Skip to main content
SpringerLink
Log in

Verifying Classic McEliece: Examining the Role of Formal Methods in Post-Quantum Cryptography Standardisation

  • Conference paper
  • First Online:
Code-Based Cryptography (CBCrypto 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13839))

Included in the following conference series:

Abstract

Developers of computer-aided cryptographic tools are optimistic that formal methods will become a vital part of developing new cryptographic systems. We study the use of such tools to specify and verify the implementation of Classic McEliece, one of the code-based cryptography candidates in the fourth round of the NIST Post-Quantum standardisation Process. From our case study we draw conclusions about the practical applicability of these methods to the development of novel cryptography.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 44.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 59.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Announcing four candidates to be standardized, plus fourth round candidates: CSRC. https://csrc.nist.gov/News/2022/pqc-candidates-to-be-standardized-and-round-4. NIST Accessed 07 Sept 2022

  2. Control Bits Verification. https://github.com/linesthatinterlace/verif-cb. Wrenna Robson Accessed 12 Sept 2022

  3. Cryptography in Lean 4. https://github.com/joehendrix/lean-crypto. Joe Hendrix Accessed 7 Sept 2022

  4. Cryptol-Specs. https://github.com/GaloisInc/cryptol-specs. Galois Incorporated Accessed 7 Jan 2022

  5. Post-quantum cryptography: CSRC. https://csrc.nist.gov/projects/post-quantum-cryptography. NIST Accessed 18 Jan 2022

  6. PQC Verification. https://github.com/linesthatinterlace/pqc-verification. Wrenna Robson Accessed 7 Sept 2022

  7. Affeldt, R.: A Coq formalization of information theory and linear error correcting codes (2022). https://github.com/affeldt-aist/infotheo

  8. Albrecht, M.R., et al.: Classic McEliece: conservative code-based cryptography (2020). https://classic.mceliece.org/nist/mceliece-20201010.pdf

  9. Almeida, J.B., et al.: The last mile: high-assurance and high-speed cryptographic implementations. In: 2020 IEEE Symposium on Security and Privacy (SP), pp. 965–982. IEEE (2020)

    Google Scholar 

  10. Barbosa, M., et al.: SoK: computer-aided cryptography. In: 2021 IEEE Symposium on Security and Privacy (SP), pp. 777–795. IEEE (2021)

    Google Scholar 

  11. Bernstein, D.J.: djbsort (2019). https://sorting.cr.yp.to

  12. Bernstein, D.J.: Understanding binary-Goppa decoding (2019). https://cr.yp.to/papers/goppadecoding-20220320.pdf

  13. Bernstein, D.J.: Verified fast formulas for control bits for permutation networks (2020). https://ia.cr/2020/1493. Cryptology ePrint Archive, Report 2020/1493

  14. Bernstein, D.J.: Fast verified post-quantum software. In: International Cryptographic Module Conference 2021 (2021)

    Google Scholar 

  15. Bernstein, D.J., et al.: NTRU Prime: round 3 (2020). https://ntruprime.cr.yp.to/nist/ntruprime-20201007.pdf

  16. Bernstein, D.J., Chou, T., Schwabe, P.: McBits: fast constant-time code-based cryptography. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 250–272. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40349-1_15

    Chapter  Google Scholar 

  17. Bertot, Y., Huet, G., Castéran, P., Paulin-Mohring, C.: Interactive Theorem Proving and Program Development: Coq’Art: The Calculus of Inductive Constructions. Texts in Theoretical Computer Science An EATCS Series. Springer, Berlin (2013)

    Google Scholar 

  18. Bhargavan, K., et al.: Everest: towards a verified, drop-in replacement of HTTPS. In: 2nd Summit on Advances in Programming Languages (SNAPL 2017). Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik (2017)

    Google Scholar 

  19. Boston, B., et al.: Verified cryptographic code for everybody. In: Silva, A., Leino, K.R.M. (eds.) CAV 2021. LNCS, vol. 12759, pp. 645–668. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-81685-8_31

