International Conference on Principles of Security and Trust

POST 2012: Principles of Security and Trust pp 209-228

Verified Indifferentiable Hashing into Elliptic Curves

  • Gilles Barthe
  • Benjamin Grégoire
  • Sylvain Heraud
  • Federico Olmedo
  • Santiago Zanella Béguelin
Conference paper

DOI: 10.1007/978-3-642-28641-4_12

Volume 7215 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Barthe G., Grégoire B., Heraud S., Olmedo F., Zanella Béguelin S. (2012) Verified Indifferentiable Hashing into Elliptic Curves. In: Degano P., Guttman J.D. (eds) Principles of Security and Trust. POST 2012. Lecture Notes in Computer Science, vol 7215. Springer, Berlin, Heidelberg

Abstract

Many cryptographic systems based on elliptic curves are proven secure in the Random Oracle Model, assuming there exist probabilistic functions that map elements in some domain (e.g. bitstrings) onto uniformly and independently distributed points in a curve. When implementing such systems, and in order for the proof to carry over to the implementation, those mappings must be instantiated with concrete constructions whose behavior does not deviate significantly from random oracles. In contrast to other approaches to public-key cryptography, where candidates to instantiate random oracles have been known for some time, the first generic construction for hashing into ordinary elliptic curves indifferentiable from a random oracle was put forward only recently by Brier et al. We present a machine-checked proof of this construction. The proof is based on an extension of the CertiCrypt framework with logics and mechanized tools for reasoning about approximate forms of observational equivalence, and integrates mathematical libraries of group theory and elliptic curves.

Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Gilles Barthe
    • 1
  • Benjamin Grégoire
    • 2
  • Sylvain Heraud
    • 2
  • Federico Olmedo
    • 1
  • Santiago Zanella Béguelin
    • 1
  1. 1.IMDEA Software InstituteMadridSpain
  2. 2.INRIA Sophia Antipolis-MéditerranéeFrance