Bibliography

Major publications by the team in recent years

1A. Azevedo de Amorim, M. Dénès, N. Giannarakis, C. Hritcu, B. C. Pierce, A. Spector-Zabusky, A. Tolmach.

Micro-Policies: Formally Verified, Tag-Based Security Monitors, in: IEEE Symposium on Security and Privacy (Oakland), 2015, pp. 813–830.
2G. Bana, H. Comon-Lundh.

A Computationally Complete Symbolic Attacker for Equivalence Properties, in: ACM Conference on Computer and Communications Security (CCS), 2014, pp. 609–620.
3R. Bardou, R. Focardi, Y. Kawamoto, L. Simionato, G. Steel, J.-K. Tsay.

Efficient Padding Oracle Attacks on Cryptographic Hardware, in: CRYPTO, 2012, pp. 608–625.
4K. Bhargavan, A. Delignat-Lavaud, C. Fournet, A. Pironti, P.-Y. Strub.

Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS, in: IEEE Symposium on Security and Privacy (Oakland), 2014, pp. 98–113.
5K. Bhargavan, A. Delignat-Lavaud, S. Maffeis.

Language-Based Defenses Against Untrusted Browser Origins, in: USENIX Security Symposium, 2013.
6K. Bhargavan, C. Fournet, M. Kohlweiss, A. Pironti, P.-Y. Strub.

Implementing TLS with Verified Cryptographic Security, in: IEEE Symposium on Security and Privacy (Oakland), 2013, pp. 445-462.
7B. Blanchet.

A Computationally Sound Mechanized Prover for Security Protocols, in: IEEE Transactions on Dependable and Secure Computing, 2008, vol. 5, n^o 4, pp. 193–207, Special issue IEEE Symposium on Security and Privacy 2006.
8B. Blanchet.

Automatic Verification of Correspondences for Security Protocols, in: Journal of Computer Security, 2009, vol. 17, n^o 4, pp. 363–434.
9D. Cadé, B. Blanchet.

Proved Generation of Implementations from Computationally Secure Protocol Specifications, in: Journal of Computer Security, 2015, vol. 23, n^o 3, pp. 331–402.
10C. Hritcu, M. Greenberg, B. Karel, B. C. Pierce, G. Morrisett.

All Your IFCException Are Belong to Us, in: IEEE Symposium on Security and Privacy (Oakland), 2013, pp. 3–17.

Publications of the year

Articles in International Peer-Reviewed Journals

11D. Cadé, B. Blanchet.

Proved Generation of Implementations from Computationally Secure Protocol Specifications, in: Journal of Computer Security, 2015, vol. 23, n^o 3, pp. 331-402.

https://hal.inria.fr/hal-01102382

International Conferences with Proceedings

12D. Adrian, K. Bhargavan, Z. Durumeric, P. Gaudry, M. Green, J. A. Halderman, N. Heninger, D. Springall, E. Thomé, L. Valenta, B. Vandersloot, E. Wustrow, S. Zanella-Béguelin, P. Zimmermann.

Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice, in: ACM CCS 2015, Denver, Colorado, United States, 2015 ACM SIGSAC Conference on Computer and Communications Security, October 2015, 14 p. [ DOI : 10.1145/2810103.2813707 ]

https://hal.inria.fr/hal-01184171
13A. Azevedo de Amorim, M. Dénès, N. Giannarakis, C. Hritcu, B. C. Pierce, A. Spector-Zabusky, A. Tolmach.

Micro-Policies: Formally Verified, Tag-Based Security Monitors, in: 2015 IEEE Symposium on Security and Privacy, San Jose, United States, 2015 IEEE Symposium on Security and Privacy, May 2015, pp. 813 - 830. [ DOI : 10.1109/SP.2015.55 ]

https://hal.inria.fr/hal-01265666
14B. Beurdouche, K. Bhargavan, A. Delignat-Lavaud, C. Fournet, M. Kohlweiss, A. Pironti, P.-Y. Strub, J. K. Zinzindohoue.

A Messy State of the Union: Taming the Composite State Machines of TLS, in: IEEE Symposium on Security & Privacy 2015, San Jose, United States, IEEE, May 2015, To appear.

https://hal.inria.fr/hal-01114250
15K. Bhargavan, A. Delignat-Lavaud, A. Pironti.

Verified Contributive Channel Bindings for Compound Authentication, in: Network and Distributed System Security Symposium (NDSS'15), San Diego, United States, February 2015, To appear.

https://hal.inria.fr/hal-01114248
16K. Bhargavan, G. Leurent.

