ASN1-light: A Verified Message Encoding for Security Protocols

Author

Grandy, Holger ; Bertossi, Robert ; Stenzel, Kurt ; Reif, Wolfgang

Author_Institution

Univ. Augsburg, Augsburg

fYear

2007

Firstpage

195

Lastpage

204

Abstract

There is a mismatch between the data format used in implementations of security protocols and the data types used in formal verification of security protocols. We present a verified encoding scheme for data used in security protocols, which links the abstract data types of the formal world to a byte format usable in implementations. The encoding is inspired by the ASN1 encoding scheme. The encoding is implemented in Java and the implementation is proven to be correct against a formal specification. The implementation can be used as a reusable reference library in security protocol implementations. The benefit is a separation of concerns: The protocol can be verified on an abstract level. The mapping to bytes is automatically correct by linking the library. Additionally the encoding is a challenging Java verification case study in its own.

Keywords

Java; encoding; formal specification; formal verification; security of data; software libraries; ASN1 encoding; ASN1-light; Java verification; abstract data types; data format; formal specification; formal verification; reusable reference library; security protocols; verified message encoding; Cryptographic protocols; Cryptography; Data security; Encoding; Formal specifications; Java; Joining processes; Libraries; Mobile handsets; Smart cards;

fLanguage

English

Publisher

ieee

Conference_Titel

Software Engineering and Formal Methods, 2007. SEFM 2007. Fifth IEEE International Conference on

Conference_Location

London

Print_ISBN

978-0-7695-2884-7

Type

conf

DOI

10.1109/SEFM.2007.8

Filename

4343936