Automated Verification for Secure Messaging Protocols and Their Implementations: A Symbolic and Computational Approach

Abstract : Many popular web applications incorporate end-to-end secure messaging protocols, which seek to ensure that messages sent between users are kept confidential and authenticated , even if the web application's servers are broken into or otherwise compelled into releasing all their data. Protocols that promise such strong security guarantees should be held up to rigorous analysis, since protocol flaws and implementations bugs can easily lead to real-world attacks. We propose a novel methodology that allows protocol designers, implementers, and security analysts to collabora-tively verify a protocol using automated tools. The protocol is implemented in ProScript, a new domain-specific language that is designed for writing cryptographic protocol code that can both be executed within JavaScript programs and automatically translated to a readable model in the applied pi calculus. This model can then be analyzed symbolically using ProVerif to find attacks in a variety of threat models. The model can also be used as the basis of a computational proof using CryptoVerif, which reduces the security of the protocol to standard cryptographic assumptions. If ProVerif finds an attack, or if the CryptoVerif proof reveals a weakness, the protocol designer modifies the ProScript protocol code and regenerates the model to enable a new analysis. We demonstrate our methodology by implementing and analyzing a variant of the popular Signal Protocol with only minor differences. We use ProVerif and CryptoVerif to find new and previously-known weaknesses in the protocol and suggest practical countermeasures. Our ProScript protocol code is incorporated within the current release of Cryptocat, a desktop secure messenger application written in JavaScript. Our results indicate that, with disciplined programming and some verification expertise, the systematic analysis of complex cryptographic web applications is now becoming practical.
Type de document :
Communication dans un congrès
2nd IEEE European Symposium on Security and Privacy , Apr 2017, Paris, France. pp.435 - 450, 2017, 〈https://www.ieee-security.org/TC/EuroSP2017/〉. 〈10.1109/EuroSP.2017.38〉
Liste complète des métadonnées

Littérature citée [45 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01575923
Contributeur : Bruno Blanchet <>
Soumis le : lundi 21 août 2017 - 19:55:14
Dernière modification le : lundi 1 janvier 2018 - 18:51:36

Fichier

KobeissiBhargavanBlanchetEuroS...
Fichiers produits par l'(les) auteur(s)

Identifiants

Collections

Citation

Nadim Kobeissi, Karthikeyan Bhargavan, Bruno Blanchet. Automated Verification for Secure Messaging Protocols and Their Implementations: A Symbolic and Computational Approach. 2nd IEEE European Symposium on Security and Privacy , Apr 2017, Paris, France. pp.435 - 450, 2017, 〈https://www.ieee-security.org/TC/EuroSP2017/〉. 〈10.1109/EuroSP.2017.38〉. 〈hal-01575923〉

Partager

Métriques

Consultations de la notice

115

Téléchargements de fichiers

16