Owl: Compositional verification of security protocols via an information-flow type system
J Gancher, S Gibson, P Singh… - … IEEE Symposium on …, 2023 - ieeexplore.ieee.org
Computationally sound protocol verification tools promise to deliver full-strength
cryptographic proofs for security protocols. Unfortunately, current tools lack either modularity …
cryptographic proofs for security protocols. Unfortunately, current tools lack either modularity …
A core calculus for equational proofs of cryptographic protocols
Many proofs of interactive cryptographic protocols (eg, as in Universal Composability)
operate by proving the protocol at hand to be observationally equivalent to an idealized …
operate by proving the protocol at hand to be observationally equivalent to an idealized …
Dy fuzzing: formal Dolev-Yao models meet cryptographic protocol fuzz testing
Critical and widely used cryptographic protocols have repeatedly been found to contain
flaws in their design and their implementation. A prominent class of such vulnerabilities is …
flaws in their design and their implementation. A prominent class of such vulnerabilities is …
{TreeSync}: authenticated group management for messaging layer security
T Wallez, J Protzenko, B Beurdouche… - 32nd USENIX Security …, 2023 - usenix.org
Messaging Layer Security (MLS), currently undergoing standardization at the IETF, is an
asynchronous group messaging protocol that aims to be efficient for large dynamic groups …
asynchronous group messaging protocol that aims to be efficient for large dynamic groups …
Decision and complexity of Dolev-Yao hyperproperties
I Rakotonirina, G Barthe, C Schneidewind - Proceedings of the ACM on …, 2024 - dl.acm.org
The formal analysis of cryptographic protocols traditionally focuses on trace and
equivalence properties, for which decision procedures in the symbolic (or Dolev-Yao, or DY) …
equivalence properties, for which decision procedures in the symbolic (or Dolev-Yao, or DY) …
Formal Analysis of {Session-Handling} in Secure Messaging: Lifting Security from Sessions to Conversations
The building blocks for secure messaging apps, such as Signal's X3DH and Double Ratchet
(DR) protocols, have received a lot of attention from the research community. They have …
(DR) protocols, have received a lot of attention from the research community. They have …
A generic methodology for the modular verification of security protocol implementations
Security protocols are essential building blocks of modern IT systems. Subtle flaws in their
design or implementation may compromise the security of entire systems. It is, thus …
design or implementation may compromise the security of entire systems. It is, thus …
Comparse: Provably secure formats for cryptographic protocols
T Wallez, J Protzenko, K Bhargavan - Proceedings of the 2023 ACM …, 2023 - dl.acm.org
Data formats used for cryptographic inputs have historically been the source of many attacks
on cryptographic protocols, but their security guarantees remain poorly studied. One reason …
on cryptographic protocols, but their security guarantees remain poorly studied. One reason …
Noise: A Library of Verified High-Performance Secure Channel Protocol Implementations
The Noise protocol framework defines a succinct notation and execution framework for a
large class of 59+ secure channel protocols, some of which are used in popular applications …
large class of 59+ secure channel protocols, some of which are used in popular applications …
A Formal Analysis of Apple's iMessage PQ3 Protocol
We present the formal verification of Apple's iMessage PQ3, a highly performant, device-to-
device messaging protocol offering strong security guarantees even against an adversary …
device messaging protocol offering strong security guarantees even against an adversary …