Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CORR
2011
Springer
2011
Springer
Extracting and Verifying Cryptographic Models from C Protocol Code by Symbolic Execution
Consider the problem of verifying security properties of a cryptographic protocol coded in C. We propose an automatic solution that needs neither a pre-existing protocol description nor manual annotation of source code. First, symbolically execute the C program to obtain symbolic descriptions for the network messages sent by the protocol. Second, apply algebraic rewriting to obtain a process calculus description. Third, run an existing protocol analyser (ProVerif) to prove security properties or find attacks. We formalise our algorithm and appeal to existing results for ProVerif to establish computational soundness under suitable circumstances. We analyse only a single execution path, so our results are limited to protocols with no significant branching. The results in this paper provide the first computationally sound verification of weak secrecy and authentication for (single execution paths of) C code.
Real-time TrafficCORR 2011 | Education | Pre-existing Protocol Description | Security Properties | Single Execution Paths |
| Added | 19 Aug 2011 |
| Updated | 19 Aug 2011 |
| Type | Journal |
| Year | 2011 |
| Where | CORR |
| Authors | Mihhail Aizatulin, Andrew D. Gordon, Jan Jürjens |
Comments (0)
Researcher Info
|
