Verifying Implementations of Security Protocols by Refinement
Source: ETH Zurich
The authors propose a technique for verifying high-level security properties of cryptographic protocol implementations based on stepwise refinement. Their refinement strategy supports reasoning about abstract protocol descriptions in the symbolic model of cryptography and gradually concretizing them towards executable code. They have implemented the technique within a general-purpose program verifier VCC and applied it to an extract from a draft reference implementation of Trusted Platform Module, written in C. Vulnerabilities in security-critical code can arise either from defects in underlying cryptographic protocols, or from inconsistencies between the protocol and the implementation.