Formal certification of code-based cryptographic proofs

@inproceedings{Barthe2009FormalCO,
  title={Formal certification of code-based cryptographic proofs},
  author={Gilles Barthe and Benjamin Gr{\'e}goire and Santiago Zanella B{\'e}guelin},
  booktitle={POPL '09},
  year={2009}
}
As cryptographic proofs have become essentially unverifiable, cryptographers have argued in favor of developing techniques that help tame the complexity of their proofs. Game-based techniques provide a popular approach in which proofs are structured as sequences of games and in which proof steps establish the validity of transitions between successive games. Code-based techniques form an instance of this approach that takes a code-centric view of games, and that relies on programming language… 
View on ACM
www-sop.inria.fr
299 Citations
Highly Influential Citations
24
Background Citations
121
Methods Citations
103
Results Citations
10

299 Citations

Citation Type

Citation Type

Formal certification of game-based cryptographic proofs
TLDR
This dissertation presents CertiCrypt, a framework that enables the machine-checked construction and verification of game-based cryptographic proofs, built upon the general-purpose proof assistant Coq, and draws on many areas, including probability and complexity theory, algebra, and semantics of programming languages.
Formal certification of game-based cryptographic proofs. (Certification formelle de preuves cryptographiques basées sur les séquences de jeux)
TLDR
This dissertation presents CertiCrypt, a framework that enables the machine-checked construction and verification of game-based cryptographic proofs, built upon the general-purpose proof assistant Coq, and draws on many areas, including probability and complexity theory, algebra, and semantics of programming languages.
Towards automating code-based game-based cryptographic proofs
TLDR
The long-term goal of this work is to increase the automation of CertiCrypt, to the point that the user can submit a proof sketch of a code-based game-based cryptographic proof, consisting of a sequence of games, and relational invariants, and that Certi Crypt can automatically complete the proof sketch.
Programming Language Techniques for Cryptographic Proofs
TLDR
Programming language techniques that arise specifically in cryptographic proofs are described to complete a formal proof of IND-CCA security of the OAEP padding scheme and illustrated their usefulness for showing the PRP/PRF Switching Lemma, a fundamental cryptographic result that bounds the probability of an adversary to distinguish a family of pseudorandom functions.
Automated Proofs of Pairing-Based Cryptography
TLDR
A new tool is implemented, called AutoG&P, which supports extremely compact, and often fully automated, proofs of cryptographic constructions based on (bilinear or multilinear) Diffie-Hellman assumptions, and is implemented to illustrate the strengths of the logic.
Symbolic Methods in Computational Cryptography Proofs
Code-based game-playing is a popular methodology for proving security of cryptographic constructions and side-channel countermeasures. This methodology relies on treating cryptographic proofs as an
Formal Verification of ElGamal Encryption using a Probabilistic Lambda-Calculus
TLDR
A new formal language is developed at the chair of Information Security and Cryptography at the Universit at des Saarlandes and used to model the ElGamal encryption scheme as well as the desired security properties and the necessary assumptions and it is shown how to use these transformations to achieve a fully formalized game-based proof of the security of ElGamAl.
Automation in Computer-Aided Cryptography: Proofs, Attacks and Designs
TLDR
Both frameworks adhere to the gamebased approach to provable security, but revisit its realization from a formal verification pespective, using a probabilistic programming language pWHILE for expressing cryptographic constructions, security properties, and computational assumptions, and a Probabilistic relational Hoare logic pRHL for justifying reasonings in cryptographic proofs.
A Machine-Checked Formalization of Sigma-Protocols
TLDR
A first machine-checked formalization of a comprehensive theory of Σ-protocols is presented, which includes basic definitions, relations between different security properties that appear in the literature, and general composability theorems.
Automation and Modularity of Cryptographic Proofs in the Computational Model
TLDR
A novel combination of symbolic and computational methods to achieve automated analysis of classes of constructions, without sacrificing the rigor of the code-based approach, and enabling for the first time the use of program synthesis in cryptographic design with computational guarantees is proposed.
...
...

References

SHOWING 1-10 OF 116 REFERENCES
Programming Language Techniques for Cryptographic Proofs
TLDR
Programming language techniques that arise specifically in cryptographic proofs are described to complete a formal proof of IND-CCA security of the OAEP padding scheme and illustrated their usefulness for showing the PRP/PRF Switching Lemma, a fundamental cryptographic result that bounds the probability of an adversary to distinguish a family of pseudorandom functions.
Formal Proof of Provable Security by Game-Playing in a Proof Assistant
TLDR
This paper shows how to formalize the game-playing framework of Bellare and Rogaway in the Coq proof assistant, how to prove formally reusable lemmas such as the fundamental lemma ofgame-playing, and how to use them to formally prove the PRP/PRF Switching Lemma.
A Machine-Checked Formalization of Sigma-Protocols
TLDR
A first machine-checked formalization of a comprehensive theory of Σ-protocols is presented, which includes basic definitions, relations between different security properties that appear in the literature, and general composability theorems.
A Framework for Game-Based Security Proofs
TLDR
A refinement of the game-based approach to security proofs, and its implementation on top of the proof assistant Coq that proves in a systematic way the so-called semantic security of the encryption scheme Elgamal and its hashed version.
A Formal Language for Cryptographic Pseudocode
TLDR
A language for expressing proofs that is expressive enough to specify all constructs occurring in cryptographic games, including probabilistic behaviors, the usage of oracles, and polynomial-time programs is proposed.
Automated Security Proofs with Sequences of Games
TLDR
This paper presents the first automatic technique for proving not only protocols but also primitives in the exact security computational model, and illustrates the use of the new tool with the proof of a quite famous asymmetric primitive: unforgeability under chosen-message attacks of the Full-Domain Hash signature scheme under the (trapdoor)-one-wayness of some permutations.
Computationally sound verification of source code
TLDR
This paper builds upon the prominent F7 verification framework, which comprises a security type-checker for F# protocol implementations using symbolic idealizations and the concurrent lambda calculus RCF to model a core fragment of F#, and gives conditions under which symbolic security of RCF programs using cryptographic idealizations implies computational security of the same program using cryptographic algorithms.
The Inductive Approach to Verifying Cryptographic Protocols
Informal arguments that cryptographic protocols are secure can be made rigorous using inductive definitions. The approach is based on ordinary predicate calculus and copes with infinite-state
A plausible approach to computer-aided cryptographic proofs
  • S. Halevi
  • Computer Science
    IACR Cryptol. ePrint Arch.
  • 2005
TLDR
This paper advises creating an automated tool to help with the mundane parts of writing and checking common arguments in the authors' proofs and explains why it is thought that such a tool would be useful, by considering two very different proofs of security from the literature and showing the places where having this tool would have been useful.
Towards mechanized correctness proofs for cryptographic algorithms: Axiomatization of a probabilistic Hoare style logic
...
...