Secure Implementation of Cryptographic Protocols: A Case Study of Mutual Distrust
Report, 2005

Security protocols are critical for protecting modern communication infrastructures and are therefore subject to thorough analysis. However practical implementations of these protocols lack the same level of attention and thus may be more exposed to attacks. This paper discusses security assurance provided by security-typed languages when implementing cryptographic protocols. Our results are based on a case study using Jif, a Java-based security-typed language, for implementing a non-trivial cryptographic protocol that allows playing online poker without a trusted third party. The case study deploys the largest program written in a security-typed language to date and identifies insights ranging from security guarantees to useful patterns of secure programming.

Author

Aslan Askarov

Chalmers, Computer Science and Engineering (Chalmers), Computing Science (Chalmers)

Andrei Sabelfeld

Chalmers, Computer Science and Engineering (Chalmers), Computing Science (Chalmers)

Subject Categories

Computer and Information Science

Technical report L - Department of Computer Science and Engineering, Chalmers University of Technology and Göteborg University: 2005-13

More information

Created

10/7/2017