A formal specification of the MIDP 2.0 security model

This paper overviews a formal specification, using the Calculus of Inductive Constructions, of the application security model defined by the Mobile Information Device Profile 2.0 for Java 2 Micro Edition. We present an abstract model of the state of the device and security-related events that allows to reason about the security properties of theplatform where the model is deployed. We then state and sketch the proof of some desirable properties of this model

Proving the TLS Handshake Secure (As It Is)

International audienceThe TLS Internet Standard features a mixed bag of cryptographic algorithms and constructions, letting clients and servers negotiate their use for each run of the handshake. Although many ciphersuites are now well-understood in isolation, their composition remains problematic, and yet it is critical to obtain practical security guarantees for TLS, as all mainstream implementations support multiple related runs of the handshake and share keys between algorithms.We study the provable security of the TLS handshake, as it is implemented and deployed. To capture the details of the standard and its main extensions, we rely on miTLS, a verified reference implementation of the protocol. We propose new agile security definitions and assumptions for the signatures, key encapsulation mechanisms (KEM), and key derivation algorithms used by the TLS handshake. To validate our model of key encapsulation, we prove that both RSA and Diffie-Hellman ciphersuites satisfy our definition for the KEM. In particular, we formalize the use of PKCS#1v1.5 and build a 3,000-line EasyCrypt proof of the security of the resulting KEM against replayable chosen-ciphertext attacks under the assumption that ciphertexts are hard to re-randomize.Based on our new agile definitions, we construct a modular proof of security for the miTLS reference implementation of the handshake, including ciphersuite negotiation, key exchange, renegotiation, and resumption, treated as a detailed 3,600-line executable model. We present our main definitions, constructions, and proofs for an abstract model of the protocol, featuring series of related runs of the handshake with different ciphersuites. We also describe its refinement to account for the whole reference implementation, based on automated verification tools

Full proof cryptography: verifiable compilation of efficient zero-knowledge protocols

Developers building cryptography into security-sensitive applications face a daunting task. Not only must they understand the security guarantees delivered by the constructions they choose, they must also implement and combine them correctly and efficiently. Cryptographic compilers free developers from having to implement cryptography on their own by turning high-level specifications of security goals into efficient implementations. Yet, trusting such tools is risky as they rely on complex mathematical machinery and claim security properties that are subtle and difficult to verify. In this paper, we present ZKCrypt, an optimizing cryptographic compiler that achieves an unprecedented level of assurance without sacrificing practicality for a comprehensive class of cryptographic protocols, known as Zero-Knowledge Proofs of Knowledge. The pipeline of ZKCrypt tightly integrates purpose-built verified compilers and verifying compilers producing formal proofs in the CertiCrypt framework. By combining the guarantees delivered by each stage in the pipeline, ZKCrypt provides assurance that the implementation it outputs securely realizes the high-level proof goal given as input. We report on the main characteristics of ZKCrypt, highlight new definitions and concepts at its foundations, and illustrate its applicability through a representative example of an anonymous credential system.(undefined

A Machine-Checked Formalization of Sigma-Protocols

International audienceZero-knowledge proofs have a vast applicability in the domain of cryptography, stemming from the fact that they can be used to force potentially malicious parties to abide by the rules of a protocol, without forcing them to reveal their secrets. $\Sigma$-protocols are a class of zero-knowledge proofs that can be implemented efficiently and that suffice for a great variety of practical applications. This paper presents a first machine-checked formalization of a comprehensive theory of Sigma-protocols. The development includes basic definitions, relations between different security properties that appear in the literature, and general composability theorems. We show its usefulness by formalizing---and proving the security---of concrete instances of several well-known protocols. The formalization builds on CertiCrypt, a framework that provides support to reason about cryptographic systems in the Coq proof assistant, and that has been previously used to formalize security proofs of encryption and signature scheme

SoK: Let the Privacy Games Begin! A Unified Treatment of Data Inference Privacy in Machine Learning

Deploying machine learning models in production may allow adversaries to infer sensitive information about training data. There is a vast literature analyzing different types of inference risks, ranging from membership inference to reconstruction attacks. Inspired by the success of games (i.e., probabilistic experiments) to study security properties in cryptography, some authors describe privacy inference risks in machine learning using a similar game-based style. However, adversary capabilities and goals are often stated in subtly different ways from one presentation to the other, which makes it hard to relate and compose results. In this paper, we present a game-based framework to systematize the body of knowledge on privacy inference risks in machine learning. We use this framework to (1) provide a unifying structure for definitions of inference risks, (2) formally establish known relations among definitions, and (3) to uncover hitherto unknown relations that would have been difficult to spot otherwise.Comment: 20 pages, to appear in 2023 IEEE Symposium on Security and Privac

