Computing Publications

Publications Home » Refinement Types for Secure Imple...

Refinement Types for Secure Implementations

Jesper Bengtson, Karthikeyan Bhargavan, Fournet, Andrew D. Gordon, Sergio Maffeis

Conference or Workshop Paper
CSF '08, 21st IEEE Symposium on Computer Security Foundations 2008
June, 2008
IEEE Computer Society
DOI 10.1109/CSF.2008.27

We present the design and implementation of a typechecker for verifying security properties of the source code of cryptographic protocols and access control mechanisms. The underlying type theory is a lambda-calculus equipped with refinement types for expressing pre- and post-conditions within first-order logic. We derive formal cryptographic primitives and represent active adversaries within the type theory. Well-typed programs enjoy assertion-based security properties, with respect to a realistic threat model including key compromise. The implementation amounts to an enhanced typechecker for the general purpose functional language F#; typechecking generates verification conditions that are passed to an SMT solver. We describe a series of checked examples. This is the first tool to verify authentication properties of cryptographic protocols by typechecking their source code.

PDF of full publication (216 kilobytes)
(need help viewing PDF files?)
BibTEX file for the publication
Conditions for downloading publications from this site. built & maintained by Ashok Argent-Katwala.