{"id":"https://openalex.org/W4416549386","doi":"https://doi.org/10.1145/3719027.3765213","title":"Formal Security and Functional Verification of Cryptographic Protocol Implementations in Rust","display_name":"Formal Security and Functional Verification of Cryptographic Protocol Implementations in Rust","publication_year":2025,"publication_date":"2025-11-19","ids":{"openalex":"https://openalex.org/W4416549386","doi":"https://doi.org/10.1145/3719027.3765213"},"language":"en","primary_location":{"id":"doi:10.1145/3719027.3765213","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3719027.3765213","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5026297326","display_name":"Karthikeyan Bhargavan","orcid":"https://orcid.org/0000-0002-3152-8997"},"institutions":[{"id":"https://openalex.org/I4210114538","display_name":"Center on Race, Poverty and the Environment","ror":"https://ror.org/01wv0r403","country_code":"US","type":"other","lineage":["https://openalex.org/I4210114538"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Karthikeyan Bhargavan","raw_affiliation_strings":["Cryspen, Paris, France"],"raw_orcid":"https://orcid.org/0000-0002-3152-8997","affiliations":[{"raw_affiliation_string":"Cryspen, Paris, France","institution_ids":["https://openalex.org/I4210114538"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101664752","display_name":"Lasse Letager Hansen","orcid":"https://orcid.org/0000-0003-3271-3593"},"institutions":[{"id":"https://openalex.org/I204337017","display_name":"Aarhus University","ror":"https://ror.org/01aj84f44","country_code":"DK","type":"education","lineage":["https://openalex.org/I204337017"]}],"countries":["DK"],"is_corresponding":false,"raw_author_name":"Lasse Letager Hansen","raw_affiliation_strings":["Aarhus University, Aarhus, Denmark"],"raw_orcid":"https://orcid.org/0000-0003-3271-3593","affiliations":[{"raw_affiliation_string":"Aarhus University, Aarhus, Denmark","institution_ids":["https://openalex.org/I204337017"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5060026650","display_name":"Franziskus Kiefer","orcid":"https://orcid.org/0009-0003-3632-4613"},"institutions":[{"id":"https://openalex.org/I4210114538","display_name":"Center on Race, Poverty and the Environment","ror":"https://ror.org/01wv0r403","country_code":"US","type":"other","lineage":["https://openalex.org/I4210114538"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Franziskus Kiefer","raw_affiliation_strings":["Cryspen, Paris, France"],"raw_orcid":"https://orcid.org/0009-0003-3632-4613","affiliations":[{"raw_affiliation_string":"Cryspen, Paris, France","institution_ids":["https://openalex.org/I4210114538"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026728392","display_name":"Jonas Schneider-Bensch","orcid":"https://orcid.org/0009-0007-1000-7918"},"institutions":[{"id":"https://openalex.org/I4210114538","display_name":"Center on Race, Poverty and the Environment","ror":"https://ror.org/01wv0r403","country_code":"US","type":"other","lineage":["https://openalex.org/I4210114538"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jonas Schneider-Bensch","raw_affiliation_strings":["Cryspen, Paris, France"],"raw_orcid":"https://orcid.org/0009-0007-1000-7918","affiliations":[{"raw_affiliation_string":"Cryspen, Paris, France","institution_ids":["https://openalex.org/I4210114538"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5043123968","display_name":"Bas Spitters","orcid":"https://orcid.org/0000-0002-2802-0973"},"institutions":[{"id":"https://openalex.org/I204337017","display_name":"Aarhus University","ror":"https://ror.org/01aj84f44","country_code":"DK","type":"education","lineage":["https://openalex.org/I204337017"]}],"countries":["DK"],"is_corresponding":false,"raw_author_name":"Bas Spitters","raw_affiliation_strings":["Aarhus University, Aarhus, Denmark"],"raw_orcid":"https://orcid.org/0000-0002-2802-0973","affiliations":[{"raw_affiliation_string":"Aarhus University, Aarhus, Denmark","institution_ids":["https://openalex.org/I204337017"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":7.0001,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.9682868,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":91,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"2729","last_page":"2743"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.46160000562667847,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.46160000562667847,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.3495999872684479,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.041999999433755875,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cryptographic-protocol","display_name":"Cryptographic