Refinement Types for Secure Implementations

June 23-June 25

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/CSF.2008.27

2008 21st IEEE Computer Security Foun ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Jesper Bengtson Articles by Karthikeyan Bhargavan Articles by C?dric Fournet Articles by Andrew D. Gordon Articles by Sergio Maffeis

	ASCII Text	x
	Jesper Bengtson, Karthikeyan Bhargavan, C?dric Fournet, Andrew D. Gordon, Sergio Maffeis, "Refinement Types for Secure Implementations," Computer Security Foundations Symposium, IEEE, pp. 17-32, 2008 21st IEEE Computer Security Foundations Symposium, 2008.

	BibTex	x
	@article{ 10.1109/CSF.2008.27, author = {Jesper Bengtson and Karthikeyan Bhargavan and C?dric Fournet and Andrew D. Gordon and Sergio Maffeis}, title = {Refinement Types for Secure Implementations}, journal ={Computer Security Foundations Symposium, IEEE}, volume = {0}, year = {2008}, isbn = {978-0-7695-3182-3}, pages = {17-32}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSF.2008.27}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Foundations Symposium, IEEE TI - Refinement Types for Secure Implementations SN - 978-0-7695-3182-3 SP17 EP32 A1 - Jesper Bengtson, A1 - Karthikeyan Bhargavan, A1 - C?dric Fournet, A1 - Andrew D. Gordon, A1 - Sergio Maffeis, PY - 2008 KW - null VL - 0 JA - Computer Security Foundations Symposium, IEEE ER -

Jesper Bengtson

Karthikeyan Bhargavan

C?dric Fournet

Andrew D. Gordon

Sergio Maffeis

We present the design and implementation of a typechecker for verifying security properties of the source code of cryptographic protocols and access control mechanisms. The underlying type theory is a λ-calculus equipped with reﬁnement types for expressing pre- and post-conditions within ﬁrst-order logic. We derive formal cryptographic primitives and represent active adversaries within the type theory. Well-typed programs enjoy assertion-based security properties, with respect to a realistic threat model including key compromise. The implementation amounts to an enhanced typechecker for the general purpose functional language F#; typechecking generates veriﬁcation conditions that are passed to an SMT solver. We describe a series of checked examples. This is the ﬁrst tool to verify authentication properties of cryptographic protocols by typechecking their source code.

Citation:

Jesper Bengtson, Karthikeyan Bhargavan, C?dric Fournet, Andrew D. Gordon, Sergio Maffeis, "Refinement Types for Secure Implementations," csf, pp.17-32, 2008 21st IEEE Computer Security Foundations Symposium, 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.