Abstract
The analysis of code that uses cryptographic primitives is unfeasible with current state-of-the-art symbolic execution tools. We develop an extension that overcomes this limitation by treating certain concrete functions, like cryptographic primitives, as symbolic functions whose execution analysis is entirely avoided; their behaviour is in turn modelled formally via rewriting rules. We define concrete and symbolic semantics within a (subset) of the low-level virtual machine LLVM. We then show our approach sound by proving operational correspondence between the two semantics. We present a prototype to illustrate our approach and discuss next milestones towards the symbolic analysis of fully concurrent cryptographic protocol implementations.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Aizatulin, M., Gordon, A., Jurgens, J., Nuseibeh, B.: Verifying implementations of security protocols in c, http://users.mct.open.ac.uk/ma4962/files/abstract202010.pdf
Bhargavan, K., Fournet, C., Corin, R., Zalinescu, E.: Cryptographically verified implementations for tls. In: Ning, P., Syverson, P.F., Jha, S. (eds.) ACM Conference on Computer and Communications Security, pp. 459–468. ACM, New York (2008)
Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: CSFW, pp. 82–96. IEEE Computer Society, Los Alamitos (2001)
Blanchet, B.: A computationally sound mechanized prover for security protocols. IEEE Trans. Dependable Sec. Comput. 5(4), 193–207 (2008)
Cadar, C., Dunbar, D., Engler: D.r.: Klee: Unassisted and automatic generation of high-coverage tests for complex systems programs. In: Proceedings of OSDI, pp. 209–224 (2008)
Corin, R.: Analysis Models for Security Protocols. PhD thesis, University of Twente (2006)
Dierks, T., Rescorla, E.: The Transport Layer Security (tls) protocol. RFC 4346, Internet Engineering Task Force (April 2006), http://www.ietf.org/rfc/rfc4346.txt
Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Transactions on Information Theory 29(2), 198–208 (1983)
Ganesh, V., Dill, D.: Stp: A decision procedure for bitvectors and arrays, http://theory.stanford.edu/~vganesh/stp
Goubault-Larrecq, J.: Csur: Static analysis of C code (2002), http://www.lsv.ens-cachan.fr/csur/ Written in OCaml (12648 lines)
Jürjens, J.: Security analysis of crypto-based java programs using automated theorem provers. In: ASE, pp. 167–176. IEEE Computer Society, Los Alamitos (2006)
King, J.C.: Symbolic execution and program testing. ACM Commun. 19(7), 385–394 (1976)
Kremer, S., Delaune, S., Kremer, S.: Computing knowledge in security protocols under convergent equational theories (March 2009)
Lattner, C., Adve, V.: The LLVM language reference manual, http://llvm.org/docs/LangRef.html
Molnar, D.A., Wagner, D.: Catchconv: Symbolic execution and run-time type inference for integer conversion errors. Technical report (2007)
Pironti, A., Jürjens, J.: Formally-based black-box monitoring of security protocols. In: Massacci, F., Wallach, D.S., Zannone, N. (eds.) ESSoS 2010. LNCS, vol. 5965, pp. 79–95. Springer, Heidelberg (2010)
Song, D., Brumley, D., Yin, H., Caballero, J., Jager, I., Kang, M.G., Liang, Z., Newsome, J., Poosankam, P., Saxena, P.: BitBlaze: A new approach to computer security via binary analysis. In: Sekar, R., Pujari, A.K. (eds.) ICISS 2008. LNCS, vol. 5352, pp. 1–25. Springer, Heidelberg (2008)
Woo, T.Y.C., Lam, S.S.: A semantic model for authentication protocols (1993)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Corin, R., Manzano, F.A. (2011). Efficient Symbolic Execution for Analysing Cryptographic Protocol Implementations. In: Erlingsson, Ú., Wieringa, R., Zannone, N. (eds) Engineering Secure Software and Systems. ESSoS 2011. Lecture Notes in Computer Science, vol 6542. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-19125-1_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-19125-1_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-19124-4
Online ISBN: 978-3-642-19125-1
eBook Packages: Computer ScienceComputer Science (R0)