• Publications
  • Influence
Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice
TLDR
Logjam, a novel flaw in TLS that lets a man-in-the-middle downgrade connections to "export-grade" Diffie-Hellman, is presented and a close reading of published NSA leaks shows that the agency's attacks on VPNs are consistent with having achieved a break.
Computer-Aided Security Proofs for the Working Cryptographer
TLDR
It is argued that EasyCrypt is a plausible candidate for adoption by working cryptographers and its application to security proofs of the Cramer-Shoup and Hashed ElGamal cryptosystems is illustrated.
Formal certification of code-based cryptographic proofs
TLDR
This work presents Certicrypt, a framework that enables the machine-checked construction and verification of code-based proofs, built upon the general-purpose proof assistant Coq, and draws on many areas, including probability, complexity, algebra, and semantics of programming languages.
Formal Verification of Smart Contracts: Short Paper
TLDR
This paper outlines a framework to analyze and verify both the runtime safety and the functional correctness of Ethereum contracts by translation to F*, a functional programming language aimed at program verification.
Probabilistic Relational Reasoning for Differential Privacy
TLDR
The central component of CertiPriv is a quantitative extension of probabilistic relational Hoare logic that enables one to derive differential privacy guarantees for programs from first principles, and provides the first machine-checked proofs of correctness of the Laplacian, Gaussian, and exponential mechanisms and of the privacy of randomized and streaming algorithms from the literature.
Verified low-level programming embedded in F*
TLDR
Low* is a shallow embedding of a small, sequential, well-behaved subset of C in F*, a dependently- typed variant of ML aimed at program verification, and its application to high-assurance optimized cryptographic libraries.
Fully automated analysis of padding-based encryption in the computational model
TLDR
This paper presents proof systems for analyzing the chosen-plaintext and chosen-ciphertext security of public-key encryption schemes built from trapdoor permutations and hash functions in the random oracle model, and develops a toolset that bundles together fully automated proof and attack finding algorithms.
Beyond Provable Security Verifiable IND-CCA Security of OAEP
TLDR
A machine-checked proof of OAEP's security against adaptive chosenciphertext attacks under the assumption that the underlying permutation is partial-domain one-way is presented.
Smart meter aggregation via secret-sharing
We design and prototype protocols for processing smart-meter readings while preserving user privacy. We provide support for computing non-linear functions on encrypted readings, implemented by
Downgrade Resilience in Key-Exchange Protocols
TLDR
The causes of downgrade attacks are studied by dissecting and classifying known and novel attacks against widely used protocols, and patterns that guarantee downgrade security by design are discussed, and how to use them to strengthen the security of existing protocols.
...
...