volume 55, Issue 3

AbstractThis issue contains the Proceedings of the Workshop on Software Model Checking, which was held in Paris, France, on 23 July 2001, as a satellite event of the 13th International Conference on Computer-Aided Verification (CAV 2001).The growing importance of model checking in hardware verification and the difficulty of producing correct software are driving a growing interest in the application of model checking to software. This leads to many challenges of scientific and practical interest, both in core model checking technology and in supporting techniques, such as program analyses and transformations that help automate abstraction of the data state and reduction of the control state. The two main aims of the workshop were to introduce people to the field of software model checking, and to serve as a forum for the presentation and discussion of new research ideas in the field.In order to achieve the first goal, two leaders in the field were invited to present their ongoing research. Sriram Rajamani (Microsoft Research) spoke on “Model Checking, Program Analysis and Theorem Proving: Kitchen Sink?” John Hatcliff (Kansas State University) discussed ”Using the Bandera Tool Set to Model-check Properties of Concurrent Java Software”.The call for papers resulted in 25 submissions. Eight were selected by the Program Committee for presentation at the workshop, and seven appear here. The submissions were reviewed by the Program Committee and the following additional reviewers: Dennis Dams, Alex Groce, Frederic Lang, Radu Mateescu, SeungJoon Park, and Sriram Rajamani.Program CommitteeTom Ball, Microsoft ResearchDavid Dill, Stanford UniversityHubert Garavel, INRIA Rhone-Alpes/VASYPatrice Godefroid, Bell Laboratories, Lucent TechnologiesSusanne Graf, VerimagGerard Holzmann Bell Laboratories, Lucent TechnologiesScott Stoller, State University of New York at Stony BrookWillem Visser, RIACS, NASA Ames Research CenterWe thank RIACS (Research Institute for Advanced Computer Science, California, USA) for generous financial support. We thank the CAV 2001 organizers for excellent logistic support.August 2001Scott D. StollerWillem Visse