DeepAI
Log In Sign Up

Towards Formal Verification of Password Generation Algorithms used in Password Managers

06/07/2021
by   Miguel Grilo, et al.
0

Password managers are important tools that enable us to use stronger passwords, freeing us from the cognitive burden of remembering them. Despite this, there are still many users who do not fully trust password managers. In this paper, we focus on a feature that most password managers offer that might impact the user's trust, which is the process of generating a random password. We survey which algorithms are most commonly used and we propose a solution for a formally verified reference implementation of a password generation algorithm. We use EasyCrypt as our framework to both specify the reference implementation and to prove its functional correctness and security.

READ FULL TEXT

page 1

page 2

page 3

page 4

12/08/2018

A Verified Timsort C Implementation in Isabelle/HOL

Formal verification of traditional algorithms are of great significance ...
10/22/2021

Formal Verification of the Ethereum 2.0 Beacon Chain

We report our experience in the formal verification of the reference imp...
09/12/2017

A certified reference validation mechanism for the permission model of Android

Android embodies security mechanisms at both OS and application level. I...
07/03/2019

Towards a formally verified implementation of the MimbleWimble cryptocurrency protocol

MimbleWimble is a privacy-oriented cryptocurrency technology encompassin...
12/16/2019

Decentralized Runtime Verification for LTL Properties Using Global

Runtime verification is the process of verifying critical behavioral pro...
12/16/2019

Decentralized Runtime Verification for LTL Properties Using Global Clock

Runtime verification is the process of verifying critical behavioral pro...
10/26/2018

Reimplementation and Reinterpretation of the Copycat Project

We present the reinterpreted and reimplemented Copycat project, an archi...