Automated Verification for Secure Messaging Protocols and Their Implementations: A Symbolic and Computational Approach

Abstract : Many popular web applications incorporate end-to-end secure messaging protocols, which seek to ensure that messages sent between users are kept confidential and authenticated , even if the web application's servers are broken into or otherwise compelled into releasing all their data. Protocols that promise such strong security guarantees should be held up to rigorous analysis, since protocol flaws and implementations bugs can easily lead to real-world attacks. We propose a novel methodology that allows protocol designers, implementers, and security analysts to collabora-tively verify a protocol using automated tools. The protocol is implemented in ProScript, a new domain-specific language that is designed for writing cryptographic protocol code that can both be executed within JavaScript programs and automatically translated to a readable model in the applied pi calculus. This model can then be analyzed symbolically using ProVerif to find attacks in a variety of threat models. The model can also be used as the basis of a computational proof using CryptoVerif, which reduces the security of the protocol to standard cryptographic assumptions. If ProVerif finds an attack, or if the CryptoVerif proof reveals a weakness, the protocol designer modifies the ProScript protocol code and regenerates the model to enable a new analysis. We demonstrate our methodology by implementing and analyzing a variant of the popular Signal Protocol with only minor differences. We use ProVerif and CryptoVerif to find new and previously-known weaknesses in the protocol and suggest practical countermeasures. Our ProScript protocol code is incorporated within the current release of Cryptocat, a desktop secure messenger application written in JavaScript. Our results indicate that, with disciplined programming and some verification expertise, the systematic analysis of complex cryptographic web applications is now becoming practical.
Type de document :
Communication dans un congrès
Andrei Sabelfeld; Matthew Smith. EuroS&P 2017 - 2nd IEEE European Symposium on Security and Privacy, Apr 2017, Paris, France. IEEE, pp.435 - 450, 2017, 〈10.1109/EuroSP.2017.38〉
Liste complète des métadonnées

Littérature citée [45 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01583009
Contributeur : Nadim Kobeissi <>
Soumis le : mercredi 6 septembre 2017 - 15:13:02
Dernière modification le : mardi 16 janvier 2018 - 08:25:33

Fichier

KobeissiBhargavanBlanchetEuroS...
Fichiers produits par l'(les) auteur(s)

Identifiants

Collections

Citation

Nadim Kobeissi, Karthikeyan Bhargavan, Bruno Blanchet. Automated Verification for Secure Messaging Protocols and Their Implementations: A Symbolic and Computational Approach. Andrei Sabelfeld; Matthew Smith. EuroS&P 2017 - 2nd IEEE European Symposium on Security and Privacy, Apr 2017, Paris, France. IEEE, pp.435 - 450, 2017, 〈10.1109/EuroSP.2017.38〉. 〈hal-01583009〉

Partager

Métriques

Consultations de la notice

80

Téléchargements de fichiers

22