EasyCrypt is a computer-assisted framework for proving the security of cryptographic constructions. However, there is a significant gap between security proofs done in the usual provable security style and cryptographic implementations used in practice; as a consequence, real-world cryptography is sometimes considered as “one of the many ongoing disaster areas in security. We have recently extended EasyCrypt with support for reasoning about C implementations, and exploited the CompCert verified compiler to carry the security proof to executable code. Moreover, we have developed verified type-based information flow analyses on assembly code to ensure that executable code is protected against cache-based side-channel attacks.
Gilles Barthe received a Ph.D. in Mathematics from the University of Manchester, UK, in 1993, and an Habilitation à diriger les recherches in Computer Science from the University of Nice, France, in 2004. He joined the IMDEA Software Institute in April 2008. Previously, he was head of the Everest team on formal methods and security at INRIA Sophia-Antipolis Méditerranée, France. He also held positions at the University of Minho, Portugal; Chalmers University, Sweden; CWI, Netherlands; University of Nijmegen, Netherlands. He has published more than 100 refereed scientific papers. He has been coordinator/principal investigator of many national and European projects, and served as the scientific coordinator of the FP6 FET integrated project “MOBIUS: Mobility, Ubiquity and Security” for enabling proof-carrying code for Java on mobile devices (2005-2009). He has been a PC member of many conferences (CSF, ESORICS, FM, ICALP, ITP…), and served as PC (co-)chair of VMCAI’10, ESOP’11, FAST’11, and SEFM’11. He is a member of the editorial board of the Journal of Automated Reasoning.
His research interests include formal methods, programming languages and program verification, software and system security, and cryptography, and foundations of mathematics and computer science.