Skip to main content
SpringerLink
Log in

Verifying Cryptographic Code in C: Some Experience and the Csec Challenge

  • Conference paper
Formal Aspects of Security and Trust (FAST 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7140))

Included in the following conference series:

Abstract

The security of much critical infrastructure depends in part on cryptographic software coded in C, and yet vulnerabilities continue to be discovered in such software. We describe recent progress on checking the security of C code implementing cryptographic software. In particular, we describe projects that combine verification-condition generation and symbolic execution techniques for C, with methods for stating and verifying security properties of abstract models of cryptographic protocols. We illustrate these techniques on C code for a simple two-message protocol.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  • Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: ACM POPL, pp. 104–115 (2001)

    Google Scholar 

  • Aizatulin, M., Dupressoir, F., Gordon, A., Jürjens, J.: Verifying cryptographic code in C: Some experience and the Csec challenge. Technical Report MSR-TR-2011-118, Microsoft Research (November 2011a)

    Google Scholar 

  • Aizatulin, M., Gordon, A., Jürjens, J.: Extracting and verifying cryptographic models from C protocol code by symbolic execution. In: 18th ACM Conference on Computer and Communications Security, CCS 2011 (2011), http://arxiv.org/abs/1107.1017

  • Backes, M., Hofheinz, D., Unruh, D.: CoSP: A general framework for computational soundness proofs. In: ACM CCS 2009, pp. 66–78 (November 2009); preprint on IACR ePrint 2009/080

    Google Scholar 

  • Barbosa, M., Pinto, J., Filliâtre, J., Vieira, B.: A deductive verification platform for cryptographic software. In: Proceedings of the Fourth International Workshop on Foundations and Techniques for Open Source Software Certification (OpenCert 2010). Electronic Communications of the EASST, vol. 33. EASST (2010)

    Google Scholar 

  • Bengtson, J., Bhargavan, K., Fournet, C., Gordon, A.D., Maffeis, S.: Refinement types for secure implementations. In: 21st IEEE Computer Security Foundations Symposium (CSF 2008), pp. 17–32 (2008)

    Google Scholar 

  • Bhargavan, K., Fournet, C., Gordon, A.D.: Modular verification of security protocol code by typing. In: ACM Symposium on Principles of Programming Languages (POPL 2010), pp. 445–456 (2010)

    Google Scholar 

  • Blanchet, B.: An efficient cryptographic protocol verifier based on Prolog rules. In: IEEE Computer Security Foundations Workshop (CSFW 2001), pp. 82–96 (2001)

    Google Scholar 

  • Cadar, C., Dunbar, D., Engler, D.: KLEE: Unassisted and automatic generation of high-coverage tests for complex systems programs. In: USENIX Symposium on Operating Systems Design and Implementation (OSDI 2008), San Diego, CA (December 2008)

    Google Scholar 

  • Chaki, S., Datta, A.: ASPIER: An automated framework for verifying security protocol implementations. In: Computer Security Foundations Workshop, pp. 172–185 (2009), doi:10.1109/CSF.2009.20

    Google Scholar 

  • Cohen, E., Dahlweid, M., Hillebrand, M.A., Leinenbach, D., Moskal, M., Santen, T., Schulte, W., Tobies, S.: VCC: A Practical System for Verifying Concurrent C. In: Berghofer, S., Nipkow, T., Urban, C., Wenzel, M. (eds.) TPHOLs 2009. LNCS, vol. 5674, pp. 23–42. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  • Corin, R., Manzano, F.A.: Efficient Symbolic Execution for Analysing Cryptographic Protocol Implementations. In: Erlingsson, Ú., Wieringa, R., Zannone, N. (eds.) ESSoS 2011. LNCS, vol. 6542, pp. 58–72. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  • Dupressoir, F., Gordon, A., Jürjens, J., Naumann, D.: Guiding a general-purpose C verifier to prove cryptographic protocols. In: 24th IEEE Computer Security Foundations Symposium, pp. 3–17 (2011)

    Google Scholar 

  • Dutertre, B., de Moura, L.: The Yices SMT Solver. Technical report (2006)

    Google Scholar 

  • Erkök, L., Carlsson, M., Wick, A.: Hardware/software co-verification of cryptographic algorithms using Cryptol. In: FMCAD (2009)

