Advertisement

Protocol Implementation Generator

  • Jose Quaresma
  • Christian W. Probst
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7127)

Abstract

Users expect communication systems to guarantee, amongst others, privacy and integrity of their data. These can be ensured by using well-established protocols; the best protocol, however, is useless if not all parties involved in a communication have a correct implementation of the protocol and all necessary tools. In this paper, we present the Protocol Implementation Generator (PiG), a framework that can be used to add protocol generation to protocol negotiation, or to easily share and implement new protocols throughout a network. PiG enables the sharing, verification, and translation of communication protocols. With it, partners can suggest a new protocol by sending its specification. After formally verifying the specification, each partner generates an implementation, which can then be used for establishing communication. We also present a practical realisation of the Protocol Implementation Generator framework based on the LySatool and a translator from the LySa language into C or Java.

Keywords

Security Protocol Security Property Java Code Protocol Negotiation Protocol Implementation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Pozza, D., Sisto, R., Durante, L.: Spi2java: automatic cryptographic protocol java code generation from spi calculus. In: 18th International Conference on Advanced Information Networking and Applications, AINA 2004, vol. 1, pp. 400–405 (2004)Google Scholar
  2. 2.
    Jeon, C., Kim, I., Choi, J.: Automatic generation of the C# code for security protocols verified with casper/FDR. In: Proc. IEEE Int. Conf. on Advanced Inf. Networking and Applications (AINA), Taipei, Taiwan (2005)Google Scholar
  3. 3.
    Kiyomoto, S., Ota, H., Tanaka, T.: A security protocol compiler generating c source codes. In: 2008 International Conference on Information Security and Assurance (ISA 2008), pp. 20–25 (2008)Google Scholar
  4. 4.
    Bhargavan, K., Fournet, C., Gordon, A.D., Tse, S.: Verified interoperable implementations of security protocols. ACM Transactions on Programming Languages and Systems (TOPLAS) 31(1), 5 (2008)CrossRefzbMATHGoogle Scholar
  5. 5.
    Hickman, K., Elgamal, T.: The SSL protocol. Netscape Communications Corp. (1995)Google Scholar
  6. 6.
    Frier, A., Karlton, P., Kocher, P.: The SSL 3.0 protocol. Netscape Communications Corp. 18 (1996)Google Scholar
  7. 7.
    Quaresma, J.: A protocol implementation generator. Master’s thesis, Kgs. Lyngby, Denmark (2010)Google Scholar
  8. 8.
    Buchholtz, M.: User’s Guide for the LySatool version 2.01. DTU (April 2005)Google Scholar
  9. 9.
    Necula, G.C.: Proof-carrying code. In: POPL 1997: Proceedings of the 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 106–119. ACM, New York (1997)Google Scholar
  10. 10.
    Bodei, C., Buchholtz, M., Degano, P., Nielson, F., Nielson, H.: Static validation of security protocols. Journal of Computer Security 13(3), 347–390 (2005)CrossRefzbMATHGoogle Scholar
  11. 11.
    Parr, T.: The Definitive ANTLR Reference: Building Domain-Specific Languages. Pragmatic Bookshelf (2007)Google Scholar
  12. 12.
    Otway, D., Rees, O.: Efficient and timely mutual authentication. Operating Systems Review 21(1), 8–10 (1987)CrossRefGoogle Scholar
  13. 13.
    Abadi, M., Gordon, A.D.: A calculus for cryptographic protocols: The spi calculus. Information and Computation 148(1), 1–70 (1999)CrossRefzbMATHMathSciNetGoogle Scholar
  14. 14.
    Dolev, D., Yao, A.C.: On the security of public key protocols. In: Annual IEEE Symposium on Foundations of Computer Science, pp. 350–357 (1981)Google Scholar
  15. 15.
    Nielson, F., Riis Nielson, H., Sun, H., Buchholtz, M., Rydhof Hansen, R., Pilegaard, H., Seidl, H.: The Succinct Solver Suite. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 251–265. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  16. 16.
    Parr, T.: Stringtemplate documentation (May 2009), http://www.antlr.org/wiki/display/ST/StringTemplate+Documentation
  17. 17.
    Pironti, A., Sisto, R.: Provably correct java implementations of spi calculus security protocols specifications. Computers & Security 29(3), 302–314 (2010); Special issue on software engineering for secure systemsCrossRefGoogle Scholar
  18. 18.
    Vind, S., Vildhøj, H.W.: Secure protocol implementation with lysa. Bachelor’s Thesis, DTU (2009)Google Scholar
  19. 19.
    Durante, L., Sisto, R., Valenzano, A.: Automatic testing equivalence verification of spi calculus specifications. ACM Trans. Softw. Eng. Methodol. 12(2), 222–284 (2003)CrossRefGoogle Scholar
  20. 20.
    Tarrach, T.: Spi2f# – a prototype code generator for security protocols. Master’s thesis, Saarland University (2008)Google Scholar
  21. 21.
    Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: Proceedings of 14th IEEE Computer Security Foundations Workshop, pp. 82–96 (2001)Google Scholar
  22. 22.
    Abadi, M., Blanchet, B.: Analyzing security protocols with secrecy types and logic programs. Journal of the ACM (JACM) 52(1), 102–146 (2005)CrossRefzbMATHMathSciNetGoogle Scholar
  23. 23.
    Song, D., Perrig, A., Phan, D.: Agvi - Automatic Generation, Verification, and Implementation of Security Protocols. In: Berry, G., Comon, H., Finkel, A. (eds.) CAV 2001. LNCS, vol. 2102, pp. 241–245. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  24. 24.
    Saul, E., Hutchison, A.: SPEAR II-The Security Protocol Engineering and Analysis Resource (1999)Google Scholar
  25. 25.
    Lukell, S., Veldman, C., Hutchison, A.: Automated attack analysis and code generation in a unified, multi-dimensional security protocol engineering framework. Comp. Science Hon (2002)Google Scholar
  26. 26.
    Necula, G.C.: Proof-carrying code. In: Conference Record of the Annual ACM Symposium on Principles of Programming Languages, pp. 106–119 (1997)Google Scholar
  27. 27.
    Rose, E.: Lightweight bytecode verification. Journal of Automated Reasoning 31(3-4), 303–334 (2003)CrossRefzbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Jose Quaresma
    • 1
  • Christian W. Probst
    • 1
  1. 1.Technical University of DenmarkDenmark

Personalised recommendations