|![[Search]](https://talks.cam.ac.uk/images/search.gif?1209136071)
|![[A-Z Index]](https://talks.cam.ac.uk/images/az.gif?1209136071)
|![[Contact]](https://talks.cam.ac.uk/images/contact.gif?1209136071)
||![[University of Cambridge]](https://talks.cam.ac.uk/images/identifier2.gif?1209136071){kind=small} |
COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring. | ![[Talks.cam]](https://talks.cam.ac.uk/images/talkslogosmall.gif?1209136071) |
University of Cambridge > Talks.cam > Isaac Newton Institute Seminar Series > Cryptographically verified implementation of TLS 1.2
Cryptographically verified implementation of TLS 1.2Add to your list(s) Download to your calendar using vCal
If you have a question about this talk, please contact Mustapha Amrani. Semantics and Syntax: A Legacy of Alan Turing Joint work with Karthik Bhargavan, Markulf Kohlweiss, Alfredo Pironti, and Pierre-Yves Strub We develop a reference implementation of the TLS 1 .2 Internet Standard. Our code fully supports binary wire formats, multiple ciphersuites, sessions and connections with re-handshakes and resumptions, alerts, message fragmentation, ... as prescribed by the standard; it interoperates with other implementations, notably existing web browsers and servers. At the same time, our code is carefully structured to enable its automated, modular verification, from its main API down to computational security assumptions on its underlying cryptographic algorithms. In the talk, I will review our modular cryptographic verification method, which is based on F7, a refinement type checker coupled with an SMT -solver, with a theory formalized in Coq. Using F7, we verify constructions and protocols coded in F# by typing them against new cryptographic interfaces that capture their authenticity and secrecy properties. We relate their ideal functionalities and concrete implementations, using game-based program transformations behind typed interfaces, so that we can easily compose them. I will also outline our TLS implementations, coded in F# and specified in F7. I will present its main typed interfaces, which can be read as specifications of “giant” ideal functionalities for its main components, such as authenticated encryption for the record layer and key establishment for the handshake. I will finally describe our main security results, as well as some new attacks we found in the process. This talk is part of the Isaac Newton Institute Seminar Series series. This talk is included in these lists:
Note that ex-directory lists are not shown. |
Other listsC.U. Geographical Society Behavioural and Clinical Neuroscience SeminarsOther talksMigration in Science Bayesian optimal design for Gaussian process model Curve fitting, errors and analysis of binding data Plastics in the Ocean: Challenges and Solutions Magnetic Resonance on Two Scales for Research into Cell Cycle and Stroke Identification of Active Species and Mechanistic Pathways in the Enantioselective Catalysis with 3d Transition Metal Pincer Complexes A transmissible RNA pathway in honeybees LARMOR LECTURE - Exoplanets, on the hunt of Universal life Molecular mechanisms of cardiomyopathies in patients with severe non-ischemic heart failure Fields of definition of Fukaya categories of Calabi-Yau hypersurfaces Adaptive Stochastic Galerkin Finite Element Approximation for Elliptic PDEs with Random Coefficients |
Friday 13 April 2012, 13:30-14:30