4,675 research outputs found
Automated Security Proofs with Sequences of Games
This paper presents the first automatic technique for proving not only
protocols but also primitives in the exact security computational
model. Automatic proofs of cryptographic protocols were up to now
reserved to the Dolev-Yao model, which however makes quite strong
assumptions on the primitives. On the other hand, with the proofs by
reductions, in the complexity theoretic framework, more subtle
security assumptions can be considered, but security analyses are
manual. A process calculus is thus defined in order to take into
account the probabilistic semantics of the computational model. It is
already rich enough to describe all the usual security notions of both
symmetric and asymmetric cryptography, as well as the basic
computational assumptions. As an example, we illustrate the use of the
new tool with the proof of a quite famous asymmetric primitive:
unforgeability under chosen-message attacks (UF-CMA) of the
Full-Domain Hash signature scheme under the (trapdoor)-one-wayness of
some permutations
On formal verification of arithmetic-based cryptographic primitives
Cryptographic primitives are fundamental for information security: they are
used as basic components for cryptographic protocols or public-key
cryptosystems. In many cases, their security proofs consist in showing that
they are reducible to computationally hard problems. Those reductions can be
subtle and tedious, and thus not easily checkable. On top of the proof
assistant Coq, we had implemented in previous work a toolbox for writing and
checking game-based security proofs of cryptographic primitives. In this paper
we describe its extension with number-theoretic capabilities so that it is now
possible to write and check arithmetic-based cryptographic primitives in our
toolbox. We illustrate our work by machine checking the game-based proofs of
unpredictability of the pseudo-random bit generator of Blum, Blum and Shub, and
semantic security of the public-key cryptographic scheme of Goldwasser and
Micali.Comment: 13 page
EasyUC: using EasyCrypt to mechanize proofs of universally composable security
We present a methodology for using the EasyCrypt proof assistant (originally designed for mechanizing the generation of proofs of game-based security of cryptographic schemes and protocols) to mechanize proofs of security of cryptographic protocols within the universally composable (UC) security framework. This allows, for the first time, the mechanization and formal verification of the entire sequence of steps needed for proving simulation-based security in a modular way: Specifying a protocol and the desired ideal functionality; Constructing a simulator and demonstrating its validity, via reduction to hard computational problems; Invoking the universal composition operation and demonstrating that it indeed preserves security. We demonstrate our methodology on a simple example: stating and proving the security of secure message communication via a one-time pad, where the key comes from a Diffie-Hellman key-exchange, assuming ideally authenticated communication. We first put together EasyCrypt-verified proofs that: (a) the Diffie-Hellman protocol UC-realizes an ideal key-exchange functionality, assuming hardness of the Decisional Diffie-Hellman problem, and (b) one-time-pad encryption, with a key obtained using ideal key-exchange, UC-realizes an ideal secure-communication functionality. We then mechanically combine the two proofs into an EasyCrypt-verified proof that the composed protocol realizes the same ideal secure-communication functionality. Although formulating a methodology that is both sound and workable has proven to be a complex task, we are hopeful that it will prove to be the basis for mechanized UC security analyses for significantly more complex protocols and tasks.Accepted manuscrip
Uniform Strategies
We consider turn-based game arenas for which we investigate uniformity
properties of strategies. These properties involve bundles of plays, that arise
from some semantical motive. Typically, we can represent constraints on allowed
strategies, such as being observation-based. We propose a formal language to
specify uniformity properties and demonstrate its relevance by rephrasing
various known problems from the literature. Note that the ability to correlate
different plays cannot be achieved by any branching-time logic if not equipped
with an additional modality, so-called R in this contribution. We also study an
automated procedure to synthesize strategies subject to a uniformity property,
which strictly extends existing results based on, say standard temporal logics.
We exhibit a generic solution for the synthesis problem provided the bundles of
plays rely on any binary relation definable by a finite state transducer. This
solution yields a non-elementary procedure.Comment: (2012
Graphical Methods in Device-Independent Quantum Cryptography
We introduce a framework for graphical security proofs in device-independent
quantum cryptography using the methods of categorical quantum mechanics. We are
optimistic that this approach will make some of the highly complex proofs in
quantum cryptography more accessible, facilitate the discovery of new proofs,
and enable automated proof verification. As an example of our framework, we
reprove a previous result from device-independent quantum cryptography: any
linear randomness expansion protocol can be converted into an unbounded
randomness expansion protocol. We give a graphical proof of this result, and
implement part of it in the Globular proof assistant.Comment: Publishable version. Diagrams have been polished, minor revisions to
the text, and an appendix added with supplementary proof
Formal Verification of Security Protocol Implementations: A Survey
Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implementations. This paper surveys these attempts, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography. According to these approaches, libraries are assumed to correctly implement some models. The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approac
Quantifying pervasive authentication: the case of the Hancke-Kuhn protocol
As mobile devices pervade physical space, the familiar authentication
patterns are becoming insufficient: besides entity authentication, many
applications require, e.g., location authentication. Many interesting protocols
have been proposed and implemented to provide such strengthened forms of
authentication, but there are very few proofs that such protocols satisfy the
required security properties. The logical formalisms, devised for reasoning
about security protocols on standard computer networks, turn out to be
difficult to adapt for reasoning about hybrid protocols, used in pervasive and
heterogenous networks.
We refine the Dolev-Yao-style algebraic method for protocol analysis by a
probabilistic model of guessing, needed to analyze protocols that mix weak
cryptography with physical properties of nonstandard communication channels.
Applying this model, we provide a precise security proof for a proximity
authentication protocol, due to Hancke and Kuhn, that uses a subtle form of
probabilistic reasoning to achieve its goals.Comment: 31 pages, 2 figures; short version of this paper appeared in the
Proceedings of MFPS 201
- …