{"title":"用于多方会话的加密协议编译器","authors":"C. Fournet","doi":"10.1145/1596627.1596628","DOIUrl":null,"url":null,"abstract":"We present the design and implementation of a verifying compiler that, given high-level multiparty session descriptions, generates custom cryptographic protocols. Our sessions specify pre-arranged patterns of message exchanges and data accesses between distributed participants. They provide each participant with strong, abstract security guarantees for all their messages. Our compiler generates ML code for sending and receiving these messages, with cryptographic operations and checks, in order to enforce these guarantees against any adversary that may control both the network and some session participants. We verify that the generated code is secure by relying on a recent refinement type system for cryptography. Most of the proof is performed by mechanized typechecking and does not rely on the correctness of our compiler. We obtain the strongest session security guarantees to date in a model that captures the executable details of protocol code. We illustrate and evaluate our approach on a series of protocols inspired by web services.","PeriodicalId":218033,"journal":{"name":"Proceedings of the 2009 ACM SIGPLAN workshop on ML","volume":"14 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-08-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A cryptographic protocol compiler for multiparty sessions\",\"authors\":\"C. Fournet\",\"doi\":\"10.1145/1596627.1596628\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We present the design and implementation of a verifying compiler that, given high-level multiparty session descriptions, generates custom cryptographic protocols. Our sessions specify pre-arranged patterns of message exchanges and data accesses between distributed participants. They provide each participant with strong, abstract security guarantees for all their messages. Our compiler generates ML code for sending and receiving these messages, with cryptographic operations and checks, in order to enforce these guarantees against any adversary that may control both the network and some session participants. We verify that the generated code is secure by relying on a recent refinement type system for cryptography. Most of the proof is performed by mechanized typechecking and does not rely on the correctness of our compiler. We obtain the strongest session security guarantees to date in a model that captures the executable details of protocol code. We illustrate and evaluate our approach on a series of protocols inspired by web services.\",\"PeriodicalId\":218033,\"journal\":{\"name\":\"Proceedings of the 2009 ACM SIGPLAN workshop on ML\",\"volume\":\"14 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-08-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2009 ACM SIGPLAN workshop on ML\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1596627.1596628\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2009 ACM SIGPLAN workshop on ML","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1596627.1596628","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A cryptographic protocol compiler for multiparty sessions
We present the design and implementation of a verifying compiler that, given high-level multiparty session descriptions, generates custom cryptographic protocols. Our sessions specify pre-arranged patterns of message exchanges and data accesses between distributed participants. They provide each participant with strong, abstract security guarantees for all their messages. Our compiler generates ML code for sending and receiving these messages, with cryptographic operations and checks, in order to enforce these guarantees against any adversary that may control both the network and some session participants. We verify that the generated code is secure by relying on a recent refinement type system for cryptography. Most of the proof is performed by mechanized typechecking and does not rely on the correctness of our compiler. We obtain the strongest session security guarantees to date in a model that captures the executable details of protocol code. We illustrate and evaluate our approach on a series of protocols inspired by web services.