• Publications
  • Influence
Verifying Constant-Time Implementations
The first two authors were funded by Project “TEC4Growth - Pervasive Intelligence, Enhancers and Proofs of Concept with Industrial Impact/NORTE-01-0145-FEDER-000020”, which is fi- nanced by the
Strong Non-Interference and Type-Directed Higher-Order Masking
TLDR
This work develops a precise, scalable, and fully automated methodology to verify the probing security of masked algorithms, and generate them from unprotected descriptions of the algorithm.
Verified Proofs of Higher-Order Masking
TLDR
The problem of automatically verifying higher-order masking countermeasures is studied, since weaknesses have been discovered in schemes that were thought secure, but is inherently exponential.
EasyCrypt: A Tutorial
TLDR
Machine-checked frameworks that support the construction and automated verification of cryptographic systems are developed to reason directly in the computational model commonly used by cryptographers to deliver rigorous and detailed mathematical proofs.
Parallel Implementations of Masking Schemes and the Bounded Moment Leakage Model
TLDR
It is proved that probing security for a serial implementation implies bounded moment security for its parallel counterpart, which enables an accurate understanding of the links between formal security analyses of masking schemes and experimental security evaluations based on the estimation of statistical moments.
Verifiable side-channel security of cryptographic implementations: constant-time MEE-CBC
TLDR
A methodology for proving security of implementations in the presence of timing attackers is defined, and a proof-of-concept application of this methodology is presented to MEE-CBC, bringing together three different formal verification tools to produce an assembly implementation that is verifiably secure against adversaries with access to some timing leakage.
Compositional Verification of Higher-Order Masking: Application to a Verifying Masking Compiler
TLDR
A notion of strong simulatability that naturally supports compositional principles is defined and it is shown that it is satisfied by several gadgets from the literature, including the mask refreshing gadget from Duc, Dziembowski and Faust (Eurocrypt 2014), and the secure multiplication gadget from Rivain and Prouff (CHES 2010).
Guiding a General-Purpose C Verifier to Prove Cryptographic Protocols
TLDR
This work formalizes the symbolic model in Coq in order to justify the addition of axioms to VCC, and relies on the general-purpose verifier VCC to verify security properties of C code for cryptographic protocols by using a general- Purpose verifier.
Machine-Checked Proofs for Electronic Voting: Privacy and Verifiability for Belenios
TLDR
A machine-checked security analysis of Belenios -- a deployed voting protocol used already in more than 200 elections -- and a novel framework for proving strong verifiability in EasyCrypt are presented, which are believed to be the first machine- checked analysis of both ballot privacy and verifiable properties for a deployed electronic voting protocol.
Certified computer-aided cryptography: efficient provably secure machine code from high-level implementations
TLDR
A computer-aided framework for proving concrete security bounds for cryptographic machine code implementations that bridges the gap between computer-assisted security proofs and real-world cryptographic implementations as described by standards such as PKCS.
...
...