protocol","score":0.6876000165939331},{"id":"https://openalex.org/keywords/mathematical-proof","display_name":"Mathematical proof","score":0.6559000015258789},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.6402000188827515},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.6032999753952026},{"id":"https://openalex.org/keywords/gas-meter-prover","display_name":"Gas meter prover","score":0.5760999917984009},{"id":"https://openalex.org/keywords/implementation","display_name":"Implementation","score":0.5371000170707703},{"id":"https://openalex.org/keywords/rust","display_name":"Rust (programming language)","score":0.5228999853134155},{"id":"https://openalex.org/keywords/cryptographic-primitive","display_name":"Cryptographic primitive","score":0.5167999863624573},{"id":"https://openalex.org/keywords/formal-verification","display_name":"Formal verification","score":0.5059999823570251},{"id":"https://openalex.org/keywords/formal-methods","display_name":"Formal methods","score":0.4129999876022339}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8256000280380249},{"id":"https://openalex.org/C33884865","wikidata":"https://www.wikidata.org/wiki/Q1254335","display_name":"Cryptographic protocol","level":3,"score":0.6876000165939331},{"id":"https://openalex.org/C108710211","wikidata":"https://www.wikidata.org/wiki/Q11538","display_name":"Mathematical proof","level":2,"score":0.6559000015258789},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.6402000188827515},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.6032999753952026},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.5782999992370605},{"id":"https://openalex.org/C159718280","wikidata":"https://www.wikidata.org/wiki/Q5526353","display_name":"Gas meter prover","level":3,"score":0.5760999917984009},{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.5371000170707703},{"id":"https://openalex.org/C197781089","wikidata":"https://www.wikidata.org/wiki/Q575650","display_name":"Rust (programming language)","level":2,"score":0.5228999853134155},{"id":"https://openalex.org/C15927051","wikidata":"https://www.wikidata.org/wiki/Q246593","display_name":"Cryptographic primitive","level":4,"score":0.5167999863624573},{"id":"https://openalex.org/C111498074","wikidata":"https://www.wikidata.org/wiki/Q173326","display_name":"Formal verification","level":2,"score":0.5059999823570251},{"id":"https://openalex.org/C75606506","wikidata":"https://www.wikidata.org/wiki/Q1049183","display_name":"Formal methods","level":2,"score":0.4129999876022339},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.41040000319480896},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.39879998564720154},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.3889000117778778},{"id":"https://openalex.org/C203265346","wikidata":"https://www.wikidata.org/wiki/Q11387554","display_name":"Proof assistant","level":3,"score":0.388700008392334},{"id":"https://openalex.org/C206880738","wikidata":"https://www.wikidata.org/wiki/Q431667","display_name":"Automated theorem proving","level":2,"score":0.3853999972343445},{"id":"https://openalex.org/C186644900","wikidata":"https://www.wikidata.org/wiki/Q194152","display_name":"Parsing","level":2,"score":0.3824000060558319},{"id":"https://openalex.org/C33054407","wikidata":"https://www.wikidata.org/wiki/Q6504747","display_name":"Software verification","level":5,"score":0.3686000108718872},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.3346000015735626},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.3314000070095062},{"id":"https://openalex.org/C2983609787","wikidata":"https://www.wikidata.org/wiki/Q10534782","display_name":"Software implementation","level":3,"score":0.3172000050544739},{"id":"https://openalex.org/C62460635","wikidata":"https://www.wikidata.org/wiki/Q5508853","display_name":"Functional verification","level":3,"score":0.3066999912261963},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.29919999837875366},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.29660001397132874},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.29170000553131104},{"id":"https://openalex.org/C2779639559","wikidata":"https://www.wikidata.org/wiki/Q7661178","display_name":"Symbolic execution","level":3,"score":0.2863999903202057},{"id":"https://openalex.org/C207850805","wikidata":"https://www.wikidata.org/wiki/Q269608","display_name":"Reverse