EN FR
EN FR


Bibliography

Major publications by the team in recent years
  • 1A. Azevedo de Amorim, M. Dénès, N. Giannarakis, C. Hritcu, B. C. Pierce, A. Spector-Zabusky, A. Tolmach.

    Micro-Policies: Formally Verified, Tag-Based Security Monitors, in: IEEE Symposium on Security and Privacy (Oakland), 2015, pp. 813–830.
  • 2G. Bana, H. Comon-Lundh.

    A Computationally Complete Symbolic Attacker for Equivalence Properties, in: ACM Conference on Computer and Communications Security (CCS), 2014, pp. 609–620.
  • 3R. Bardou, R. Focardi, Y. Kawamoto, L. Simionato, G. Steel, J.-K. Tsay.

    Efficient Padding Oracle Attacks on Cryptographic Hardware, in: CRYPTO, 2012, pp. 608–625.
  • 4K. Bhargavan, A. Delignat-Lavaud, C. Fournet, A. Pironti, P.-Y. Strub.

    Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS, in: IEEE Symposium on Security and Privacy (Oakland), 2014, pp. 98–113.
  • 5K. Bhargavan, A. Delignat-Lavaud, S. Maffeis.

    Language-Based Defenses Against Untrusted Browser Origins, in: USENIX Security Symposium, 2013.
  • 6K. Bhargavan, C. Fournet, M. Kohlweiss, A. Pironti, P.-Y. Strub.

    Implementing TLS with Verified Cryptographic Security, in: IEEE Symposium on Security and Privacy (Oakland), 2013, pp. 445-462.
  • 7B. Blanchet.

    A Computationally Sound Mechanized Prover for Security Protocols, in: IEEE Transactions on Dependable and Secure Computing, 2008, vol. 5, no 4, pp. 193–207, Special issue IEEE Symposium on Security and Privacy 2006.
  • 8B. Blanchet.

    Automatic Verification of Correspondences for Security Protocols, in: Journal of Computer Security, 2009, vol. 17, no 4, pp. 363–434.
  • 9D. Cadé, B. Blanchet.

    Proved Generation of Implementations from Computationally Secure Protocol Specifications, in: Journal of Computer Security, 2015, vol. 23, no 3, pp. 331–402.
  • 10C. Hritcu, M. Greenberg, B. Karel, B. C. Pierce, G. Morrisett.

    All Your IFCException Are Belong to Us, in: IEEE Symposium on Security and Privacy (Oakland), 2013, pp. 3–17.
Publications of the year

Articles in International Peer-Reviewed Journals

  • 11D. Cadé, B. Blanchet.

    Proved Generation of Implementations from Computationally Secure Protocol Specifications, in: Journal of Computer Security, 2015, vol. 23, no 3, pp. 331-402.

    https://hal.inria.fr/hal-01102382

International Conferences with Proceedings

  • 12D. Adrian, K. Bhargavan, Z. Durumeric, P. Gaudry, M. Green, J. A. Halderman, N. Heninger, D. Springall, E. Thomé, L. Valenta, B. Vandersloot, E. Wustrow, S. Zanella-Béguelin, P. Zimmermann.

    Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice, in: ACM CCS 2015, Denver, Colorado, United States, 2015 ACM SIGSAC Conference on Computer and Communications Security, October 2015, 14 p. [ DOI : 10.1145/2810103.2813707 ]

    https://hal.inria.fr/hal-01184171
  • 13A. Azevedo de Amorim, M. Dénès, N. Giannarakis, C. Hritcu, B. C. Pierce, A. Spector-Zabusky, A. Tolmach.

    Micro-Policies: Formally Verified, Tag-Based Security Monitors, in: 2015 IEEE Symposium on Security and Privacy, San Jose, United States, 2015 IEEE Symposium on Security and Privacy, May 2015, pp. 813 - 830. [ DOI : 10.1109/SP.2015.55 ]

    https://hal.inria.fr/hal-01265666
  • 14B. Beurdouche, K. Bhargavan, A. Delignat-Lavaud, C. Fournet, M. Kohlweiss, A. Pironti, P.-Y. Strub, J. K. Zinzindohoue.

    A Messy State of the Union: Taming the Composite State Machines of TLS, in: IEEE Symposium on Security & Privacy 2015, San Jose, United States, IEEE, May 2015, To appear.

    https://hal.inria.fr/hal-01114250
  • 15K. Bhargavan, A. Delignat-Lavaud, A. Pironti.

    Verified Contributive Channel Bindings for Compound Authentication, in: Network and Distributed System Security Symposium (NDSS'15), San Diego, United States, February 2015, To appear.

    https://hal.inria.fr/hal-01114248
  • 16K. Bhargavan, G. Leurent.

