Abstract machines for communication security

Bieber, Pierre; Boulahia-Cuppens, Nora; Lehmann, Todd C.; Wickeren, E. van

doi:10.1109/csfw.1993.246632

Cited by 11 publications

(2 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This method allows for formal verification of security properties through translation of the spi-calculus specifications to a format that can be verified by ProVerif prior to code generation. -In 1993 and in 2009, Bieber et al [18] and Benaissa et al [12] respectively proposed an approach to analyze the security of cryptographic protocols using the Event-B framework. To the best of our knowledge, they partly implement the Dolev-Yao model as a library for the internal verifier of Event-B, allowing them to specify lemmas describing security properties to be proven such as secrecy and authentication.…”

Section: Cryptographic Protocol Code Generation Toolsmentioning

confidence: 99%

Automatic Implementations Synthesis of Secure Protocols and Attacks from Abstract Models

et al. 2022

View full text Add to dashboard Cite

Attack generation from an abstract model of a protocol is not an easy task. We present BIFROST (Bifrost Implements Formally Reliable prOtocols for Security and Trust), a tool that takes an abstract model of a cryptographic protocol and outputs an implementation in C of the protocol and either a proof in ProVerif that the protocol is safe or an implementation of the attack found. We use FS2PV, KaRaMeL, ProVerif and a dedicated parser to analyze the attack traces produced by ProVerif. If an attack is found then BIFROST automatically produces C code for each honest participant and for the intruder in order to mount the attack.

show abstract

Section: Cryptographic Protocol Code Generation Toolsmentioning

confidence: 99%

Automatic Implementations Synthesis of Secure Protocols and Attacks from Abstract Models

et al. 2022

View full text Add to dashboard Cite

show abstract

“…Boyd has formalized analogous results using Z [11]. Bieber et al model abstract channels using the B method [10] and refine them to cryptographic implementations. Abadi et al [1] formalize secure channels in a variant of the join calculus and establish full abstraction results for translations to cryptographic implementations.…”

Section: Related Workmentioning

confidence: 99%

Developing security protocols by refinement

Sprenger

Basin

2010

Proceedings of the 17th ACM Conference on Computer and Communications Security

View full text Add to dashboard Cite

We propose a development method for security protocols based on stepwise refinement. Our refinement strategy guides the transformation of abstract security goals into protocols that are secure when operating over an insecure channel controlled by a Dolev-Yao-style intruder. The refinement steps successively introduce local states, an intruder, communication channels with security properties, and cryptographic operations realizing these channels. The abstractions used provide insights on how the protocols work and foster the development of families of protocols sharing a common structure and properties. In contrast to post-hoc verification methods, protocols are developed together with their correctness proofs. We have implemented our method in Isabelle/HOL and used it to develop different entity authentication and key transport protocols.

show abstract