engineering","level":2,"score":0.28130000829696655},{"id":"https://openalex.org/C202973057","wikidata":"https://www.wikidata.org/wiki/Q7380130","display_name":"Runtime verification","level":3,"score":0.2799000144004822},{"id":"https://openalex.org/C116253237","wikidata":"https://www.wikidata.org/wiki/Q1437424","display_name":"Formal specification","level":2,"score":0.27090001106262207},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.26899999380111694},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.2603999972343445},{"id":"https://openalex.org/C203062551","wikidata":"https://www.wikidata.org/wiki/Q201339","display_name":"Public-key cryptography","level":3,"score":0.25440001487731934}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3719027.3765213","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3719027.3765213","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},{"id":"pmh:oai:pure.atira.dk:publications/c4b81e6d-c054-4c13-9f1d-fe6877cd9862","is_oa":false,"landing_page_url":"https://pure.au.dk/portal/en/publications/c4b81e6d-c054-4c13-9f1d-fe6877cd9862","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Bhargavan, K, Hansen, L L, Kiefer, F, Schneider-Bensch, J & Spitters, B 2025, Formal Security and Functional Verification of Cryptographic Protocol Implementations in Rust. in CCS 2025 - Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, pp. 2729-2743, 32nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2025, Taipei, Taiwan, 13/10/2025. https://doi.org/10.1145/3719027.3765213","raw_type":"info:eu-repo/semantics/publishedVersion"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":35,"referenced_works":["https://openalex.org/W1975344666","https://openalex.org/W1991234099","https://openalex.org/W2029693536","https://openalex.org/W2036961426","https://openalex.org/W2042923641","https://openalex.org/W2070775894","https://openalex.org/W2094250919","https://openalex.org/W2099537756","https://openalex.org/W2145994642","https://openalex.org/W2146973388","https://openalex.org/W2163005041","https://openalex.org/W2267469130","https://openalex.org/W2580339477","https://openalex.org/W2610968094","https://openalex.org/W2640092413","https://openalex.org/W2652625053","https://openalex.org/W2765700031","https://openalex.org/W2767162229","https://openalex.org/W2898492666","https://openalex.org/W2915352631","https://openalex.org/W2926494289","https://openalex.org/W2964540713","https://openalex.org/W3082765557","https://openalex.org/W3083633640","https://openalex.org/W3201732747","https://openalex.org/W4200635588","https://openalex.org/W4283019774","https://openalex.org/W4312877890","https://openalex.org/W4362661194","https://openalex.org/W4384948645","https://openalex.org/W4388857691","https://openalex.org/W4402264482","https://openalex.org/W4405183410","https://openalex.org/W4409988442","https://openalex.org/W6967597849"],"related_works":[],"abstract_inverted_index":{"We":[0],"present":[1],"an":[2],"effective":[3],"methodology":[4,90],"for":[5,63,106,121],"the":[6,47,54,116,129],"formal":[7],"verification":[8,119],"of":[9,29,88,97],"practical":[10],"cryptographic":[11,38],"protocol":[12,39,123],"implementations":[13],"written":[14,100,125],"in":[15,53,101,126],"Rust.":[16],"Within":[17],"a":[18,60,68,86,93,122],"single":[19],"proof":[20,70],"framework,":[21],"we":[22],"show":[23],"how":[24],"to":[25,74],"develop":[26],"machine-checked":[27],"proofs":[28],"diverse":[30],"properties":[31],"like":[32,72,78],"runtime":[33],"safety,":[34],"parsing":[35],"correctness,":[36],"and":[37,58,80,103,108,128],"security.":[40],"All":[41],"analysis":[42],"tasks":[43],"are":[44],"driven":[45],"by":[46],"software":[48],"developer":[49],"who":[50],"writes":[51],"annotations":[52],"Rust":[55,102],"source":[56],"code":[57],"chooses":[59],"backend":[61],"prover":[62],"each":[64],"task,":[65],"ranging":[66],"from":[67],"generic":[69],"assistant":[71],"F*":[73],"dedicated":[75],"crypto-oriented":[76],"provers":[77],"ProVerif":[79],"SSProve":[81],"Our":[82],"main":[83],"contribution":[84],"is":[85,115],"demonstration":[87],"this":[89,114],"on":[91],"Bert13,":[92],"portable,":[94],"post-quantum":[95,132],"implementation":[96,124],"TLS":[98,133],"1.3":[99,134],"verified":[104,131],"both":[105],"security":[107,118],"functional":[109],"correctness.":[110],"To":[111],"our":[112],"knowledge,":[113],"first":[117,130],"result":[120],"Rust,":[127],"library.":[135]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":1}],"updated_date":"2026-06-12T08:23:45.883708","created_date":"2025-11-23T00:00:00"}