    Transcript Collision Attacks: Breaking Authentication in TLS, IKE and SSH, in: Network and Distributed System Security Symposium – NDSS 2016, San Diego, United States, February 2016.

    https://hal.inria.fr/hal-01244855
  • 17A. Delignat-Lavaud, K. Bhargavan.

    Network-based Origin Confusion Attacks against HTTPS Virtual Hosting, in: 24th International Conference on World Wide Web, Florence, Italy, ACM, May 2015, To appear.

    https://hal.inria.fr/hal-01114246
  • 18U. Dhawan, C. Hritcu, R. Rubin, N. Vasilakis, S. Chiricescu, J. M. Smith, J. T. F. Knight, B. C. Pierce, A. DeHon.

    Architectural Support for Software-Defined Metadata Processing, in: 20th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS 2015), Istanbul, Turkey, ACM, March 2015, pp. 487-502. [ DOI : 10.1145/2694344.2694383 ]

    https://hal.inria.fr/hal-01102378
  • 19Z. Paraskevopoulou, C. Hriţcu, M. Dénès, L. Lampropoulos, B. C. Pierce.

    Foundational Property-Based Testing, in: ITP 2015 - 6th conference on Interactive Theorem Proving, Nanjing, China, Lecture Notes in Computer Science, Springer, August 2015, vol. 9236. [ DOI : 10.1007/978-3-319-22102-1_22 ]

    https://hal.inria.fr/hal-01162898
  • 20N. Swamy, C. Hriţcu, C. Keller, A. Rastogi, A. Delignat-Lavaud, S. Forest, K. Bhargavan, C. Fournet, P.-Y. Strub, M. Kohlweiss, J.-K. Zinzindohoue, S. Zanella-Béguelin.

    Dependent Types and Multi-Monadic Effects in F*, in: 43rd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), St. Petersburg, Florida, United States, ACM, 2016, pp. 256-270.

    https://hal.archives-ouvertes.fr/hal-01265793

Internal Reports

  • 21M. Paiola, B. Blanchet.

    From the Applied Pi Calculus to Horn Clauses for Protocols with Lists, Inria, December 2015, no RR-8823, 45 p.

    https://hal.inria.fr/hal-01239290
References in notes
  • 22M. Abadi, B. Blanchet.

    Analyzing Security Protocols with Secrecy Types and Logic Programs, in: Journal of the ACM, January 2005, vol. 52, no 1, pp. 102–146.
  • 23M. Abadi, B. Blanchet, C. Fournet.

    Just Fast Keying in the Pi Calculus, in: ACM Transactions on Information and System Security (TISSEC), July 2007, vol. 10, no 3, pp. 1–59.
  • 24M. Abadi, C. Fournet.

    Mobile Values, New Names, and Secure Communication, in: 28th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL'01), London, United Kingdom, ACM Press, January 2001, pp. 104–115.
  • 25A. Azevedo de Amorim, N. Collins, A. DeHon, D. Demange, C. Hritcu, D. Pichardie, B. C. Pierce, R. Pollack, A. Tolmach.

    A Verified Information-Flow Architecture, September 2015, arXiv:1509.06503; Submitted to special issue of the Journal of Computer Security (JCS) on Verified Information Flow Security.
  • 26A. Azevedo de Amorim, M. Dénès, N. Giannarakis, C. Hritcu, B. C. Pierce, A. Spector-Zabusky, A. Tolmach.

    Micro-Policies: Formally Verified, Tag-Based Security Monitors, in: 36th IEEE Symposium on Security and Privacy (Oakland S&P), IEEE Computer Society, May 2015, pp. 813–830.
  • 27G. Bana, H. Comon-Lundh.

    A Computationally Complete Symbolic Attacker for Equivalence Properties, in: 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, United States, ACM, November 2014, pp. 609-620.
  • 28G. Bana, K. Hasebe, M. Okada.

    Computationally Complete Symbolic Attacker and Key Exchange, in: ACM Conference on Computer and Communications Security (CCS'13), Berlin, Germany, ACM, 2013, pp. 1231–1246.
  • 29J. Bengtson, K. Bhargavan, C. Fournet, A. D. Gordon, S. Maffeis.

    Refinement types for secure implementations, in: ACM Trans. Program. Lang. Syst., 2011, vol. 33, no 2, 8 p.
  • 30K. Bhargavan, A. Delignat-Lavaud, S. Maffeis.

    Language-Based Defenses Against Untrusted Browser Origins, in: Proceedings of the 22th USENIX Security Symposium, 2013.
  • 31K. Bhargavan, C. Fournet, R. Corin, E. Zalinescu.

    Verified Cryptographic Implementations for TLS, in: ACM Transactions Inf. Syst. Secur., March 2012, vol. 15, no 1, 3:1 p.
  • 32K. Bhargavan, C. Fournet, A. D. Gordon.

