Abstract

In this paper we describe a deductive verification platform for the CAO language. CAO is a domain-specific language for cryptography. We show that this language presents interesting challenges for formal verification, not only in the rich mathematical type system that it introduces, but also in the cryptography-oriented language constructions that it offers. We describe how we tackle these problems, and also demonstrate that, by relying on the Jessie plug-in included in the Frama-C framework, the development time of such a complex verification tool could be greatly reduced. We base our presentation on real-world examples of CAO code, extracted from the open-source code of the NaCl cryptographic library, and illustrate how various cryptography-relevant security properties can be verified.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
CAOVerif: An open-source deductive verification platform for cryptographic software implementations
José Bacelar Almeida ... Bárbara Vieira
Science of Computer Programming | VOL. 91
José Bacelar Almeida, et. al.José Bacelar Almeida ... Bárbara Vieira
11 Oct 2012
A Transient Semantics for Typed Racket
Ben Greenman ... Lukas Lazarek
The Art, Science, and Engineering of Programming | VOL. 6
Ben Greenman, et. al.Ben Greenman ... Lukas Lazarek
15 Nov 2021
The high-level benefits of low-level sandboxing
Michael Sammler ... Derek Dreyer
Proceedings of the ACM on Programming Languages | VOL. 4
Michael Sammler, et. al.Michael Sammler ... Derek Dreyer
20 Dec 2019
Parallel programming and code selection in fortress
Guy L Steele
-
Guy L SteeleGuy L Steele
29 Mar 2006
View more papers

More From: Electronic Communication of The European Association of Software Science and Technology

Paper Title
Journal
Date
Author
Reachability and reward checking for stochastic timed automata
...
Electronic Communication of The European Association of Software Science and Technology | VOL. 70
, et. al. ...
27 Nov 2020
Lenses for Web Data
...
Electronic Communication of The European Association of Software Science and Technology | VOL. 57
, et. al. ...
17 Jun 2020
Incremental Pattern Matching for Regular Expressions
...
Electronic Communication of The European Association of Software Science and Technology | VOL. 47
, et. al. ...
20 Feb 2020
Lens put-put laws: monotonic and mixed
...
Electronic Communication of The European Association of Software Science and Technology | VOL. 49
, et. al. ...
14 Feb 2020
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.