Bruno Blanchet Back to publications
David Cadé and Bruno Blanchet. From Computationally-proved Protocol Specifications to Implementations. In 7th International Conference on Availability, Reliability and Security (AReS 2012), pages 65-74, Prague, Czech Republic, August 2012. IEEE.



Get the paper

.pdf, 277 Kb


This paper presents a novel framework for proving specifications of security protocols in the computational model and generating runnable implementations from such proved specifications. We rely on the computationally-sound protocol verifier CryptoVerif for proving the specification, and we have implemented a compiler that translates a CryptoVerif specification into an implementation in OCaml. We have applied this compiler to the SSH Transport Layer protocol: we proved the authentication of the server and the secrecy of the session keys in this protocol and verified that the generated implementation successfully interacts with OpenSSH. The secrecy of messages sent over the SSH tunnel cannot be proved due to known weaknesses in SSH with CBC-mode encryption.


  AUTHOR = {David Cad{\'e} and Bruno Blanchet},
  TITLE = {From Computationally-proved Protocol Specifications to Implementations},
  BOOKTITLE = {7th International Conference on Availability, Reliability and Security (AReS 2012)},
  PAGES = {65--74},
  YEAR = 2012,
  ADDRESS = {Prague, Czech Republic},

E-mail/Courrier électronique : (remove trap-)