DocumentCode
3258382
Title
Cryptographic Protocol Synthesis and Verification for Multiparty Sessions
Author
Bhargavan, Karthikeyan ; Corin, Ricardo ; Denielou, P.-M. ; Fournet, Cédric ; Leifer, James J.
Author_Institution
Microsoft Res., Cambridge, UK
fYear
2009
fDate
8-10 July 2009
Firstpage
124
Lastpage
140
Abstract
We present the design and implementation of a compiler that, given high-level multiparty session descriptions, generates custom cryptographic protocols. Our sessions specify pre-arranged patterns of message exchanges and data accesses between distributed participants. They provide each participant with strong security guarantees for all their messages. Our compiler generates code for sending and receiving these messages, with cryptographic operations and checks, in order to enforce these guarantees against any adversary that may control both the network and some session participants. We verify that the generated code is secure by relying on a recent type system for cryptography. Most of the proof is performed by mechanized type checking and does not rely on the correctness of our compiler.We obtain the strongest session security guarantees to date in a model that captures the executable details of protocol code. We illustrate and evaluate our approach on a series of protocols inspired by Web services.
Keywords
cryptographic protocols; formal verification; program compilers; Web service; compiler; cryptographic protocol synthesis; multiparty session description; session security; verification; Access protocols; Computer security; Cryptographic protocols; Cryptography; Data security; Libraries; Payloads; Programming profession; Protection; Web services; ML; cryptography; multiparty sessions; type systems;
fLanguage
English
Publisher
ieee
Conference_Titel
Computer Security Foundations Symposium, 2009. CSF '09. 22nd IEEE
Conference_Location
Port Jefferson, NY
ISSN
1940-1434
Print_ISBN
978-0-7695-3712-2
Type
conf
DOI
10.1109/CSF.2009.26
Filename
5230622
Link To Document