کد مقاله کد نشریه سال انتشار مقاله انگلیسی نسخه تمام متن
433324 1441678 2014 18 صفحه PDF دانلود رایگان
عنوان انگلیسی مقاله ISI
CAOVerif: An open-source deductive verification platform for cryptographic software implementations
موضوعات مرتبط
مهندسی و علوم پایه مهندسی کامپیوتر نظریه محاسباتی و ریاضیات
پیش نمایش صفحه اول مقاله
CAOVerif: An open-source deductive verification platform for cryptographic software implementations
چکیده انگلیسی

CAO is a domain-specific imperative language for cryptography, offering a rich mathematical type system and crypto-oriented language constructions. We describe the design and implementation of a deductive verification platform for CAO and demonstrate that the development time of such a complex verification tool could be greatly reduced by building on the Jessie plug-in included in the Frama-C framework. We discuss the interesting challenges raised by the domain-specific characteristics of CAO, and describe how we tackle these problems in our design. We base our presentation on real-world examples of CAO code, extracted from the open-source code of the NaCl cryptographic library, and illustrate how various cryptography-relevant security properties can be verified.


► CAOVerif is a new deductive verification platform for domain-specific cryptographic language CAO.
► Frama-C component Jessie is used as a back-end, greatly reducing the development time.
► Logic theories in CAOVerif were proven sound w.r.t. the CAO semantics in Coq.
► Case study: a real-world example from the NaCl open source cryptographic library.

ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Science of Computer Programming - Volume 91, Part B, 1 October 2014, Pages 216–233
نویسندگان
, , , , ,