    Chapter  Google Scholar 

  20. Carter, K., Foltzer, A., Hendrix, J., Huffman, B., Tomb, A.: SAW: the software analysis workbench. In: Proceedings of the 2013 ACM SIGAda Annual Conference on High Integrity Language Technology, pp. 15–18 (2013)

    Google Scholar 

  21. Castryck, W., Decru, T.: An efficient key recovery attack on SIDH (preliminary version). Cryptology ePrint Archive, Paper 2022/975 (2022). https://eprint.iacr.org/2022/975

  22. Chou, T.: McBits revisited. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 213–231. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66787-4_11

    Chapter  Google Scholar 

  23. Chudnov, A., et al.: Continuous formal verification of amazon s2n. In: Chockler, H., Weissenbacher, G. (eds.) CAV 2018. LNCS, vol. 10982, pp. 430–446. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96142-2_26

    Chapter  Google Scholar 

  24. Erbsen, A., Philipoom, J., Gross, J., Sloan, R., Chlipala, A.: Simple high-level code for cryptographic arithmetic – with proofs, without compromises. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 1202–1219. IEEE (2019)

    Google Scholar 

  25. Erkök, L., Carlsson, M., Wick, A.: Hardware/software co-verification of cryptographic algorithms using Cryptol. In: 2009 Formal Methods in Computer-Aided Design, pp. 188–191. IEEE (2009)

    Google Scholar 

  26. Fu, Y.F., Liu, J., Shi, X., Tsai, M.H., Wang, B.Y., Yang, B.Y.: Signed cryptographic program verification with typed cryptoline. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 1591–1606 (2019)

    Google Scholar 

  27. The mathlib Community: The Lean mathematical library. In: Proceedings of the 9th ACM SIGPLAN International Conference on Certified Programs and Proofs, CPP 2020, pp. 367–381, New York. Association for Computing Machinery (2020)

    Google Scholar 

  28. McEliece, R.J.: A public-key cryptosystem based on algebraic coding theory. DSN Progress Report, 4244:114–116 (1978)

    Google Scholar 

  29. Mouha, N., Hailane, A.: The application of formal methods to real-world cryptographic algorithms, protocols, and systems. Computer 54(01), 29–38 (2021)

    Article  Google Scholar 

  30. Moura, L., Ullrich, S.: The Lean 4 theorem prover and programming language. In: Platzer, A., Sutcliffe, G. (eds.) CADE 2021. LNCS (LNAI), vol. 12699, pp. 625–635. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-79876-5_37

    Chapter  Google Scholar 

  31. Robson, W.: Classic McEliece Verification (2022). https://github.com/linesthatinterlace/pqc-verification

  32. Zinzindohoué, J.K., Bhargavan, K., Protzenko, J., Beurdouche, B.: HACL*: a verified modern cryptographic library. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1789–1806 (2017)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Royal Holloway University of London, Egham, UK

    Rachel Player & Wrenna Robson

  2. Simula UiB, Bergen, Norway

    Carlos Cid

  3. City, University of London, Northampton Square, London, UK

    Martin Brain

  4. Okinawa Institute of Science and Technology Graduate University, Okinawa, Japan

    Carlos Cid

Authors
  1. Martin Brain
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Carlos Cid
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rachel Player
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Wrenna Robson
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Wrenna Robson .

Editor information

Editors and Affiliations

  1. ENAC - University of Toulouse, Toulouse, France

    Jean-Christophe Deneuville

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Brain, M., Cid, C., Player, R., Robson, W. (2023). Verifying Classic McEliece: Examining the Role of Formal Methods in Post-Quantum Cryptography Standardisation. In: Deneuville, JC. (eds) Code-Based Cryptography. CBCrypto 2022. Lecture Notes in Computer Science, vol 13839. Springer, Cham. https://doi.org/10.1007/978-3-031-29689-5_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-29689-5_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-29688-8

  • Online ISBN: 978-3-031-29689-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation