3 research outputs found
Symbolic security of garbled circuits
We present the first computationally sound symbolic analysis of Yao\u27s
garbled circuit construction for secure two party computation.
Our results include an extension of the symbolic language for cryptographic
expressions from previous work on computationally sound symbolic analysis,
and a soundness theorem for this extended language.
We then demonstrate how the extended language can be used to
formally specify not only the garbled circuit construction, but also
the formal (symbolic) simulator required by the definition of security.
The correctness of the simulation is proved in a purely syntactical way,
within the symbolic model of cryptography, and then translated into a concrete
computational indistinguishability statement via our general computational
soundness theorem.
We also implement our symbolic security framework and the garbling scheme
in Haskell, and our experiment shows that the symbolic analysis performs well
and can be done within several seconds even for large circuits that are useful
for real world applications
Symbolic Encryption with Pseudorandom Keys
We give an efficient decision procedure that, on input two (acyclic)
cryptographic expressions making arbitrary use of an encryption scheme
and a (length doubling) pseudorandom generator, determines (in polynomial time) if the two expressions produce computationally indistinguishable distributions for any pseudorandom generator and encryption scheme satisfying the standard security notions of pseudorandomness and indistinguishability under chosen plaintext attack.
The procedure works by mapping each expression to a symbolic pattern that captures, in a fully abstract way, the information revealed by the expression to a computationally bounded observer. We then prove that if any two (possibly cyclic) expressions are mapped to the same
pattern, then the associated distributions are indistinguishable.
At the same time, if the expressions are mapped to different symbolic
patterns and do not contain encryption cycles, there are secure
pseudorandom generators and encryption schemes for which the two
distributions can be distinguished with overwhelming advantage
A High-Assurance Evaluator for Machine-Checked Secure Multiparty Computation
Secure Multiparty Computation (MPC) enables a group of
distrusting parties to jointly compute a function using private
inputs. MPC guarantees correctness of computation and confidentiality
of inputs if no more than a threshold of the parties are corrupted.
Proactive MPC (PMPC) addresses the stronger threat model of a
mobile adversary that controls a changing set of parties (but
only up to at any instant), and may eventually corrupt all parties over a long time.
This paper takes a first stab at developing high-assurance
implementations of (P)MPC. We formalize in EasyCrypt, a tool-assisted
framework for building high-confidence cryptographic proofs, several
abstract and reusable variations of secret sharing and of (P)MPC protocols
building on them. Using those, we prove a series of abstract theorems for the
proactive setting. We implement and perform computer-checked security
proofs of concrete instantiations of the required (abstract) protocols in
EasyCrypt.
We also develop a new tool-chain to extract
high-assurance executable implementations of protocols formalized and
verified in EasyCrypt. Our tool-chain uses Why as an intermediate tool, and enables us
to extract executable code from our (P)MPC
formalizations. We conduct an evaluation of the extracted executables by
comparing their performance to performance of manually implemented versions using
Python-based Charm framework for prototyping
cryptographic schemes. We argue that the small overhead of our
high-assurance executables is a reasonable price to pay for the
increased confidence about their correctness and security