English
Related papers

Related papers: Verifying Cryptographic Security Implementations i…

200 papers

We introduce a novel copy-protection method for industrial control software. With our method, a program executes correctly only on its target hardware and behaves differently on other machines. The hardware-software binding is based on…

Cryptography and Security · Computer Science 2026-03-12 Daniel Dorfmeister , Flavio Ferrarotti , Bernhard Fischer , Evelyn Haslinger , Rudolf Ramler , Markus Zimmermann

Symbolic Execution is a formal method that can be used to verify the behavior of computer programs and detect software vulnerabilities. Compared to other testing methods such as fuzzing, Symbolic Execution has the advantage of providing…

Cryptography and Security · Computer Science 2025-09-29 Christopher Scherb , Luc Bryan Heitz , Hermann Grieder , Olivier Mattmann

Cryptographic Protocols (CP) are distributed algorithms intended for secure communication in an insecure environment. They are used, for example, in electronic payments, electronic voting procedures, systems of confidential data processing,…

Cryptography and Security · Computer Science 2021-09-21 Andrew M. Mironov

Conventional tools for formal hardware/software co-verification use bounded model checking techniques to construct a single monolithic propositional formula. Formulas generated in this way are extremely complex and contain a great deal of…

Formal Languages and Automata Theory · Computer Science 2020-01-07 Rajdeep Mukherjee , Saurabh Joshi , John O'Leary , Daniel Kroening , Tom Melham

Scientific software is, by its very nature, complex. It is mathematical and highly optimized which makes it prone to subtle bugs not as easily detected by traditional testing. We outline how symbolic execution can be used to write tests…

Software Engineering · Computer Science 2025-10-16 Alexander C. Wilton

Security protocols often use randomization to achieve probabilistic non-determinism. This non-determinism, in turn, is used in obfuscating the dependence of observable values on secret data. Since the correctness of security protocols is…

Cryptography and Security · Computer Science 2009-06-30 Susmit Jha

Recently efficient model-checking tools have been developed to find flaws in security protocols specifications. These flaws can be interpreted as potential attacks scenarios but the feasability of these scenarios need to be confirmed at the…

Cryptography and Security · Computer Science 2013-08-01 Hatem Ghabri , Ghazi Maatoug , Michael Rusinowitch

Verification of software systems is a very hard problem due to the large size of program state-space. The traditional techniques (like model checking) do not scale; since they include the whole state-space by inlining the library function…

Logic in Computer Science · Computer Science 2010-05-03 Pritam Roy

We present a formal model of Checked C, a dialect of C that aims to enforce spatial memory safety. Our model pays particular attention to the semantics of dynamically sized, potentially null-terminated arrays. We formalize this model in…

Programming Languages · Computer Science 2022-02-01 Liyi Li , Yiyun Liu , Deena L. Postol , Leonidas Lampropoulos , David Van Horn , Michael Hicks

We propose a comparative performance evaluation of security protocols. The novelty of our approach lies in the use of a polynomial mathematical model that captures the performance of classes of cryptographic algorithms instead of capturing…

Cryptography and Security · Computer Science 2009-10-21 Bela Genge , Piroska Haller

Symbolic execution is a software verification technique symbolically running programs and thereby checking for bugs. Ranged symbolic execution performs symbolic execution on program parts, so called path ranges, in parallel. Due to the…

Software Engineering · Computer Science 2024-06-28 Jan Haltermanna , Marie-Christine Jakobs , Cedric Richter , Heike Wehrheim

Cryptographic protocols are often specified by narrations, i.e., finite sequences of message exchanges that show the intended execution of the protocol. Another use of narrations is to describe attacks. We propose in this paper to compile,…

Cryptography and Security · Computer Science 2021-09-08 Yannick Chevalier , Michaël Rusinowitch

We present Low*, a language for low-level programming and verification, and its application to high-assurance optimized cryptographic libraries. Low* is a shallow embedding of a small, sequential, well-behaved subset of C in F*, a…

Security protocols are concurrent processes that communicate using cryptography with the aim of achieving various security properties. Recent work on their formal verification has brought procedures and tools for deciding trace equivalence…

Cryptography and Security · Computer Science 2015-09-08 David Baelde , Stéphanie Delaune , Lucca Hirschi

Cryptographic protocols play a fundamental role in securing modern digital infrastructure, but they are often deployed without prior formal verification. This could lead to the adoption of distributed systems vulnerable to attack vectors.…

Cryptography and Security · Computer Science 2024-11-22 Cristian Curaba , Denis D'Ambrosi , Alessandro Minisini , Natalia Pérez-Campanero Antolín

When large AI models are deployed as cloud-based services, clients have no guarantee that responses are correct or were produced by the intended model. Rerunning inference locally is infeasible for large models, and existing cryptographic…

Cryptography and Security · Computer Science 2026-03-20 Pranay Anchuri , Matteo Campanelli , Paul Cesaretti , Rosario Gennaro , Tushar M. Jois , Hasan S. Kayman , Tugce Ozdemir

Proof-of-concept exploits help demonstrate software vulnerability beyond doubt and communicate attacks to non-experts. But exploits can be configuration-specific, for example when in Security APIs, where keys are set up specifically for the…

Cryptography and Security · Computer Science 2024-10-03 Robert Künnemann , Julian Biehl

Assured Remote Execution on a device is the ability of suitably authorized parties to construct secure channels with known processes -- i.e. processes executing known code -- running on it. Assured Remote Execution requires a hardware basis…

Cryptography and Security · Computer Science 2024-09-24 Scott L. Dyer , Christian A. Femrite , Joshua D. Guttman , Julian P. Lanson , Moses D. Liskov

Symbolic execution is a program analysis technique commonly utilized to determine whether programs violate properties and, in case violations are found, to generate inputs that can trigger them. Used in the context of security properties…

Programming Languages · Computer Science 2023-01-20 Ignacio Tiraboschi , Tamara Rezk , Xavier Rival

A model-theoretic approach can establish security theorems for cryptographic protocols. Formulas expressing authentication and non-disclosure properties of protocols have a special form. They are quantified implications for all xs . (phi…

Cryptography and Security · Computer Science 2009-11-12 Joshua Guttman