Automated Verification of Equivalence Properties of Cryptographic Protocols

Chadha, Rohit; Cheval, Vincent; Ciobâcă, Ștefan; Kremer, Steve

doi:10.1145/2926715

Cited by 84 publications

(122 citation statements)

References 66 publications

(91 reference statements)

Supporting

Mentioning

119

Contrasting

Unclassified

Order By: Relevance

“…Wang et al [2018] verify equivalence between a pair of programs that operate over databases with different schemas using bisimulation invariants over relational algebras with updates. Finally, automatically checking the equivalence of processes in a process calculus is an important building block for security protocol analysis [Blanchet et al 2008;Chadha et al 2016].…”

Section: Related Workmentioning

confidence: 99%

“…Formally verifying relational properties has a broad range of practical applications. For instance, one might be interested in proving that the observable behaviors of two programs are related, showing for instance that the programs are equivalent [Blanchet et al 2008;Chadha et al 2016;Ştefan Ciobâcă et al 2016;Godlin and Strichman 2010;Hur et al 2012Hur et al , 2014Kundu et al 2009;Timany et al 2018;Wang et al 2018;Yang 2007], or that one refines the other [Timany and Birkedal 2019]. In other cases, one might be interested in relating two runs of a single program, but, as soon as the control flow can differ between the two runs, the compositional verification problem becomes the same as relating two different programs.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

The next 700 relational program logics

Maillard

Hriţcu

Rivas

et al. 2019

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

We propose the first framework for defining relational program logics for arbitrary monadic effects. The framework is embedded within a relational dependent type theory and is highly expressive. At the semantic level, we provide an algebraic characterization for relational specifications as a class of relative monads, and link computations and specifications by introducing relational effect observations, which map pairs of monadic computations to relational specifications in a way that respects the algebraic structure. For an arbitrary relational effect observation, we generically define the core of a sound relational program logic, and explain how to complete it to a full-fledged logic for the monadic effect at hand. We show that by instantiating our framework with state and unbounded iteration we can embed a variant of Benton's Relational Hoare Logic, and also sketch how to reconstruct Relational Hoare Type Theory. Finally, we identify and overcome conceptual challenges that prevented previous relational program logics from properly dealing with effects such as exceptions, and are the first to provide a proper semantic foundation and a relational program logic for exceptions.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

The next 700 relational program logics

Maillard

Hriţcu

Rivas

et al. 2019

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

show abstract

“…An example of algebraic properties may be the homomorphic property [37], [38] where {m 1 .m 2 } k is equivalent to {m 1 } k . {m 2 } k under the equational theory [34], [39], [40].…”

Section: Workmentioning

confidence: 99%

Cryptographic protocol for multipart missions involving two independent and distributed decision levels in a military context

Fattahi

Mejri

Ziadia

et al. 2017

2017 IEEE International Conference on Systems, Man, and Cybernetics (SMC)

View full text Add to dashboard Cite

In several critical military missions, more than one decision level are involved. These decision levels are often independent and distributed, and sensitive pieces of information making up the military mission must be kept hidden from one level to another even if all of the decision levels cooperate to accomplish the same task. Usually, a mission is negotiated through insecure networks such as the Internet using cryptographic protocols. In such protocols, few security properties have to be ensured. However, designing a secure cryptographic protocol that ensures several properties at once is a very challenging task. In this paper, we propose a new secure protocol for multipart military missions that involve two independent and distributed decision levels having different security levels. We show that it ensures the secrecy, authentication, and non-repudiation properties. In addition, we show that it resists against man-in-the-middle attacks.

show abstract

“…Numerous model checking-based tools have recently been proposed for the case of a bounded number of sessions, i.e., when protocols are executed a bounded number of times. These tools encompass SPEC [34], APTE [13,24], Akiss [23], or SAT-Equiv [28]. These tools vary in the class of cryptographic primitives and the class of protocols they can consider.…”

Section: Introductionmentioning

confidence: 99%

A Type System for Privacy Properties

Cortier

Grimm

Lallemand

et al. 2017

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

View full text Add to dashboard Cite

Mature push button tools have emerged for checking trace properties (e.g. secrecy or authentication) of security protocols. The case of indistinguishability-based privacy properties (e.g. ballot privacy or anonymity) is more complex and constitutes an active research topic with several recent propositions of techniques and tools.We explore a novel approach based on type systems and provide a (sound) type system for proving equivalence of protocols, for a bounded or an unbounded number of sessions. The resulting prototype implementation has been tested on various protocols of the literature. It provides a significant speed-up (by orders of magnitude) compared to tools for a bounded number of sessions and complements in terms of expressiveness other state-of-the-art tools, such as ProVerif and Tamarin: e.g., we show that our analysis technique is the first one to handle a faithful encoding of the Helios e-voting protocol in the context of an untrusted ballot box.

show abstract

Automated Verification of Equivalence Properties of Cryptographic Protocols

Cited by 84 publications

References 66 publications

The next 700 relational program logics

The next 700 relational program logics

Cryptographic protocol for multipart missions involving two independent and distributed decision levels in a military context

A Type System for Privacy Properties

Contact Info

Product

Resources

About