Skip to main content

Practical design and analysis of certifiably secure protocols - theory and tools for end-to-end security

Objective

State-of-the-art technologies struggle to keep pace with possible security vulnerabilities. The lack of a consistent methodology and tools for analyzing security protocols throughout the various stages of their design hinders the detection and prevention of vulnerabilities and comprehensive protocol analysis. Moreover, state-of-the-art verification tools typically only address particular narrow aspects of a protocol's security and require expert knowledge; hence they do not help protocol designers. The challenge is to guarantee end-to-end security - from high-level specifications of the desired security requirements, to a specification of a security protocol that relies on innovative cryptographic primitives, to a secure, executable program. This proposal addresses key steps of this challenge: our goal is to develop a general methodology for automatically devising security protocols and programs based on high-level specifications of selected security requirements and protocol tasks. This includes developing a user-friendly interface for specifying the protocol's intended behavior and high-level security requirements, devising suitable abstract protocols, selecting suitable cryptographic instantiations, and generating a secure, streamlined implementation. This methodology will also include novel verification techniques that complement all design phases along with a theory which propagates verification results from phase to phase with the ultimate goal of certified end-to-end security. This includes developing type systems for analyzing abstract protocols, a general framework for conducting cryptographic proofs, and techniques for reasoning about executable code. The tools we develop should be automated and usable by non-experts.

Call for proposal

ERC-2009-StG
See other projects for this call

Funding Scheme

ERC-SG - ERC Starting Grant

Host institution

UNIVERSITAT DES SAARLANDES
Address
Campus
66123 Saarbrucken
Germany
Activity type
Higher or Secondary Education Establishments
EU contribution
€ 1 074 806,90
Principal investigator
Michael Backes (Prof.)
Administrative Contact
Corinna Hahn (Ms.)

Beneficiaries (1)

UNIVERSITAT DES SAARLANDES
Germany
EU contribution
€ 1 074 806,90
Address
Campus
66123 Saarbrucken
Activity type
Higher or Secondary Education Establishments
Principal investigator
Michael Backes (Prof.)
Administrative Contact
Corinna Hahn (Ms.)