Extracting and Verifying Cryptographic Models from C Protocol Code by Symbolic Execution

Details Extracting and Verifying Cryptographic Models from C Protocol Code by Symbolic Execution Extracting and Verifying Cryptographic Models from C Protocol Code by Symbolic Execution

2011-07-06

arxiv.org/abs/1107.1017v1

Computer Science

Cryptography and Security

Scientific paper

Consider the problem of verifying security properties of a cryptographic protocol coded in C. We propose an automatic solution that needs neither a pre-existing protocol description nor manual annotation of source code. First, symbolically execute the C program to obtain symbolic descriptions for the network messages sent by the protocol. Second, apply algebraic rewriting to obtain a process calculus description. Third, run an existing protocol analyser (ProVerif) to prove security properties or find attacks. We formalise our algorithm and appeal to existing results for ProVerif to establish computational soundness under suitable circumstances. We analyse only a single execution path, so our results are limited to protocols with no significant branching. The results in this paper provide the first computationally sound verification of weak secrecy and authentication for (single execution paths of) C code.

Affiliated with

Also associated with

No associations

Rating

Extracting and Verifying Cryptographic Models from C Protocol Code by Symbolic Execution does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.

If you have personal experience with Extracting and Verifying Cryptographic Models from C Protocol Code by Symbolic Execution, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Extracting and Verifying Cryptographic Models from C Protocol Code by Symbolic Execution will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFWR-SCP-O-677607