Frama-C-discuss mailing list archives

This page gathers the archives of the old Frama-C-discuss archives, that was hosted by Inria's gforge before its demise at the end of 2020. To search for mails newer than September 2020, please visit the page of the new mailing list on Renater.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Frama-c-discuss] how to abstract the loop

  • Subject: [Frama-c-discuss] how to abstract the loop
  • From: luoting8609 at (罗婷)
  • Date: Thu, 29 Dec 2011 12:19:37 +0800 (CST)

   I  thought the prover could not understand the iteration without loop invariants ,no matter which properties  I want to verify. If without loop invariants, some corresponding VCs  would not be discharged, right?  I  am using frama-c/jessie/why to verify the safety of AES. After that , I plan to  verify  information flow security. However , I have no idea about how to formalize this property. But  the loop invariant is a must in my mind. 
>  It does not simplify (or Rijndael would be a very bad cipher indeed).
   Do you mean Frama-c  is not  suitable to verify the properties of Rijndael, for its source code is complicated? I want to verify the security of some cryptographic software with frama-c/jessie/why. I have seen someone verified RC4 with frama-c/jessie/why. Rijndael is popular and I want to try , but it seems to be not  easy .  Would you give me some advice about  some other cryptographic software easier to be verified with frama-c/jessie/why.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>