Skip to main content

  2. Computer Science

Verified correctness and security of OpenSSL HMAC

Author(s): Beringer, L; Petcher, A; Ye, K; Appel, Andrew W.

Download
To refer to this page use: http://arks.princeton.edu/ark:/88435/pr1k596
Full metadata record
DC FieldValueLanguage
dc.contributor.authorBeringer, L-
dc.contributor.authorPetcher, A-
dc.contributor.authorYe, K-
dc.contributor.authorAppel, Andrew W.-
dc.date.accessioned2016-10-17T14:13:43Z-
dc.date.available2016-10-17T14:13:43Z-
dc.date.issued2015en_US
dc.identifier.citationBeringer, L, Petcher, A, Ye, K, Appel, A. "Verified correctness and security of OpenSSL HMAC" Proceedings of the 24th USENIX Conference on Security Symposium, 207 - 221en_US
dc.identifier.urihttp://arks.princeton.edu/ark:/88435/pr1k596-
dc.description.abstractWe have proved, with machine-checked proofs in Coq, that an OpenSSL implementation of HMAC with SHA- 256 correctly implements its FIPS functional specification and that its functional specification guarantees the expected cryptographic properties. This is the first machine-checked cryptographic proof that combines a source-program implementation proof, a compiler-correctness proof, and a cryptographic-security proof, with no gaps at the specification interfaces. The verification was done using three systems within the Coq proof assistant: the Foundational Cryptography Framework, to verify crypto properties of functional specs; the Verified Software Toolchain, to verify C programs w.r.t. functional specs; and CompCert, for verified compilation of C to assembly language.en_US
dc.format.extent207 - 221en_US
dc.relation.ispartofProceedings of the 24th USENIX Conference on Security Symposium, August 12-14, 2015, Washington, D.C.en_US
dc.rightsThis is the author’s final manuscript. All rights reserved to author(s).en_US
dc.titleVerified correctness and security of OpenSSL HMACen_US
dc.typeConference Articleen_US

Files in This Item:
File Description SizeFormat 
AppelUSENIX2015.pdf887.32 kBAdobe PDFView/Download
Show Simple Item Record


Items in OAR@Princeton are protected by copyright, with all rights reserved, unless otherwise indicated.

Search
Browse