3,830 research outputs found
On formal verification of arithmetic-based cryptographic primitives
Cryptographic primitives are fundamental for information security: they are
used as basic components for cryptographic protocols or public-key
cryptosystems. In many cases, their security proofs consist in showing that
they are reducible to computationally hard problems. Those reductions can be
subtle and tedious, and thus not easily checkable. On top of the proof
assistant Coq, we had implemented in previous work a toolbox for writing and
checking game-based security proofs of cryptographic primitives. In this paper
we describe its extension with number-theoretic capabilities so that it is now
possible to write and check arithmetic-based cryptographic primitives in our
toolbox. We illustrate our work by machine checking the game-based proofs of
unpredictability of the pseudo-random bit generator of Blum, Blum and Shub, and
semantic security of the public-key cryptographic scheme of Goldwasser and
Micali.Comment: 13 page
Formal Computational Unlinkability Proofs of RFID Protocols
We set up a framework for the formal proofs of RFID protocols in the
computational model. We rely on the so-called computationally complete symbolic
attacker model. Our contributions are: i) To design (and prove sound) axioms
reflecting the properties of hash functions (Collision-Resistance, PRF); ii) To
formalize computational unlinkability in the model; iii) To illustrate the
method, providing the first formal proofs of unlinkability of RFID protocols,
in the computational model
Automated Cryptographic Analysis of the Pedersen Commitment Scheme
Aiming for strong security assurance, recently there has been an increasing
interest in formal verification of cryptographic constructions. This paper
presents a mechanised formal verification of the popular Pedersen commitment
protocol, proving its security properties of correctness, perfect hiding, and
computational binding. To formally verify the protocol, we extended the theory
of EasyCrypt, a framework which allows for reasoning in the computational
model, to support the discrete logarithm and an abstraction of commitment
protocols. Commitments are building blocks of many cryptographic constructions,
for example, verifiable secret sharing, zero-knowledge proofs, and e-voting.
Our work paves the way for the verification of those more complex
constructions.Comment: 12 pages, conference MMM-ACNS 201
Symbolic Abstractions for Quantum Protocol Verification
Quantum protocols such as the BB84 Quantum Key Distribution protocol exchange
qubits to achieve information-theoretic security guarantees. Many variants
thereof were proposed, some of them being already deployed. Existing security
proofs in that field are mostly tedious, error-prone pen-and-paper proofs of
the core protocol only that rarely account for other crucial components such as
authentication. This calls for formal and automated verification techniques
that exhaustively explore all possible intruder behaviors and that scale well.
The symbolic approach offers rigorous, mathematical frameworks and automated
tools to analyze security protocols. Based on well-designed abstractions, it
has allowed for large-scale formal analyses of real-life protocols such as TLS
1.3 and mobile telephony protocols. Hence a natural question is: Can we use
this successful line of work to analyze quantum protocols? This paper proposes
a first positive answer and motivates further research on this unexplored path
Formal Verification of Security Protocol Implementations: A Survey
Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implementations. This paper surveys these attempts, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography. According to these approaches, libraries are assumed to correctly implement some models. The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approac
Towards mechanized correctness proofs for cryptographic algorithms: Axiomatization of a probabilistic Hoare style logic
In [Corin, den Hartog in ICALP 2006] we build a formal verification technique for game based correctness proofs of cryptograhic algorithms based on a probabilistic Hoare style logic [den Hartog, de Vink in IJFCS 13(3), 2002]. An important step towards enabling mechanized verification within this technique is an axiomatization of implication between predicates which is purely semantically defined in [den Hartog, de Vink in IJFCS 13(3), 2002]. In this paper we provide an axiomatization and illustrate its place in the formal verification technique of [Corin, den Hartog in ICALP 2006]
Sound Computational Interpretation of Formal Encryption with Composed Keys
The formal and computational views of cryptography have been related by the seminal work of Abadi and Rogaway. In their work, a formal treatment of encryption that uses atomic keys is justified in the computational world. However, many proposed formal approaches allow the use of composed keys, where any arbitrary expression can be used as encryption key. We consider an extension of the formal model presented by Abadi and Rogaway, in which it is allowed to use composed keys in formal encryption. We then provide a computational interpretation for expressions that allow us to establish the computational soundness of formal encryption with composed keys
- …