Refinement Types for Secure Implementations

Download Now Date Added: Feb 2010
Format: PDF

The authors present the design and implementation of a type-checker for verifying security properties of the source code of cryptographic protocols and access control mechanisms. They derive formal cryptographic primitives and represent active adversaries within the type theory. Well-typed programs enjoy assertion-based security properties, with respect to a realistic threat model including key compromise. They describe a series of checked examples. This is the first tool to verify authentication properties of cryptographic protocols by type-checking their source code.