Runtime Verification for Trustworthy Secure Shell Deployment
Incorrect cryptographic protocol implementation and malware attacks targeting its runtime may lead to insecure execution even if the protocol design has been proven safe. This research focuses on adapting a runtime-verification-centric trusted execution environment (RV-TEE) solution to a cryptographic protocol deployment — particularly that of the Secure Shell Protocol (SSH). We aim to show that our approach, which does not require any specific security hardware or operating system modifications, is feasible through the design of a framework and work-in-progress empirical evaluation. We provide: (i) The design of the setup involving SSH, (ii) The provision of the RV-TEE setup with SSH implementation, including (iii) An overview of the property extraction process through a methodical analysis of the SSH protocol specifications.
Mon 12 JulDisplayed time zone: Brussels, Copenhagen, Madrid, Paris change
15:30 - 16:50
|Synchronous and Asynchronous Stream Runtime Verification |
I: César Sánchez IMDEA Software InstituteFile Attached
|Optional Monitoring for Long-Lived Transactions |
|Runtime Verification for Trustworthy Secure Shell Deployment |