Verified Security of Merkle-Damgård

Cryptographic hash functions provide a basic data authentication mechanism and are used pervasively as building blocks to realize many cryptographic functionalities, including block ciphers, message authentication codes, key exchange protocols, and encryption and digital signature schemes. Since weaknesses in hash functions may imply vulnerabilities in the constructions that build upon them, ensuring their security is essential. Unfortunately, many widely used hash functions, including SHA-1 and MD5, are subject to practical attacks. The search for a secure replacement is one of the most active topics in the field of cryptography. In this paper we report on the first machine-checked and independently-verifiable proofs of collision-resistance and in differentiability of Merkle-Damgård, a construction that underlies many existing hash functions. Our proofs are built and verified using an extension of the Easy Crypt framework, which relies on state-of-the-art verification tools such as automated theorem provers, SMT solvers, and interactive proof assistants

Implementing and Proving the TLS 1.3 Record Layer

International audienceThe record layer is the main bridge between TLS applications and internal sub-protocols. Its corefunctionality is an elaborate form of authenticated encryption: streams of messages for each sub-protocol(handshake, alert, and application data) are fragmented, multiplexed, and encrypted with optionalpadding to hide their lengths. Conversely, the sub-protocols may provide fresh keys or signal streamtermination to the record layer.Compared to prior versions, TLS 1.3 discards obsolete schemes in favor of a common construction forAuthenticated Encryption with Associated Data (AEAD), instantiated with algorithms such as AESGCMand ChaCha20-Poly1305. It differs from TLS 1.2 in its use of padding, associated data and nonces.It also encrypts the content-type used to multiplex between sub-protocols. New protocol features suchas early application data (0-RTT and 0.5-RTT) and late handshake messages require additional keysand a more general model of stateful encryption.We build and verify a reference implementation of the TLS record layer and its cryptographic algorithmsin F?, a dependently typed language where security and functional guarantees can be specifiedas pre- and post-conditions. We reduce the high-level security of the record layer to cryptographic assumptionson its ciphers. Each step in the reduction is verified by typing an F? module; for each stepthat involves a cryptographic assumption, this module precisely captures the corresponding game.We first verify the functional correctness and injectivity properties of our implementations of onetimeMAC algorithms (Poly1305 and GHASH) and provide a generic proof of their security given thesetwo properties. We show the security of a generic AEAD construction built from any secure onetimeMAC and PRF. We extend AEAD, first to stream encryption, then to length-hiding, multiplexedencryption. Finally, we build a security model of the record layer against an adversary that controls theTLS sub-protocols. We compute concrete security bounds for the AES_128_GCM, AES_256_GCM,and CHACHA20_POLY1305 ciphersuites, and derive recommended limits on sent data before re-keying.We plug our implementation of the record layer into the miTLS library, confirm that they interoperatewith Chrome and Firefox, and report initial performance results. Combining our functional correctness,security, and experimental results, we conclude that the new TLS record layer (as described in RFCsand cryptographic standards) is provably secure, and we provide its first verified implementation

Formal Verification of Smart Contracts: Short Paper

International audienceEthereum is a framework for cryptocurrencies which uses blockchain technology to provide an open global computing platform, called the Ethereum Virtual Machine (EVM). EVM executes bytecode on a simple stack machine. Programmers do not usually write EVM code; instead, they can program in a JavaScript-like language, called Solidity, that compiles to bytecode. Since the main purpose of EVM is to execute smart contracts that manage and transfer digital assets (called Ether), security is of paramount importance. However, writing secure smart contracts can be extremely difficult: due to the openness of Ethereum, both programs and pseudonymous users can call into the public methods of other programs, leading to potentially dangerous compositions of trusted and untrusted code. This risk was recently illustrated by an attack on TheDAO contract that exploited subtle details of the EVM semantics to transfer roughly $50M worth of Ether into the control of an attacker.In this paper, we outline a framework to analyze and verify both the runtime safety and the functional correctness of Ethereum contracts by translation to F*, a functional programming language aimed at program verification

Imperfect forward secrecy: How Diffie-Hellman fails in practice

International audienceWe investigate the security of Diffie-Hellman key exchange as used in popular Internet protocols and find it to be less secure than widely believed. First, we present Logjam, a novel flaw in TLS that lets a man-in-the-middle downgrade connections to "export-grade" Diffie-Hellman. To carry out this attack, we implement the number field sieve discrete logarithm algorithm. After a week-long precomputation for a specified 512-bit group, we can compute arbitrary discrete logarithms in that group in about a minute. We find that 82% of vulnerable servers use a single 512-bit group, and that 8.4% of Alexa Top Million HTTPS sites are vulnerable to the attack. a In response, major browsers have changed to reject short groups. We go on to consider Diffie-Hellman with 768-and 1024-bit groups. We estimate that even in the 1024-bit case, the computations are plausible given nation-state resources. A small number of fixed or standardized groups are used by millions of servers; performing precomputation for a single 1024-bit group would allow passive eavesdropping on 18% of popular HTTPS sites, and a second group would allow decryption of traffic to 66% of IPsec VPNs and 26% of SSH servers. A close reading of published NSA leaks shows that the agency's attacks on VPNs are consistent with having achieved such a break. We conclude that moving to stronger key exchange methods should be a priority for the Internet community