On Formal Verification of Arithmetic-Based Cryptographic Primitives
Cryptographic primitives are fundamental for information security: they are used as basic components for cryptographic protocols or public-key cryptosystems. In many cases, their security proofs consist in showing that they are reducible to computationally hard problems. Those reductions can be subtle and tedious, and thus not easily checkable. On top of the proof assistant Coq, we had implemented in previous work a toolbox for writing and checking game-based security proofs of cryptographic primitives. In this paper we describe its extension with number-theoretic capabilities so that it is now possible to write and check arithmetic-based cryptographic primitives in our toolbox. We illustrate our work by machine checking the game-based proofs of unpredictability of the pseudo-random bit generator of Blum, Blum and Shub, and semantic security of the public-key cryptographic scheme of Goldwasser and Micali.
Keywordsmachine formalization cryptographic primitives CSPRBG semantic security
Unable to display preview. Download preview PDF.
- 2.Backes, M., Berg, M., Unruh, D.: A formal language for cryptographic pseudocode. In: 4th Workshop on Formal and Computational Cryptography (FCC 2008) (2008)Google Scholar
- 3.Barthe, G., Grégoire, B., Janvier, R., Olmedo, F., Béguelin, S.Z.: Formal certification of code-based cryptographic proofs. In: 4th Workshop on Formal and Computational Cryptography (FCC 2008) (2008)Google Scholar
- 4.Bellare, M., Rogaway, P.: Code-based game-playing proofs and the security of triple encryption. Cryptology ePrint Archive, Report 2004/331 (2004)Google Scholar
- 5.Blanchet, B.: An efficient cryptographic protocol verifier based on Prolog rules. In: Proceedings of the 14th IEEE Computer Security Foundations Workshop (CSFW-14), pp. 82–96. IEEE Computer Society, Los Alamitos (2001)Google Scholar
- 10.Halevi, S.: A plausible approach to computer-aided cryptographic proofs. Cryptology ePrint Archive, Report 2005/181 (2005)Google Scholar
- 12.Lafourcade, P., Lakhnech, Y., Ene, C., Courant, J., Daubignard, M.: Towards automated proofs of asymmetric encryption schemes in the random oracle model. In: Proceedings of the 2008 ACM Conference on Computer and Communications Security, ACM, New York (2008) (to appear)Google Scholar
- 14.Ramsey, N., Pfeffer, A.: Stochastic lambda calculus and monads of probability distributions. In: Proceedings of the 29th ACM Symposium on the Principles of Programming Languages (POPL 2002), pp. 154–165. ACM, New York (2002)Google Scholar
- 15.Shoup, V.: Sequences of games: a tool for taming complexity in security proofs. Cryptology ePrint Archive, Report 2004/332 (2004)Google Scholar
- 16.Vazirani, U.V., Vazirani, V.V.: Efficient and secure pseudo-random number generation. In: Proceedings of the IEEE 25th Annual Symposium on Foundations of Computer Science (FOCS 1984), pp. 458–463. IEEE Computer Society, Los Alamitos (1984)Google Scholar