A Framework for the Cryptographic Verification of Java-like Programs Technical Report
نویسندگان
چکیده
We consider the problem of establishing cryptographic guarantees—in particular, computational indistinguishability—for Java or Java-like programs that use cryptography. For this purpose, we propose a general framework that enables existing program analysis tools that can check (standard) non-interference properties of Java programs to establish cryptographic security guarantees, even if the tools a priori cannot deal with cryptography. The approach that we take is new and combines techniques from program analysis and simulation-based security. Our framework is stated and proved for a Java-like language that comprises a rich fragment of Java. The general idea of our approach should, however, be applicable also to other practical programming languages. As a proof of concept, we use an automatic program analysis tool for checking non-interference properties of Java programs, namely the tool Joana, in order to establish computational indistinguishability for a Java program that involves clients sending encrypted messages over a network, controlled by an active adversary, to a server.
منابع مشابه
Extending and Applying a Framework for the Cryptographic Verification of Java Programs
In our previous work, we have proposed a framework which allows tools that can check standard noninterference properties but a priori cannot deal with cryptography to establish cryptographic indistinguishability properties, such as privacy properties, for Java programs. We refer to this framework as the CVJ framework (Cryptographic Verification of Java Programs) in this paper. While so far the ...
متن کاملA Hybrid Approach for Proving Noninterference and Applications to the Cryptographic Verification of Java Programs
Several tools and approaches for proving noninterference properties for Java and other languages exist. Some of them have a high degree of automation or are even fully automatic, but overapproximate the actual information flow, and hence, may produce false positives. Other tools, such as those based on theorem proving, are more precise, but need more interaction, and hence, analysis is time-con...
متن کاملThe KeY Approach for the Cryptographic Verification of JAVA Programs: A Case Study
In this paper, we report on an ongoing case study in which we use the KeY tool, a theorem prover for checking functional correctness and noninterference properties of JAVA programs, to establish computational indistinguishability for a simple JAVA program that involves clients sending encrypted messages over an untrusted network to a server. The analysis uses a general framework, recently propo...
متن کاملChecking Java Programs via Guarded Commands
This paper defines a simple guarded-command–like language and its semantics. The language is used as an intermediate language in generating verification conditions for Java. The paper discusses why it is a good idea to generate verification conditions via an intermediate language, rather than directly. Publication history. This paper appears in Formal Techniques for Java Programs, workshop proc...
متن کاملTyped Intermediate Languages
Programs written in a typed language are guaranteed to satisfy the safety properties of the type system without runtime checks. A type system for an intermediate language allows static verification of safety properties independent of source languages, and opens up opportunities for advanced compiler optimizations. This paper surveys three major intermediate languages: Java bytecode, typed assem...
متن کامل