Cryptographic Protocol Synthesis and Verification for Multiparty Sessions

Bhargavan, Karthikeyan; Corin, Ricardo; Deniélou, Pierre-Malo; Fournet, Cédric; Leifer, James J.

doi:10.1109/csf.2009.26

Cited by 73 publications

(90 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This process is insecure because, depending on the high value received for x on channel s [2], that is, on whether the Q-set is H 1 or H 2 , the low value true ⊥ will be emitted or not on channel s [3], leading to…”

Section: Examples Of Information Flow Security In Sessionsmentioning

confidence: 99%

Session Types for Access and Information Flow Control

Capecchi

Castellani

Dezani‐Ciancaglini

et al. 2010

CONCUR 2010 - Concurrency Theory

View full text Add to dashboard Cite

Abstract. We consider a calculus for multiparty sessions with delegation, enriched with security levels for session participants and data. We propose a type system that guarantees both session safety and a form of access control. Moreover, this type system ensures secure information flow, including controlled forms of declassification. In particular, the type system prevents leaks that could result from an unrestricted use of the control constructs of the calculus, such as session opening, selection, branching and delegation. We illustrate the use of our type system with a number of examples, which reveal an interesting interplay between the constraints used in security type systems and those used in session types to ensure properties like communication safety and session fidelity.

show abstract

Section: Examples Of Information Flow Security In Sessionsmentioning

confidence: 99%

Session Types for Access and Information Flow Control

Capecchi

Castellani

Dezani‐Ciancaglini

et al. 2010

CONCUR 2010 - Concurrency Theory

View full text Add to dashboard Cite

show abstract

“…Some start with a crypto-free protocol, and transform it into a protocol meeting security goals [9,4]. Others transform a protocol secure in a weak adversary model into protocols satisfying those goals with multi-session, active adversary [20].…”

Section: Preserving Security Goal Formulasmentioning

confidence: 99%

Security Goals and Protocol Transformations

Guttman

2012

Theory of Security and Applications

View full text Add to dashboard Cite

Abstract. Cryptographic protocol designers work incrementally. Having achieved some goals for confidentiality and authentication in a protocol Π1, they transform it to a richer Π2 to achieve new goals.But do the original goals still hold? More precisely, if a goal formula Γ holds whenever Π1 runs against an adversary, does a translation of Γ hold whenever Π2 runs against it?We prove that a transformation preserves goal formulas if a labeled transition system for analyzing Π1 simulates a portion of an lts for analyzing Π2, while preserving progress in that portion.Thus, we examine the process of analyzing a protocol Π. We use ltss that describe our activity when analyzing Π, not that of the principals executing Π. Each analysis step considers-for an observed message reception-what earlier transmissions would explain it. The lts then contains a transition from a fragmentary execution containing the reception to a richer one containing an explaining transmission. The strand space protocol analysis tool cpsa generates some of the ltss used.

show abstract

“…Our theory, based on multiparty sessions, can verify processes against a contract globally agreed by multiple distributed peers. [2] uses refinement types for channels to verify authentication in multiparty session protocols, but does not consider multi-session properties. The work [7] investigates a relationship between a dual intuitionistic linear logic and binary session types, and shows that the former defines a proof system for a session calculus which can automatically characterise and guarantee a session fidelity and global progress.…”

Section: Related Work and Further Topicsmentioning

confidence: 99%

“…Types offer a stable linkage between the fundamental dynamics of programs and their mathematical abstractions, serving as a highly effective basis for safety assurance. In the context of process algebras, approaches like [5,13,18] allow tractable 2 (e.g., with respect to model checking techniques) validation of properties such as session fidelity, progress, and error freedom. Furthermore, they enable the specification of global properties of multiparty interactions, yet enabling modular local verification of each principal.…”

Section: Introductionmentioning

confidence: 99%

“…The principals within the OOI infrastructure perform interactive activities involving distributed resources, e.g., remote instruments, off-shore sensors, data. It is important to: (1) ensure that the principals carry out each activity (session) in a way that conform a well-defined protocol, (2) express properties that span the single activities (e.g., associate each principal with a credit for resource usage, and ensure that this will always be non negative across sessions 1 ).…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Multiparty Multi-session Logic

Bocchi

Demangeon

Yoshida

2013

Trustworthy Global Computing

View full text Add to dashboard Cite

Abstract. Recent work on the enhancement of typing techniques for multiparty sessions with logical annotations enables, not only the validation of structural properties of the conversations and on the sorts of the messages, but also properties on the actual values exchanged. However, specification and verification of mutual effects of multiple cross-session interactions are still an open problem. We introduce a multiparty logical proof system with virtual states that enables the tractable specification and validation of fine-grained inter-session correctness properties of processes participating in several interleaved sessions. We present a sound and relatively complete static verification method.

show abstract

Cryptographic Protocol Synthesis and Verification for Multiparty Sessions

Cited by 73 publications

References 18 publications

Session Types for Access and Information Flow Control

Session Types for Access and Information Flow Control

Security Goals and Protocol Transformations

A Multiparty Multi-session Logic

Contact Info

Product

Resources

About