    Google Scholar 

  • Fournet, C., Bhargavan, K., Gordon, A.D.: Cryptographic Verification by Typing for a Sample Protocol Implementation. In: Aldini, A., Gorrieri, R. (eds.) FOSAD 2011. LNCS, vol. 6858, pp. 66–100. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  • Fournet, C., Kohlweiss, M., Strub, P.-Y.: Modular code-based cryptographic verification. In: 18th ACM Conference on Computer and Communications Security, CCS 2011 (2011) Technical report, sample code, and formal proofs available from, http://research.microsoft.com/~fournet/comp-f7/

  • Godefroid, P., Khurshid, S.: Exploring Very Large State Spaces using Genetic Algorithms. In: Katoen, J.-P., Stevens, P. (eds.) TACAS 2002. LNCS, vol. 2280, pp. 266–280. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  • Godefroid, P., Klarlund, N., Sen, K.: DART: directed automated random testing. In: Programming Language Design and Implementation (PLDI 2005), pp. 213–223. ACM (2005)

    Google Scholar 

  • Godefroid, P., Levin, M.Y., Molnar, D.A.: Automated whitebox fuzz testing. In: Proceedings of the Network and Distributed System Security Symposium, NDSS 2008. The Internet Society (2008)

    Google Scholar 

  • Goubault-Larrecq, J., Parrennes, F.: Cryptographic Protocol Analysis on Real C Code. In: Cousot, R. (ed.) VMCAI 2005. LNCS, vol. 3385, pp. 363–379. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  • Hriţcu, C.: Union, Intersection, and Refinement Types and Reasoning About Type Disjointness for Security Protocol Analysis. PhD thesis, Department of Computer Science, Saarland University (2011)

    Google Scholar 

  • King, J.C.: Symbolic execution and program testing. Commun. ACM 19(7), 385–394 (1976)

    Article  MATH  Google Scholar 

  • McGrew, D.A., Viega, J.: Flexible and efficient message authentication in hardware and software. manuscript and software available at (2005), http://www.zork.org/gcm

  • Necula, G.C., McPeak, S., Rahul, S.P., Weimer, W.: CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs. In: Proceedings of the 11th International Conference on Compiler Construction, CC 2002, pp. 213–228. Springer, London (2002) ISBN 3-540-43369-4, http://portal.acm.org/citation.cfm?id=647478.727796

    Google Scholar 

  • PolarSSL. PolarSSL, http://polarssl.org

  • Polikarpova, N., Moskal, M.: Verifying implementations of security protocols by refinement. In: Verified Software: Theories, Tools and Experiments, VSTTE 2012 (to appear, 2012)

    Google Scholar 

  • Project EVA. Security protocols open repository (2007), http://www.lsv.ens-cachan.fr/spore/

  • Udrea, O., Lumezanu, C., Foster, J.S.: Rule-Based static analysis of network protocol implementations. In: Proceedings of the 15Th Usenix Security Symposium, pp. 193–208 (2006), http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.111.8168

Download references

Author information

Authors and Affiliations

  1. The Open University, UK

    Mihhail Aizatulin & François Dupressoir

  2. Microsoft Research and University of Edinburgh, UK

    Andrew D. Gordon

  3. TU Dortmund and Fraunhofer ISST, Germany

    Jan Jürjens

Authors
  1. Mihhail Aizatulin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. François Dupressoir
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Andrew D. Gordon
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jan Jürjens
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. IMDEA Software Institute, Universidad Politecnica de Madrid, Campus Montegancedo, 28660, Boadilla del Monte, Madrid, Spain

    Gilles Barthe

  2. Carnegie Mellon University, NASA Research Park, Bldg. 23 (MS 23-11), P.O. Box 1, 94035-0001, Moffet Field, CA, USA

    Anupam Datta

  3. Faculty of Mathematics and Computer Science, Embedded Systems Security Group, Technical University of Eindhoven, P.O. Box 513, 5600 MB, Eindhoven, The Netherlands

    Sandro Etalle

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Aizatulin, M., Dupressoir, F., Gordon, A.D., Jürjens, J. (2012). Verifying Cryptographic Code in C: Some Experience and the Csec Challenge. In: Barthe, G., Datta, A., Etalle, S. (eds) Formal Aspects of Security and Trust. FAST 2011. Lecture Notes in Computer Science, vol 7140. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29420-4_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-29420-4_1

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-29419-8

  • Online ISBN: 978-3-642-29420-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation