Journal of Automated Reasoning

, Volume 46, Issue 3–4, pp 261–291

Automated Proofs for Asymmetric Encryption

  • J. Courant
  • M. Daubignard
  • C. Ene
  • P. Lafourcade
  • Y. Lakhnech
Article

Abstract

Many generic constructions for building secure cryptosystems from primitives with lower level of security have been proposed. Providing security proofs has also become standard practice. There is, however, a lack of automated verification procedures that analyze such cryptosystems and provide security proofs. In this paper, we present a sound and automated procedure that allows us to verify that a generic asymmetric encryption scheme is secure against chosen-plaintext attacks in the random oracle model. It has been applied to several examples of encryption schemes among which the construction of Bellare–Rogaway 1993, of Pointcheval at PKC’2000.

Keywords

Provable cryptography Asymmetric encryption Automated verification Hoare logic 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Barthe, G., Cederquist, J., Tarento, S.: A machine-checked formalization of the generic model and the random oracle model. In: Basin, D., Rusinowitch, M. (eds.) Proceedings of IJCAR’04, vol. 3097 of LNCS, pp. 385–399 (2004)Google Scholar
  2. 2.
    Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A concrete security treatment of symmetric encryption. In: FOCS, pp. 394–403 (1997)Google Scholar
  3. 3.
    Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among notions of security for public-key encryption schemes. In: CRYPTO ’98: Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology, pp. 26–45, London, UK. Springer, Heidelberg (1998)Google Scholar
  4. 4.
    Barthe, G., Grégoire, B., Zanella Béguelin, S.: Formal certification of code-based cryptographic proofs. In: POPL ’09: Proceedings of the 36th annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 90–101. ACM, New York (2009)Google Scholar
  5. 5.
    Blanchet, B.: A computationally sound mechanized prover for security protocols. In: IEEE Symposium on Security and Privacy (S&P 2006), 21–24, pp. 140–154. IEEE Computer Society, Washington (2006)Google Scholar
  6. 6.
    Blanchet, B., Pointcheval, D.: Automated security proofs with sequences of games. In: Dwork, C. (ed.) CRYPTO, vol. 4117 of Lecture Notes in Computer Science, pp. 537–554. Springer, Heidelberg (2006)Google Scholar
  7. 7.
    Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: CCS ’93: Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 62–73. ACM, New York (1993)CrossRefGoogle Scholar
  8. 8.
    Bellare, M., Rogaway, P.: Optimal asymmetric encryption. In: De Santis, A. (ed.) EUROCRYPT, vol. 950 of Lecture Notes in Computer Science, pp. 92–111. Springer, Heidelberg (1994)Google Scholar
  9. 9.
    Bellare, M., Rogaway, P.: Code-based game-playing proofs and the security of triple encryption. Cryptology ePrint Archive, Report 2004/331. http://eprint.iacr.org/ (2004)
  10. 10.
    Barthe, G., Tarento, S.: A machine-checked formalization of the random oracle model. In: Filliâtre, J.-C., Paulin-Mohring, C., Werner, B. (eds.) Proceedings of TYPES’04, vol. 3839 of Lecture Notes in Computer Science, pp. 33–49. Springer, Heidelberg (2004)Google Scholar
  11. 11.
    Courant, J., Daubignard, M., Ene, C., Lafourcade, P., Lahknech, Y.: Towards automated proofs for asymmetric encryption schemes in the random oracle model. Technical report, Verimag, Verimag, Centre Équation, 38610 Gières (2009)Google Scholar
  12. 12.
    Corin, R., den Hartog, J.: A probabilistic Hoare-style logic for game-based cryptographic proofs. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP (2), vol. 4052 of Lecture Notes in Computer Science, pp. 252–263. Springer, Heidelberg (2006)Google Scholar
  13. 13.
    Damgard, I.: Towards practical public key systems secure against chosen ciphertext attacks. In: CRYPTO ’91: Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology, pp. 445–456. Springer, London (1992)Google Scholar
  14. 14.
    Datta, A., Derek, A., Mitchell, J.C., Warinschi, B.: Computationally sound compositional logic for key exchange protocols. In: CSFW ’06: Proceedings of the 19th IEEE Workshop on Computer Security Foundations, pp. 321–334. IEEE Computer Society, Washington (2006)Google Scholar
  15. 15.
    Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. Inf. Theory IT-22, 644–654 (1976)MathSciNetCrossRefGoogle Scholar
  16. 16.
    Feige, U., Fiat, A., Shamir, A.: Zero-knowledge proofs of identity. J. Cryptol. 1(2), 77–94 (1988)MathSciNetMATHCrossRefGoogle Scholar
  17. 17.
    Halevi, S.: A plausible approach to computer-aided cryptographic proofs. http://theory.lcs.mit.edu/~shaih/pubs.html (2005)
  18. 18.
    Okamoto, T., Pointcheval, D.: React: Rapid enhanced-security asymmetric cryptosystem transform. In: CT-RSA 2001: Proceedings of the 2001 Conference on Topics in Cryptology, pp. 159–175. Springer, London(2001)CrossRefGoogle Scholar
  19. 19.
    Pointcheval, D.: Chosen-ciphertext security for any one-way cryptosystem. In: PKC ’00: Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography, pp. 129–146. Springer, London (2000)Google Scholar
  20. 20.
    Rabin, M.O.: Digitalized signatures as intractable as factorization. Technical Report MIT/LCS/TR-212, Massachusetts Institute of Technology, Cambridge (1979)Google Scholar
  21. 21.
    Shoup, V.: OAEP reconsidered. J. Cryptol. 15(4), 223–249 (2002)MathSciNetMATHCrossRefGoogle Scholar
  22. 22.
    Shoup, V.: Sequences of games: a tool for taming complexity in security proofs http://eprint.iacr.org/2004/332 (2004)
  23. 23.
    Soldera, D., Seberry, J., Qu, C.: The analysis of Zheng–Seberry scheme. In: Batten, L.M., Seberry, J. (eds.) ACISP, vol. 2384 of Lecture Notes in Computer Science, pp. 159–168. Springer, Heidelberg (2002)Google Scholar
  24. 24.
    Tarento, S.: Machine-checked security proofs of cryptographic signature schemes. In: De Capitani di Vimercati, S., Syverson, P.F., Gollmann, D. (eds.) Computer Security–ESORICS 2005, vol. 3679 of Lecture Notes in Computer Science, pp. 140–158. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  25. 25.
    Zheng, Y., Seberry, J.: Immunizing public key cryptosystems against chosen ciphertext attacks. IEEE J. Sel. Areas Commun. 11(5), 715–724 (1993)CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media B.V. 2010

Authors and Affiliations

  • J. Courant
    • 1
  • M. Daubignard
    • 1
  • C. Ene
    • 1
  • P. Lafourcade
    • 1
  • Y. Lakhnech
    • 1
  1. 1.Université Joseph Fourier (Grenoble 1), CNRS, VerimagGrenobleFrance

Personalised recommendations