Computer-Aided Security Proofs for the Working Cryptographer
@inproceedings{Barthe2011ComputerAidedSP, title={Computer-Aided Security Proofs for the Working Cryptographer}, author={Gilles Barthe and Benjamin Gr{\'e}goire and Sylvain Heraud and Santiago Zanella B{\'e}guelin}, booktitle={CRYPTO}, year={2011} }
We present EasyCrypt, an automated tool for elaborating security proofs of cryptographic systems from proof sketches-compact, formal representations of the essence of a proof as a sequence of games and hints. Proof sketches are checked automatically using off-the-shelf SMT solvers and automated theorem provers, and then compiled into verifiable proofs in the CertiCrypt framework. The tool supports most common reasoning patterns and is significantly easier to use than its predecessors. We argue…
249 Citations
Formalizing Constructive Cryptography using CryptHOL
- Computer Science, Mathematics2019 IEEE 32nd Computer Security Foundations Symposium (CSF)
- 2019
This paper extends CryptHOL, a framework for game-based proofs, with an abstract model of Random Systems and provides proof rules for their equality and composition, and formalizes security as a special kind of system construction in which a complex system is built from simpler ones.
EasyPQC: Verifying Post-Quantum Cryptography
- Computer Science, MathematicsIACR Cryptol. ePrint Arch.
- 2021
It is proved that a natural extension of the EasyCrypt core logics permits capturing a wide class of post-quantum cryptography proofs, settling a question raised by (Unruh, POPL 2019).
Automated Cryptographic Analysis of the Pedersen Commitment Scheme
- Computer Science, MathematicsMMM-ACNS
- 2017
This paper presents a mechanised formal verification of the popular Pedersen commitment protocol, proving its security properties of correctness, perfect hiding, and computational binding.
Fully automated analysis of padding-based encryption in the computational model
- Computer Science, MathematicsCCS
- 2013
This paper presents proof systems for analyzing the chosen-plaintext and chosen-ciphertext security of public-key encryption schemes built from trapdoor permutations and hash functions in the random oracle model, and develops a toolset that bundles together fully automated proof and attack finding algorithms.
Verified security of redundancy-free encryption from Rabin and RSA
- Computer Science, MathematicsCCS
- 2012
This paper uses EasyCrypt to prove in the Random Oracle Model the IND-CCA security of a redundancy-free public-key encryption scheme based on trapdoor one-way permutations, and proves that the Rabin function and RSA with short exponent enjoy these properties, and thus can be used to instantiate the construction to obtain efficient encryption schemes.
Automatically Verified Mechanized Proof of One-Encryption Key Exchange
- Computer Science, Mathematics2012 IEEE 25th Computer Security Foundations Symposium
- 2012
A mechanized proof of the password-based protocol One-Encryption Key Exchange using the computationally-sound protocol prover Crypto Verif, and improves over the standard computation of probabilities when Shoup's lemma is used, which allows it to improve the bound given in a previous manual proof of OEKE.
Automated Analysis and Synthesis of Padding-Based Encryption Schemes
- Computer Science, MathematicsIACR Cryptol. ePrint Arch.
- 2012
Algorithms to search for proofs of security against chosen-plaintext and chosen-ciphertext attacks in the random oracle model and a calculator that computes the security level and efficiency of provably secure schemes that use RSA as trapdoor permutation are provided.
Automation in Computer-Aided Cryptography: Proofs, Attacks and Designs
- Computer Science, MathematicsCPP
- 2012
Both frameworks adhere to the gamebased approach to provable security, but revisit its realization from a formal verification pespective, using a probabilistic programming language pWHILE for expressing cryptographic constructions, security properties, and computational assumptions, and a Probabilistic relational Hoare logic pRHL for justifying reasonings in cryptographic proofs.
Mechanizing Game-Based Proofs of Security Protocols
- Computer Science, MathematicsSoftware Safety and Security
- 2012
The automatic protocol verifier CryptoVerif is presented; it does not rely on the Dolev-Yao model, but on the computational model, and provides an explicit formula for the probability of success of an attack against the protocol, as a function of the probabilities of breaking each primitive and of the number of sessions.
Automated Proofs of Pairing-Based Cryptography
- Computer Science, MathematicsCCS
- 2015
A new tool is implemented, called AutoG&P, which supports extremely compact, and often fully automated, proofs of cryptographic constructions based on (bilinear or multilinear) Diffie-Hellman assumptions, and is implemented to illustrate the strengths of the logic.
References
SHOWING 1-10 OF 42 REFERENCES
A Computationally Sound Mechanized Prover for Security Protocols
- Computer Science, MathematicsIEEE Transactions on Dependable and Secure Computing
- 2008
This work presents a new mechanized prover for secrecy properties of security protocols that provides a generic method for specifying security properties of the cryptographic primitives, which can handle shared-key and public-key encryption, signatures, message authentication codes, and hash functions.
Formally Certifying the Security of Digital Signature Schemes
- Computer Science, Mathematics2009 30th IEEE Symposium on Security and Privacy
- 2009
We present two machine-checked proofs of the existentialunforgeability under adaptive chosen-message attacks of the FullDomain Hash signature scheme. These proofs formalize the originalargument of…
Formal Certification of ElGamal Encryption
- Computer Science, MathematicsFormal Aspects in Security and Trust
- 2008
This article focuses on a simple but illustrative example, namely the semantic security of the Hashed ElGamal encryption scheme in both, the standard and the random oracle model.
Automated Security Proofs with Sequences of Games
- Computer Science, MathematicsCRYPTO
- 2006
This paper presents the first automatic technique for proving not only protocols but also primitives in the exact security computational model, and illustrates the use of the new tool with the proof of a quite famous asymmetric primitive: unforgeability under chosen-message attacks of the Full-Domain Hash signature scheme under the (trapdoor)-one-wayness of some permutations.
Formal certification of code-based cryptographic proofs
- Computer Science, MathematicsPOPL '09
- 2009
This work presents Certicrypt, a framework that enables the machine-checked construction and verification of code-based proofs, built upon the general-purpose proof assistant Coq, and draws on many areas, including probability, complexity, algebra, and semantics of programming languages.
Formal Certification of ElGamal Encryption A Gentle Introduction to CertiCrypt
- Computer Science, Mathematics
- 2009
This article focuses on a simple but illustrative example, namely the semantic security of the Hashed ElGamal encryption scheme in both, the standard and the random oracle model.
A Machine-Checked Formalization of Sigma-Protocols
- Computer Science, Mathematics2010 23rd IEEE Computer Security Foundations Symposium
- 2010
A first machine-checked formalization of a comprehensive theory of Σ-protocols is presented, which includes basic definitions, relations between different security properties that appear in the literature, and general composability theorems.
Beyond Provable Security Verifiable IND-CCA Security of OAEP
- Computer Science, MathematicsCT-RSA
- 2011
A machine-checked proof of OAEP's security against adaptive chosenciphertext attacks under the assumption that the underlying permutation is partial-domain one-way is presented.
Towards automated proofs for asymmetric encryption schemes in the random oracle model
- Computer Science, MathematicsCCS
- 2008
An automated procedure for analyzing generic asymmetric encryption schemes in the random oracle model is presented and it has been applied to several examples of encryption schemes among which the construction of Bellare-Rogaway 1993, of Pointcheval at PKC'2000 and REACT.
Computationally sound mechanized proofs for basic and public-key Kerberos
- Computer Science, MathematicsASIACCS '08
- 2008
We present a computationally sound mechanized analysis of Kerberos 5, both with and without its public-key extension PKINIT. We prove authentication and key secrecy properties using the prover…