Proving Cryptographic C Programs Secure with General-Purpose Verification Tools

Dupressoir, François Stéphane Pascal (2013). Proving Cryptographic C Programs Secure with General-Purpose Verification Tools. PhD thesis The Open University.

DOI: https://doi.org/10.21954/ou.ro.000092fb

URL: http://fdupress.net/files/phd-material/Francois.Du...

Abstract

Security protocols, such as TLS or Kerberos, and security devices such as the Trusted Platform Module (TPM), Hardware Security Modules (HSMs) or PKCS#11 tokens, are central to many computer interactions.
Yet, such security critical components are still often found vulnerable to attack after their deployment, either because the specification is insecure, or because of implementation errors.

Techniques exist to construct machine-checked proofs of security properties for abstract specifications.
However, this may leave the final executable code, often written in lower level languages such as C, vulnerable both to logical errors, and low-level flaws.

Recent work on verifying security properties of C code is often based on soundly extracting, from C programs, protocol models on which security properties can be proved.
However, in such methods, any change in the C code, however trivial, may require one to perform a new and complex security proof.

Our goal is therefore to develop or identify a framework in which security properties of cryptographic systems can be formally proved, and that can also be used to soundly verify, using existing general-purpose tools, that a C program shares the same security properties.

We argue that the current state of general-purpose verification tools for the C language, as well as for functional languages, is sufficient to achieve this goal, and illustrate our argument by developing two verification frameworks around the VCC verifier.

In the symbolic model, we illustrate our method by proving authentication and weak secrecy for implementations of several network security protocols.
In the computational model, we illustrate our method by proving authentication and strong secrecy properties for an exemplary key management API, inspired by the TPM.

Viewing alternatives

Metrics

Item Actions

Export

You can export this page using these formats Digital Object Identifier - DOI

About

• Item ORO ID
• 37627
• Item Type
• PhD Thesis
• Project Funding Details

• Funded Project Name	Project ID	Funding Body
  Not Set	Not Set	Microsoft Research

• Keywords
• computer security; data protection; C (computer program language)
• Academic Unit or School
• Faculty of Science, Technology, Engineering and Mathematics (STEM) > Computing and Communications
• Research Group
• Centre for Research in Computing (CRC)
• Copyright Holders
• © 2012 François Dupressoir
• Related URLs
• • http://fdupress.net(Author Website)
  • http://fdupress.net/files/phd-material/C...(Other)
• Depositing User
• Francois Dupressoir