Transcript Collision Attacks: Breaking Authentication in TLS, IKE and SSH, in: Network and Distributed System Security Symposium – NDSS 2016, San Diego, United States, February 2016.

https://hal.inria.fr/hal-01244855
17A. Delignat-Lavaud, K. Bhargavan.

Network-based Origin Confusion Attacks against HTTPS Virtual Hosting, in: 24th International Conference on World Wide Web, Florence, Italy, ACM, May 2015, To appear.

https://hal.inria.fr/hal-01114246
18U. Dhawan, C. Hritcu, R. Rubin, N. Vasilakis, S. Chiricescu, J. M. Smith, J. T. F. Knight, B. C. Pierce, A. DeHon.

Architectural Support for Software-Defined Metadata Processing, in: 20th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS 2015), Istanbul, Turkey, ACM, March 2015, pp. 487-502. [ DOI : 10.1145/2694344.2694383 ]

https://hal.inria.fr/hal-01102378
19Z. Paraskevopoulou, C. Hriţcu, M. Dénès, L. Lampropoulos, B. C. Pierce.

Foundational Property-Based Testing, in: ITP 2015 - 6th conference on Interactive Theorem Proving, Nanjing, China, Lecture Notes in Computer Science, Springer, August 2015, vol. 9236. [ DOI : 10.1007/978-3-319-22102-1_22 ]

https://hal.inria.fr/hal-01162898
20N. Swamy, C. Hriţcu, C. Keller, A. Rastogi, A. Delignat-Lavaud, S. Forest, K. Bhargavan, C. Fournet, P.-Y. Strub, M. Kohlweiss, J.-K. Zinzindohoue, S. Zanella-Béguelin.

Dependent Types and Multi-Monadic Effects in F*, in: 43rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), St. Petersburg, Florida, United States, ACM, 2016, pp. 256-270.

https://hal.archives-ouvertes.fr/hal-01265793

Internal Reports

21M. Paiola, B. Blanchet.

From the Applied Pi Calculus to Horn Clauses for Protocols with Lists, Inria, December 2015, n^o RR-8823, 45 p.

https://hal.inria.fr/hal-01239290

References in notes

22M. Abadi, B. Blanchet.

Analyzing Security Protocols with Secrecy Types and Logic Programs, in: Journal of the ACM, January 2005, vol. 52, n^o 1, pp. 102–146.
23M. Abadi, B. Blanchet, C. Fournet.

Just Fast Keying in the Pi Calculus, in: ACM Transactions on Information and System Security (TISSEC), July 2007, vol. 10, n^o 3, pp. 1–59.
24M. Abadi, C. Fournet.

Mobile Values, New Names, and Secure Communication, in: 28th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL'01), London, United Kingdom, ACM Press, January 2001, pp. 104–115.
25A. Azevedo de Amorim, N. Collins, A. DeHon, D. Demange, C. Hritcu, D. Pichardie, B. C. Pierce, R. Pollack, A. Tolmach.

A Verified Information-Flow Architecture, September 2015, arXiv:1509.06503; Submitted to special issue of the Journal of Computer Security (JCS) on Verified Information Flow Security.
26A. Azevedo de Amorim, M. Dénès, N. Giannarakis, C. Hritcu, B. C. Pierce, A. Spector-Zabusky, A. Tolmach.

Micro-Policies: Formally Verified, Tag-Based Security Monitors, in: 36th IEEE Symposium on Security and Privacy (Oakland S&P), IEEE Computer Society, May 2015, pp. 813–830.
27G. Bana, H. Comon-Lundh.

A Computationally Complete Symbolic Attacker for Equivalence Properties, in: 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, United States, ACM, November 2014, pp. 609-620.
28G. Bana, K. Hasebe, M. Okada.

Computationally Complete Symbolic Attacker and Key Exchange, in: ACM Conference on Computer and Communications Security (CCS'13), Berlin, Germany, ACM, 2013, pp. 1231–1246.
29J. Bengtson, K. Bhargavan, C. Fournet, A. D. Gordon, S. Maffeis.

Refinement types for secure implementations, in: ACM Trans. Program. Lang. Syst., 2011, vol. 33, n^o 2, 8 p.
30K. Bhargavan, A. Delignat-Lavaud, S. Maffeis.

Language-Based Defenses Against Untrusted Browser Origins, in: Proceedings of the 22th USENIX Security Symposium, 2013.
31K. Bhargavan, C. Fournet, R. Corin, E. Zalinescu.

Verified Cryptographic Implementations for TLS, in: ACM Transactions Inf. Syst. Secur., March 2012, vol. 15, n^o 1, 3:1 p.
32K. Bhargavan, C. Fournet, A. D. Gordon.

