• Publications
  • Influence
Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice
TLDR
Logjam, a novel flaw in TLS that lets a man-in-the-middle downgrade connections to "export-grade" Diffie-Hellman, is presented and a close reading of published NSA leaks shows that the agency's attacks on VPNs are consistent with having achieved a break. Expand
Formal Verification of Smart Contracts: Short Paper
TLDR
This paper outlines a framework to analyze and verify both the runtime safety and the functional correctness of Ethereum contracts by translation to F*, a functional programming language aimed at program verification. Expand
A Messy State of the Union: Taming the Composite State Machines of TLS
TLDR
This work systematically test popular open-source TLS implementations for state machine bugs and discovers several critical security vulnerabilities that have lain hidden in these libraries for years, and have now finally been patched due to the disclosures. Expand
Formal verification of standards for distance vector routing protocols
TLDR
This work shows how to use an interactive theorem prover, HOL, together with a model checker, SPIN, to prove key properties of distance vector routing protocols, and develops verification techniques suited to routing protocols generally. Expand
HACL*: A Verified Modern Cryptographic Library
TLDR
HACL* implements the NaCl cryptographic API and can be used as a drop-in replacement for NaCl libraries like libsodium and TweetNaCl, showing that writing fast, verified, and usable C cryptographic libraries is now practical. Expand
Dependent types and multi-monadic effects in F*
TLDR
A new, completely redesigned, version of F*, a language that works both as a proof assistant as well as a general-purpose, verification-oriented, effectful programming language that confirms F*'s pay-as-you-go cost model. Expand
Refinement Types for Secure Implementations
TLDR
The design and implementation of a typechecker for verifying security properties of the source code of cryptographic protocols and access control mechanisms and typechecking generates veri¿cation conditions that are passed to an SMT solver. Expand
Verified Interoperable Implementations of Security Protocols
TLDR
The approach is developed for protocols written in F#, a dialect of ML, and verified by compilation to ProVerif a resolution-based theorem prover for cryptographic protocols, and illustrated with protocols for Web services security. Expand
Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS
TLDR
This work designs and implements two new TLS extensions that strengthen the authentication guarantees of the handshake and develops an exemplary HTTPS client library that implements several mitigations, on top of a previously verified TLS implementation, and proves that their composition provides strong, simple application security. Expand
...
1
2
3
4
5
...