Advertisement

The Foundational Cryptography Framework

  • Adam PetcherEmail author
  • Greg Morrisett
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9036)

Abstract

We present the Foundational Cryptography Framework (FCF) for developing and checking complete proofs of security for cryptographic schemes within a proof assistant. This is a general-purpose framework that is capable of modeling and reasoning about a wide range of cryptographic schemes, security definitions, and assumptions. Security is proven in the computational model, and the proof provides concrete bounds as well as asymptotic conclusions. FCF provides a language for probabilistic programs, a theory that is used to reason about programs, and a library of tactics and definitions that are useful in proofs about cryptography. The framework is designed to leverage fully the existing theory and capabilities of the Coq proof assistant in order to reduce the effort required to develop proofs.

Keywords

Cryptography Protocol Verification Proof Assistant Coq 

References

  1. 1.
    Abadi, M., Rogaway, P.: Reconciling two views of cryptography. In: Watanabe, O., Hagiya, M., Ito, T., van Leeuwen, J., Mosses, P.D. (eds.) TCS 2000. LNCS, vol. 1872, pp. 3–22. Springer, Heidelberg (2000), http://dl.acm.org/citation.cfm?id=647318.723498 CrossRefGoogle Scholar
  2. 2.
    Affeldt, R., Tanaka, M., Marti, N.: Formal proof of provable security by game-playing in a proof assistant. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 151–168. Springer, Heidelberg (2007), http://dl.acm.org/citation.cfm?id=1779394.1779408 CrossRefGoogle Scholar
  3. 3.
    Almeida, J.B., Barbosa, M., Barthe, G., Dupressoir, F.: Certified computer-aided cryptography: Efficient provably secure machine code from high-level implementations. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013, pp. 1217–1230. ACM, New York (2013), http://doi.acm.org/10.1145/2508859.2516652 CrossRefGoogle Scholar
  4. 4.
    Backes, M., Unruh, D.: Computational soundness of symbolic zero-knowledge proofs against active attackers. In: 21st IEEE Computer Security Foundations Symposium, CSF 2008, pp. 255–269 (June 2008), preprint on IACR ePrint 2008/152Google Scholar
  5. 5.
    Barthe, G., Grégoire, B., Heraud, S., Béguelin, S.Z.: Computer-aided security proofs for the working cryptographer. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 71–90. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  6. 6.
    Barthe, G., Grégoire, B., Zanella Béguelin, S.: Formal certification of code-based cryptographic proofs. In: 36th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2009, pp. 90–101. ACM (2009), http://dx.doi.org/10.1145/1480881.1480894
  7. 7.
    Bellare, M., Rogaway, P.: Code-based game-playing proofs and the security of triple encryption. Cryptology ePrint Archive, Report 2004/331 (2004), http://eprint.iacr.org/
  8. 8.
    Bengtson, J., Bhargavan, K., Fournet, C., Maffeis, S., Gordon, A.D.: Refinement types for secure implementations. In: 21st IEEE Computer Security Foundations Symposium (CSF 2008), pp. 17–32. IEEE (2008)Google Scholar
  9. 9.
    Berg, M.: Formal Verification of Cryptographic Security Proofs. Ph.D. thesis, Saarland University (2013), http://www.infsec.cs.uni-saarland.de/~berg/publications/thesis-berg.pdf
  10. 10.
    Blanchet, B.: Computationally sound mechanized proofs of correspondence assertions. In: 20th IEEE Computer Security Foundations Symposium (CSF 2007), pp. 97–111. IEEE, Venice (2007)CrossRefGoogle Scholar
  11. 11.
    Cash, D., Jarecki, S., Jutla, C., Krawczyk, H., Roşu, M.-C., Steiner, M.: Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 353–373. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  12. 12.
    Datta, A., Derek, A., Mitchell, J.C., Roy, A.: Protocol composition logic (PCL). Electronic Notes in Theoretical Computer Science 172, 311–358 (2007)CrossRefMathSciNetGoogle Scholar
  13. 13.
    Datta, A., Derek, A., Mitchell, J.C., Turuani, M.: Probabilistic polynomial-time semantics for a protocol security logic. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 16–29. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  14. 14.
    Elgamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory 31(4), 469–472 (1985)CrossRefzbMATHMathSciNetGoogle Scholar
  15. 15.
    Fournet, C., Kohlweiss, M., Strub, P.Y.: Modular code-based cryptographic verification. In: Chen, Y., Danezis, G., Shmatikov, V. (eds.) ACM Conference on Computer and Communications Security, pp. 341–350. ACM (2011)Google Scholar
  16. 16.
    Halevi, S.: A plausible approach to computer-aided cryptographic proofs. Cryptology ePrint Archive, Report 2005/181 (2005), http://eprint.iacr.org/
  17. 17.
    The Coq development team: The Coq proof assistant reference manual. LogiCal Project (2004), version 8.0, http://coq.inria.fr
  18. 18.
    Nipkow, T., Paulson, L.C., Wenzel, M.: Isabelle/HOL. LNCS, vol. 2283. Springer, Heidelberg (2002)zbMATHGoogle Scholar
  19. 19.
    Nowak, D.: A framework for game-based security proofs. Cryptology ePrint Archive, Report 2007/199 (2007), http://eprint.iacr.org/
  20. 20.
    Ramsey, N., Pfeffer, A.: Stochastic lambda calculus and monads of probability distributions. In: Proceedings of the 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2002, pp. 154–165. ACM, New York (2002), http://doi.acm.org/10.1145/503272.503288 Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2015

Authors and Affiliations

  1. 1.Harvard UniversityCambridgeUSA
  2. 2.MIT Lincoln LaboratoryLexingtonUSA

Personalised recommendations