Modular Verification of Security Protocol Code by Typing, in: ACM Symposium on Principles of Programming Languages (POPL'10), 2010, pp. 445–456.
33K. Bhargavan, C. Fournet, A. D. Gordon, N. Swamy.

Verified Implementations of the Information Card Federated Identity-Management Protocol, in: Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS'08), ACM Press, 2008, pp. 123–135.
34B. Blanchet, M. Abadi, C. Fournet.

Automated Verification of Selected Equivalences for Security Protocols, in: Journal of Logic and Algebraic Programming, February–March 2008, vol. 75, n^o 1, pp. 3–51.
35B. Blanchet.

An Efficient Cryptographic Protocol Verifier Based on Prolog Rules, in: 14th IEEE Computer Security Foundations Workshop (CSFW'01), 2001, pp. 82–96.
36B. Blanchet.

Automatic Verification of Correspondences for Security Protocols, in: Journal of Computer Security, July 2009, vol. 17, n^o 4, pp. 363–434.
37B. Blanchet, M. Paiola.

Automatic Verification of Protocols with Lists of Unbounded Length, in: ACM conference on Computer and communications security (CCS'13), Berlin, Germany, ACM, November 2013, pp. 573–584.
38B. Blanchet, A. Podelski.

Verification of Cryptographic Protocols: Tagging Enforces Termination, in: Theoretical Computer Science, March 2005, vol. 333, n^o 1-2, pp. 67–90, Special issue FoSSaCS'03.
39T. Chothia, B. Smyth, C. Staite.

Automatically Checking Commitment Protocols in ProVerif without False Attacks, in: POST'15: 4th Conference on Principles of Security and Trust, LNCS, Springer, 2015, vol. 9036.
40J. Clulow.

On the Security of PKCS#11, in: CHES, 2003, pp. 411-425.
41S. Delaune, S. Kremer, G. Steel.

Formal Analysis of PKCS#11 and Proprietary Extensions, in: Journal of Computer Security, November 2010, vol. 18, n^o 6, pp. 1211-1245.
42S. Delaune, M. D. Ryan, B. Smyth.

Automatic verification of privacy properties in the applied pi-calculus, in: IFIPTM'08: 2nd Joint iTrust and PST Conferences on Privacy, Trust Management and Security, International Federation for Information Processing (IFIP), Springer, 2008, vol. 263, pp. 263–278.
43D. Dolev, A. Yao.

On the security of public key protocols, in: IEEE Transactions on Information Theory, 1983, vol. IT–29, n^o 2, pp. 198–208.
44C. Fournet, M. Kohlweiss, P.-Y. Strub.

Modular Code-Based Cryptographic Verification, in: ACM Conference on Computer and Communications Security, 2011.
45Y. Juglaret, C. Hritcu, A. Azevedo de Amorim, B. C. Pierce, A. Spector-Zabusky, A. Tolmach.

Towards a Fully Abstract Compiler Using Micro-Policies: Secure Compilation for Mutually Distrustful Components, October 2015, Technical Report, arXiv:1510.00697.
46L. Lampropoulos, B. C. Pierce, C. Hritcu, J. Hughes, Z. Paraskevopoulou, Li-yao. Xia.

Making Our Own Luck: A Language For Random Generators, July 2015, Draft.
47R. Needham, M. Schroeder.

Using encryption for authentication in large networks of computers, in: Communications of the ACM, 1978, vol. 21, n^o 12, pp. 993–999.
48E. A. Quaglia, B. Smyth.

Constructing secret, verifiable auction schemes from election schemes, 2015.
49B. Smyth, S. Frink, M. R. Clarkson.

Election Verifiability: Cryptographic Definitions and an Analysis of Helios and JCJ, 2015.
50B. Smyth, M. D. Ryan, L. Chen.

Formal analysis of privacy in Direct Anonymous Attestation schemes, in: Science of Computer Programming, 2015, vol. 111, n^o 2.
51B. Smyth.

Secrecy and independence for election schemes, 2015.
52N. Swamy, J. Chen, C. Fournet, P.-Y. Strub, K. Bhargavan, J. Yang.

Secure distributed programming with value-dependent types, in: 16th ACM SIGPLAN international conference on Functional Programming, 2011, pp. 266-278.
53N. Swamy, J. Chen, C. Fournet, P.-Y. Strub, K. Bhargavan, J. Yang.

Secure distributed programming with value-dependent types, in: J. Funct. Program., 2013, vol. 23, n^o 4, pp. 402-451.
54N. Swamy, C. Fournet, A. Rastogi, K. Bhargavan, J. Chen, P.-Y. Strub, G. M. Bierman.

Gradual typing embedded securely in JavaScript, in: 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), 2014, pp. 425-438.

Previous |

Home