SoK: Computer-aided cryptography
Computer-aided cryptography is an active area of research that develops and applies
formal, machine-checkable approaches to the design, analysis, and implementation of …
formal, machine-checkable approaches to the design, analysis, and implementation of …
Formal verification of security protocol implementations: a survey
Automated formal verification of security protocols has been mostly focused on analyzing
high-level abstract models which, however, are significantly different from real protocol …
high-level abstract models which, however, are significantly different from real protocol …
Triple handshakes and cookie cutters: Breaking and fixing authentication over TLS
TLS was designed as a transparent channel abstraction to allow developers with no
cryptographic expertise to protect their application against attackers that may control some …
cryptographic expertise to protect their application against attackers that may control some …
Implementing TLS with verified cryptographic security
TLS is possibly the most used protocol for secure communications, with a 18-year history of
flaws and fixes, ranging from its protocol logic to its cryptographic design, and from the …
flaws and fixes, ranging from its protocol logic to its cryptographic design, and from the …
A cryptographic analysis of the TLS 1.3 handshake protocol candidates
The Internet Engineering Task Force (IETF) is currently developing the next version of the
Transport Layer Security (TLS) protocol, version 1.3. The transparency of this …
Transport Layer Security (TLS) protocol, version 1.3. The transparency of this …
Secure distributed programming with value-dependent types
Distributed applications are difficult to program reliably and securely. Dependently typed
functional languages promise to prevent broad classes of errors and vulnerabilities, and to …
functional languages promise to prevent broad classes of errors and vulnerabilities, and to …
How secure and quick is QUIC? Provable security and performance analyses
R Lychev, S Jero, A Boldyreva… - 2015 IEEE Symposium …, 2015 - ieeexplore.ieee.org
QUIC is a secure transport protocol developed by Google and implemented in Chrome in
2013, currently representing one of the most promising solutions to decreasing latency while …
2013, currently representing one of the most promising solutions to decreasing latency while …
The foundational cryptography framework
A Petcher, G Morrisett - Principles of Security and Trust: 4th International …, 2015 - Springer
Abstract We present the Foundational Cryptography Framework (FCF) for developing and
checking complete proofs of security for cryptographic schemes within a proof assistant. This …
checking complete proofs of security for cryptographic schemes within a proof assistant. This …
Implementing and proving the TLS 1.3 record layer
A Delignat-Lavaud, C Fournet… - … IEEE Symposium on …, 2017 - ieeexplore.ieee.org
The record layer is the main bridge between TLS applications and internal sub-protocols. Its
core functionality is an elaborate form of authenticated encryption: streams of messages for …
core functionality is an elaborate form of authenticated encryption: streams of messages for …
Owl: Compositional verification of security protocols via an information-flow type system
J Gancher, S Gibson, P Singh… - … IEEE Symposium on …, 2023 - ieeexplore.ieee.org
Computationally sound protocol verification tools promise to deliver full-strength
cryptographic proofs for security protocols. Unfortunately, current tools lack either modularity …
cryptographic proofs for security protocols. Unfortunately, current tools lack either modularity …