Title :
Cryptographic types
Author_Institution :
Dept. of Comput. Sci., Stevens Inst. of Technol., Hoboken, NJ, USA
Abstract :
Cryptographic types are a way to express cryptographic guarantees (of secrecy and integrity) in a type system for a network programming language. This allows some of these guarantees to be checked statically, before a network program executes. Where dynamic checks are required, these are represented at the source language level as dynamic type-checking, and are translated by the compiler to lower level cryptographic operations. Static checking avoids the unnecessary overhead of run-time cryptographic operations where communication is through a trusted medium (e.g. the OS kernel, or a trusted subnet), and also provides static guarantees of the reliability of a network application. Cryptographic types can also be used to build application-specific security protocols, where type-checking in the lower layers of the protocol stack verifies security properties for upper layers. Cryptographic types are described formally using a process calculus, the ec-calculus. Correctness is verified for a scheme for compiling type operations to cryptographic operations.
Keywords :
cryptography; data integrity; formal verification; protocols; type theory; application specific security protocols; compiler; cryptographic guarantees; cryptographic types; dynamic checks; dynamic type-checking; ec-calculus; integrity; network program; network programming language; process calculus; protocol stack; secrecy; source language level; static checking; trusted medium; type system; Computer languages; Computer science; Cryptographic protocols; IP networks; Pervasive computing; Protection; Public key; Public key cryptography; Runtime; Telecommunication traffic;
Conference_Titel :
Computer Security Foundations Workshop, 2002. Proceedings. 15th IEEE
Print_ISBN :
0-7695-1689-0
DOI :
10.1109/CSFW.2002.1021819
