Abstract
Users expect communication systems to guarantee, amongst others, privacy and integrity of their data. These can be ensured by using well-established protocols; the best protocol, however, is useless if not all parties involved in a communication have a correct implementation of the protocol and all necessary tools. In this paper, we present the Protocol Implementation Generator (PiG), a framework that can be used to add protocol generation to protocol negotiation, or to easily share and implement new protocols throughout a network. PiG enables the sharing, verification, and translation of communication protocols. With it, partners can suggest a new protocol by sending its specification. After formally verifying the specification, each partner generates an implementation, which can then be used for establishing communication. We also present a practical realisation of the Protocol Implementation Generator framework based on the LySatool and a translator from the LySa language into C or Java.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Pozza, D., Sisto, R., Durante, L.: Spi2java: automatic cryptographic protocol java code generation from spi calculus. In: 18th International Conference on Advanced Information Networking and Applications, AINA 2004, vol. 1, pp. 400–405 (2004)
Jeon, C., Kim, I., Choi, J.: Automatic generation of the C# code for security protocols verified with casper/FDR. In: Proc. IEEE Int. Conf. on Advanced Inf. Networking and Applications (AINA), Taipei, Taiwan (2005)
Kiyomoto, S., Ota, H., Tanaka, T.: A security protocol compiler generating c source codes. In: 2008 International Conference on Information Security and Assurance (ISA 2008), pp. 20–25 (2008)
Bhargavan, K., Fournet, C., Gordon, A.D., Tse, S.: Verified interoperable implementations of security protocols. ACM Transactions on Programming Languages and Systems (TOPLAS)Â 31(1), 5 (2008)
Hickman, K., Elgamal, T.: The SSL protocol. Netscape Communications Corp. (1995)
Frier, A., Karlton, P., Kocher, P.: The SSL 3.0 protocol. Netscape Communications Corp. 18 (1996)
Quaresma, J.: A protocol implementation generator. Master’s thesis, Kgs. Lyngby, Denmark (2010)
Buchholtz, M.: User’s Guide for the LySatool version 2.01. DTU (April 2005)
Necula, G.C.: Proof-carrying code. In: POPL 1997: Proceedings of the 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 106–119. ACM, New York (1997)
Bodei, C., Buchholtz, M., Degano, P., Nielson, F., Nielson, H.: Static validation of security protocols. Journal of Computer Security 13(3), 347–390 (2005)
Parr, T.: The Definitive ANTLR Reference: Building Domain-Specific Languages. Pragmatic Bookshelf (2007)
Otway, D., Rees, O.: Efficient and timely mutual authentication. Operating Systems Review 21(1), 8–10 (1987)
Abadi, M., Gordon, A.D.: A calculus for cryptographic protocols: The spi calculus. Information and Computation 148(1), 1–70 (1999)
Dolev, D., Yao, A.C.: On the security of public key protocols. In: Annual IEEE Symposium on Foundations of Computer Science, pp. 350–357 (1981)
Nielson, F., Riis Nielson, H., Sun, H., Buchholtz, M., Rydhof Hansen, R., Pilegaard, H., Seidl, H.: The Succinct Solver Suite. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 251–265. Springer, Heidelberg (2004)
Parr, T.: Stringtemplate documentation (May 2009), http://www.antlr.org/wiki/display/ST/StringTemplate+Documentation
Pironti, A., Sisto, R.: Provably correct java implementations of spi calculus security protocols specifications. Computers & Security 29(3), 302–314 (2010); Special issue on software engineering for secure systems
Vind, S., Vildhøj, H.W.: Secure protocol implementation with lysa. Bachelor’s Thesis, DTU (2009)
Durante, L., Sisto, R., Valenzano, A.: Automatic testing equivalence verification of spi calculus specifications. ACM Trans. Softw. Eng. Methodol. 12(2), 222–284 (2003)
Tarrach, T.: Spi2f# – a prototype code generator for security protocols. Master’s thesis, Saarland University (2008)
Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: Proceedings of 14th IEEE Computer Security Foundations Workshop, pp. 82–96 (2001)
Abadi, M., Blanchet, B.: Analyzing security protocols with secrecy types and logic programs. Journal of the ACM (JACM) 52(1), 102–146 (2005)
Song, D., Perrig, A., Phan, D.: Agvi - Automatic Generation, Verification, and Implementation of Security Protocols. In: Berry, G., Comon, H., Finkel, A. (eds.) CAV 2001. LNCS, vol. 2102, pp. 241–245. Springer, Heidelberg (2001)
Saul, E., Hutchison, A.: SPEAR II-The Security Protocol Engineering and Analysis Resource (1999)
Lukell, S., Veldman, C., Hutchison, A.: Automated attack analysis and code generation in a unified, multi-dimensional security protocol engineering framework. Comp. Science Hon (2002)
Necula, G.C.: Proof-carrying code. In: Conference Record of the Annual ACM Symposium on Principles of Programming Languages, pp. 106–119 (1997)
Rose, E.: Lightweight bytecode verification. Journal of Automated Reasoning 31(3-4), 303–334 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Quaresma, J., Probst, C.W. (2012). Protocol Implementation Generator. In: Aura, T., Järvinen, K., Nyberg, K. (eds) Information Security Technology for Applications. NordSec 2010. Lecture Notes in Computer Science, vol 7127. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27937-9_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-27937-9_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-27936-2
Online ISBN: 978-3-642-27937-9
eBook Packages: Computer ScienceComputer Science (R0)