Refinement Types for Secure Implementations

Free registration required

Executive Summary

The authors present the design and implementation of a type-checker for verifying security properties of the source code of cryptographic protocols and access control mechanisms. They derive formal cryptographic primitives and represent active adversaries within the type theory. Well-typed programs enjoy assertion-based security properties, with respect to a realistic threat model including key compromise. They describe a series of checked examples. This is the first tool to verify authentication properties of cryptographic protocols by type-checking their source code.

  • Format: PDF
  • Size: 396.65 KB