    Modular Verification of Security Protocol Code by Typing, in: ACM Symposium on Principles of Programming Languages (POPL'10), 2010, pp. 445–456.
  • 33K. Bhargavan, C. Fournet, A. D. Gordon, N. Swamy.

    Verified Implementations of the Information Card Federated Identity-Management Protocol, in: Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS'08), ACM Press, 2008, pp. 123–135.
  • 34B. Blanchet, M. Abadi, C. Fournet.

    Automated Verification of Selected Equivalences for Security Protocols, in: Journal of Logic and Algebraic Programming, February–March 2008, vol. 75, no 1, pp. 3–51.
  • 35B. Blanchet.

    An Efficient Cryptographic Protocol Verifier Based on Prolog Rules, in: 14th IEEE Computer Security Foundations Workshop (CSFW'01), 2001, pp. 82–96.
  • 36B. Blanchet.

    Automatic Verification of Correspondences for Security Protocols, in: Journal of Computer Security, July 2009, vol. 17, no 4, pp. 363–434.
  • 37B. Blanchet, M. Paiola.

    Automatic Verification of Protocols with Lists of Unbounded Length, in: ACM conference on Computer and communications security (CCS'13), Berlin, Germany, ACM, November 2013, pp. 573–584.
  • 38B. Blanchet, A. Podelski.

    Verification of Cryptographic Protocols: Tagging Enforces Termination, in: Theoretical Computer Science, March 2005, vol. 333, no 1-2, pp. 67–90, Special issue FoSSaCS'03.
  • 39T. Chothia, B. Smyth, C. Staite.

    Automatically Checking Commitment Protocols in ProVerif without False Attacks, in: POST'15: 4th Conference on Principles of Security and Trust, LNCS, Springer, 2015, vol. 9036.
  • 40J. Clulow.

    On the Security of PKCS#11, in: CHES, 2003, pp. 411-425.
  • 41S. Delaune, S. Kremer, G. Steel.

    Formal Analysis of PKCS#11 and Proprietary Extensions, in: Journal of Computer Security, November 2010, vol. 18, no 6, pp. 1211-1245.
  • 42S. Delaune, M. D. Ryan, B. Smyth.

    Automatic verification of privacy properties in the applied pi-calculus, in: IFIPTM'08: 2nd Joint iTrust and PST Conferences on Privacy, Trust Management and Security, International Federation for Information Processing (IFIP), Springer, 2008, vol. 263, pp. 263–278.
  • 43D. Dolev, A. Yao.

    On the security of public key protocols, in: IEEE Transactions on Information Theory, 1983, vol. IT–29, no 2, pp. 198–208.
  • 44C. Fournet, M. Kohlweiss, P.-Y. Strub.

    Modular Code-Based Cryptographic Verification, in: ACM Conference on Computer and Communications Security, 2011.
  • 45Y. Juglaret, C. Hritcu, A. Azevedo de Amorim, B. C. Pierce, A. Spector-Zabusky, A. Tolmach.

    Towards a Fully Abstract Compiler Using Micro-Policies: Secure Compilation for Mutually Distrustful Components, October 2015, Technical Report, arXiv:1510.00697.
  • 46L. Lampropoulos, B. C. Pierce, C. Hritcu, J. Hughes, Z. Paraskevopoulou, Li-yao. Xia.

    Making Our Own Luck: A Language For Random Generators, July 2015, Draft.
  • 47R. Needham, M. Schroeder.

    Using encryption for authentication in large networks of computers, in: Communications of the ACM, 1978, vol. 21, no 12, pp. 993–999.
  • 48E. A. Quaglia, B. Smyth.

    Constructing secret, verifiable auction schemes from election schemes, 2015.
  • 49B. Smyth, S. Frink, M. R. Clarkson.

    Election Verifiability: Cryptographic Definitions and an Analysis of Helios and JCJ, 2015.
  • 50B. Smyth, M. D. Ryan, L. Chen.

    Formal analysis of privacy in Direct Anonymous Attestation schemes, in: Science of Computer Programming, 2015, vol. 111, no 2.
  • 51B. Smyth.

    Secrecy and independence for election schemes, 2015.
  • 52N. Swamy, J. Chen, C. Fournet, P.-Y. Strub, K. Bhargavan, J. Yang.

    Secure distributed programming with value-dependent types, in: 16th ACM SIGPLAN international conference on Functional Programming, 2011, pp. 266-278.
  • 53N. Swamy, J. Chen, C. Fournet, P.-Y. Strub, K. Bhargavan, J. Yang.

    Secure distributed programming with value-dependent types, in: J. Funct. Program., 2013, vol. 23, no 4, pp. 402-451.
  • 54N. Swamy, C. Fournet, A. Rastogi, K. Bhargavan, J. Chen, P.-Y. Strub, G. M. Bierman.

    Gradual typing embedded securely in JavaScript, in: 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), 2014, pp. 425-438.