Programming Language Techniques for Cryptographic Proofs
نویسندگان
چکیده
CertiCrypt is a general framework to certify the security of cryptographic primitives in the Coq proof assistant. CertiCrypt adopts the code-based paradigm, in which the statement of security, and the hypotheses under which it is proved, are expressed using probabilistic programs. It provides a set of programming language tools (observational equivalence, relational Hoare logic, semantics-preserving program transformations) to assist in constructing proofs. Earlier publications of CertiCrypt provide an overview of its architecture and main components, and describe its application to signature and encryption schemes. This paper describes programming language techniques that arise specifically in cryptographic proofs. The techniques have been developed to complete a formal proof of IND-CCA security of the OAEP padding scheme. In this paper, we illustrate their usefulness for showing the PRP/PRF Switching Lemma, a fundamental cryptographic result that bounds the probability of an adversary to distinguish a family of pseudorandom functions from a family of pseudorandom permutations.
منابع مشابه
Formal certification of game-based cryptographic proofs. (Certification formelle de preuves cryptographiques basées sur les séquences de jeux)
The game-based approach is a popular methodology for structuring cryptographic proofs as sequences of games. Game-based proofs can be rigorously formalized by taking a code-centric view of games as probabilistic programs and relying on programming language techniques to justify proof steps. In this dissertation we present CertiCrypt, a framework that enables the machine-checked construction and...
متن کاملType-checking Implementations of Protocols Based on Zero-knowledge Proofs – Work in Progress –
We present the first static analysis technique for verifying implementations of cryptographic protocols based on zero-knowledge proofs. Protocols are implemented in RCF∧∨, a core calculus of ML with support for concurrency. Cryptographic primitives are considered as fully reliable building blocks and represented symbolically using a sealing mechanism. Zero-knowledge proofs, in particular, are s...
متن کاملProbabilistic Relational Hoare Logics for Computer-Aided Security Proofs
The provable security paradigm originates from the work of Goldwasser and Micali [10] and plays a central role in modern cryptography. Since its inception, the focus of provable security has gradually shifted towards practice-oriented provable security [4]. The central goal of practice-oriented provable security is to develop and analyze efficient cryptographic systems that can be used for prac...
متن کاملComputer Proven Correctness of the Rabin Public-Key Scheme
We decribe a formal specification and verification of the Rabin public-key scheme in the formal proof system Isabelle/HOL. The idea is to use the two views of cryptographic verification: the computational approach relying on the vocabulary of probability theory and complexity theory and the formal approach based on ideas and techniques from logic and programming languages. The analysis presente...
متن کاملIntroduction to the Coq Proof-Assistant for Practical Software Verification
This paper is a tutorial on using the Coq proof-assistant for reasoning on software correctness. It illustrates features of Coq like inductive definitions and proof automation on a few examples including arithmetic, algorithms on functional and imperative lists and cryptographic protocols. Coq is not a tool dedicated to software verification but a general purpose environment for developing math...
متن کامل