Abstract
Many generic constructions for building secure cryptosystems from primitives with lower level of security have been proposed. Providing security proofs has also become standard practice. There is, however, a lack of automated verification procedures that analyze such cryptosystems and provide security proofs. In this paper, we present a sound and automated procedure that allows us to verify that a generic asymmetric encryption scheme is secure against chosen-plaintext attacks in the random oracle model. It has been applied to several examples of encryption schemes among which the construction of Bellare–Rogaway 1993, of Pointcheval at PKC’2000.
Similar content being viewed by others
References
Barthe, G., Cederquist, J., Tarento, S.: A machine-checked formalization of the generic model and the random oracle model. In: Basin, D., Rusinowitch, M. (eds.) Proceedings of IJCAR’04, vol. 3097 of LNCS, pp. 385–399 (2004)
Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A concrete security treatment of symmetric encryption. In: FOCS, pp. 394–403 (1997)
Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among notions of security for public-key encryption schemes. In: CRYPTO ’98: Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology, pp. 26–45, London, UK. Springer, Heidelberg (1998)
Barthe, G., Grégoire, B., Zanella Béguelin, S.: Formal certification of code-based cryptographic proofs. In: POPL ’09: Proceedings of the 36th annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 90–101. ACM, New York (2009)
Blanchet, B.: A computationally sound mechanized prover for security protocols. In: IEEE Symposium on Security and Privacy (S&P 2006), 21–24, pp. 140–154. IEEE Computer Society, Washington (2006)
Blanchet, B., Pointcheval, D.: Automated security proofs with sequences of games. In: Dwork, C. (ed.) CRYPTO, vol. 4117 of Lecture Notes in Computer Science, pp. 537–554. Springer, Heidelberg (2006)
Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: CCS ’93: Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 62–73. ACM, New York (1993)
Bellare, M., Rogaway, P.: Optimal asymmetric encryption. In: De Santis, A. (ed.) EUROCRYPT, vol. 950 of Lecture Notes in Computer Science, pp. 92–111. Springer, Heidelberg (1994)
Bellare, M., Rogaway, P.: Code-based game-playing proofs and the security of triple encryption. Cryptology ePrint Archive, Report 2004/331. http://eprint.iacr.org/ (2004)
Barthe, G., Tarento, S.: A machine-checked formalization of the random oracle model. In: Filliâtre, J.-C., Paulin-Mohring, C., Werner, B. (eds.) Proceedings of TYPES’04, vol. 3839 of Lecture Notes in Computer Science, pp. 33–49. Springer, Heidelberg (2004)
Courant, J., Daubignard, M., Ene, C., Lafourcade, P., Lahknech, Y.: Towards automated proofs for asymmetric encryption schemes in the random oracle model. Technical report, Verimag, Verimag, Centre Équation, 38610 Gières (2009)
Corin, R., den Hartog, J.: A probabilistic Hoare-style logic for game-based cryptographic proofs. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP (2), vol. 4052 of Lecture Notes in Computer Science, pp. 252–263. Springer, Heidelberg (2006)
Damgard, I.: Towards practical public key systems secure against chosen ciphertext attacks. In: CRYPTO ’91: Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology, pp. 445–456. Springer, London (1992)
Datta, A., Derek, A., Mitchell, J.C., Warinschi, B.: Computationally sound compositional logic for key exchange protocols. In: CSFW ’06: Proceedings of the 19th IEEE Workshop on Computer Security Foundations, pp. 321–334. IEEE Computer Society, Washington (2006)
Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. Inf. Theory IT-22, 644–654 (1976)
Feige, U., Fiat, A., Shamir, A.: Zero-knowledge proofs of identity. J. Cryptol. 1(2), 77–94 (1988)
Halevi, S.: A plausible approach to computer-aided cryptographic proofs. http://theory.lcs.mit.edu/~shaih/pubs.html (2005)
Okamoto, T., Pointcheval, D.: React: Rapid enhanced-security asymmetric cryptosystem transform. In: CT-RSA 2001: Proceedings of the 2001 Conference on Topics in Cryptology, pp. 159–175. Springer, London(2001)
Pointcheval, D.: Chosen-ciphertext security for any one-way cryptosystem. In: PKC ’00: Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography, pp. 129–146. Springer, London (2000)
Rabin, M.O.: Digitalized signatures as intractable as factorization. Technical Report MIT/LCS/TR-212, Massachusetts Institute of Technology, Cambridge (1979)
Shoup, V.: OAEP reconsidered. J. Cryptol. 15(4), 223–249 (2002)
Shoup, V.: Sequences of games: a tool for taming complexity in security proofs http://eprint.iacr.org/2004/332 (2004)
Soldera, D., Seberry, J., Qu, C.: The analysis of Zheng–Seberry scheme. In: Batten, L.M., Seberry, J. (eds.) ACISP, vol. 2384 of Lecture Notes in Computer Science, pp. 159–168. Springer, Heidelberg (2002)
Tarento, S.: Machine-checked security proofs of cryptographic signature schemes. In: De Capitani di Vimercati, S., Syverson, P.F., Gollmann, D. (eds.) Computer Security–ESORICS 2005, vol. 3679 of Lecture Notes in Computer Science, pp. 140–158. Springer, Heidelberg (2005)
Zheng, Y., Seberry, J.: Immunizing public key cryptosystems against chosen ciphertext attacks. IEEE J. Sel. Areas Commun. 11(5), 715–724 (1993)
Author information
Authors and Affiliations
Corresponding author
Additional information
This work is partially supported by the ANR projects SCALP, AVOTE and SFINCS.
Rights and permissions
About this article
Cite this article
Courant, J., Daubignard, M., Ene, C. et al. Automated Proofs for Asymmetric Encryption. J Autom Reasoning 46, 261–291 (2011). https://doi.org/10.1007/s10817-010-9186-x
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10817-010-9186-x