Compiling CAO: From Cryptographic Specifications to C Implementations

نویسندگان

Manuel Barbosa

David Castro

Paulo F. Silva

چکیده

We present a compiler for CAO, an imperative DSL for the cryptographic domain. The tool takes high-level cryptographic algorithm specifications and translates them into C implementations through a series of security-aware transformations and optimizations. The compiler back-end is highly configurable, allowing the targeting of very disparate platforms in terms of memory requirements and computing power.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Integrating Verification, Testing, and Learning for Cryptographic Protocols

The verification of cryptographic protocol specifications is an active research topic and has received much attention from the formal verification community. By contrast, the black-box testing of actual implementations of protocols, which is, arguably, as important as verification for ensuring the correct functioning of protocols in the “real” world, is little studied. We propose an approach fo...

متن کامل

Dynamic Model Checking of C Cryptographic Protocol Implementations

We describe the Dolev–Yao C (DYC) cryptographic protocol message API. In addition to generating executable protocol implementations, DYC can be used to generate constraints on an attacker against the protocol. The resulting constraints can be handed to a constraint solver, which (if successful) will find an executable attack against the protocol. To our knowledge, this is the first attempt to a...

متن کامل

A Tool-Chain for High-Assurance Cryptographic Software

cryptographic implementations, as is shown by frequent (and in some cases catastrophic) security breaches directly attributed to implementation errors in widely used cryptographic libraries [L1,L2]. One of the causes of these breaches in widely tested software is the semantic gap between theoretical cryptographic specifications and their concrete implementations. Effectively closing this gap is...

متن کامل

AUTHSCAN: Automatic Extraction of Web Authentication Protocols from Implementations

Ideally, security protocol implementations should be formally verified before they are deployed. However, this is not true in practice. Numerous high-profile vulnerabilities have been found in web authentication protocol implementations, especially in single-sign on (SSO) protocols implementations recently. Much of the prior work on authentication protocol verification has focused on theoretica...

متن کامل

Compiling Logics

We present an architecture that permits compiling declarative logic specifications (given in some type theory like LF) into implementations of that logic within the Heterogeneous Tool Set Hets. The central contributions are the use of declaration patterns for singling out a suitable subset of signatures for a particular logic, and the automatic generation of datatypes and functions for parsing ...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2014

Compiling CAO: From Cryptographic Specifications to C Implementations

نویسندگان

چکیده

منابع مشابه

Integrating Verification, Testing, and Learning for Cryptographic Protocols

Dynamic Model Checking of C Cryptographic Protocol Implementations

A Tool-Chain for High-Assurance Cryptographic Software

AUTHSCAN: Automatic Extraction of Web Authentication Protocols from Implementations

Compiling Logics

عنوان ژورنال:

اشتراک گذاری