Gaining trust by tracing security protocols

Lars-Åke Fredlund, Clara Benac Earle, T. Arts, Hans Svensson
{"title":"Gaining trust by tracing security protocols","authors":"Lars-Åke Fredlund, Clara Benac Earle, T. Arts, Hans Svensson","doi":"10.1145/3331542.3342573","DOIUrl":null,"url":null,"abstract":"In this article we test an Erlang implementation of the Noise Protocol Framework, using a novel form of white-box testing. We extend interoperability testing of an Erlang enoise implementation against an implementation of Noise in C. Testing typically performs a noise protocol handshake between the two implementations. If successful, then both implementations are somehow compatible. But this does, for example, not detect whether we reuse keys that have to be newly generated. Therefore we extend such operability testing: During the handshake the Erlang noise implementation is traced. The resulting protocol trace is refactored, obtaining as the end result a symbolic description (a functional term) of how key protocol values are constructed using cryptographic operations and keys. Therafter, this symbolic term is compared, using term rewriting, with a symbolic term representing the ideal symbolic execution of the tested noise protocol handshake (i.e., the \"semantics\" of the handshake). The semantic symbolic term is obtained by executing a symbolic implementation of the noise protocol that we have developed.","PeriodicalId":115673,"journal":{"name":"Proceedings of the 18th ACM SIGPLAN International Workshop on Erlang","volume":"36 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 18th ACM SIGPLAN International Workshop on Erlang","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3331542.3342573","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

In this article we test an Erlang implementation of the Noise Protocol Framework, using a novel form of white-box testing. We extend interoperability testing of an Erlang enoise implementation against an implementation of Noise in C. Testing typically performs a noise protocol handshake between the two implementations. If successful, then both implementations are somehow compatible. But this does, for example, not detect whether we reuse keys that have to be newly generated. Therefore we extend such operability testing: During the handshake the Erlang noise implementation is traced. The resulting protocol trace is refactored, obtaining as the end result a symbolic description (a functional term) of how key protocol values are constructed using cryptographic operations and keys. Therafter, this symbolic term is compared, using term rewriting, with a symbolic term representing the ideal symbolic execution of the tested noise protocol handshake (i.e., the "semantics" of the handshake). The semantic symbolic term is obtained by executing a symbolic implementation of the noise protocol that we have developed.
通过跟踪安全协议获得信任
在本文中,我们使用一种新形式的白盒测试来测试噪声协议框架的Erlang实现。我们扩展了Erlang噪声实现与c语言中噪声实现的互操作性测试。测试通常在两个实现之间执行噪声协议握手。如果成功,那么这两个实现在某种程度上是兼容的。但是,例如,这不能检测我们是否重用了必须新生成的键。因此,我们扩展了这样的可操作性测试:在握手期间跟踪Erlang噪声实现。生成的协议跟踪被重构,作为最终结果获得一个关于如何使用加密操作和密钥构造密钥协议值的符号描述(一个功能术语)。然后,使用术语重写,将该符号术语与表示测试噪声协议握手的理想符号执行的符号术语(即握手的“语义”)进行比较。语义符号项是通过执行我们开发的噪声协议的符号实现来获得的。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信