Cryptographically verified implementations for TLS

Karthikeyan Bhargavan, Ricardo Corin, Cedric Fournet, and Eugen Zalinescu


We intend to narrow the gap between concrete implementations of cryptographic protocols and their verified models. We develop and verify a small functional implementation of the Transport Layer Security protocol (tls ). We make use of the same executable code for interoperability testing against mainstream implementations, for automated symbolic cryptographic verification, and for automated computational cryptographic verification. We rely on a combination of recent tools, and we also develop a new tool for extracting computational models from executable code. We obtain strong security guarantees for TLS as used in typical deployments.


Publication typeProceedings
Published in15th ACM Conference on Computer and Communications Security (CCS'08)
PublisherAssociation for Computing Machinery, Inc.
> Publications > Cryptographically verified implementations for TLS