Formal certification of code-based cryptographic proofs

Conference Record of the Annual ACM Symposium on Principles of Programming Languages

Volumn , Issue , 2009, Pages 90-101

  Barthe, Gilles ^a,b   Grégoire, Benjamin ^a,c   Béguelin, Santiago Zanella ^a,c  

^a MICROSOFT RESEARCH   (United States)

^b IMDEA SOFTWARE INSTITUTE   (Spain)

^c INRIA   (France)

Author keywords

Languages; Security; Theory; Verification

Indexed keywords

DEGREE OF CONFIDENCE; FAILURE EVENTS; FORMAL CERTIFICATION; FORMAL VERIFICATIONS; HOARE LOGIC; LANGUAGES; OBSERVATIONAL EQUIVALENCES; PROBABILISTIC PROGRAMS; PROGRAM TRANSFORMATIONS; PROGRAMMING LANGUAGE THEORY; PROOF ASSISTANT; PROOF STEPS; SECURITY; SEMANTIC SECURITY; SEMANTICS OF PROGRAMMING LANGUAGES; THEORY; TOOL SUPPORT; UNFORGEABILITY;

COMPUTER SOFTWARE SELECTION AND EVALUATION; CRYPTOGRAPHY; FORMAL LOGIC; LINGUISTICS; QUERY LANGUAGES; SEMANTICS;

GAME THEORY;

EID: 67649846626     PISSN: 07308566     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1480881.1480894     Document Type: Conference Paper

References (34)

1. M. Abadi and P. Rogaway. Reconciling two views of cryptography (the computational soundness of formal encryption). Journal of Cryptology, 15(2):103-127, 2002.
2. R. Affeldt, M. Tanaka, and N. Marti. Formal proof of provable security by game-playing in a proof assistant. In Proceedings of International Conference on Provable Security, volume 4784 of Lecture Notes in Computer Science, pages 151-168. Springer, 2007.
3. T. Amtoft, S. Bandhakavi, and A. Banerjee. A logic for information flow in object-oriented programs. In Proceedings of the 33rd ACM Symposium on Principles of Programming Languages, pages 91-102. ACM Press, 2006. (Pubitemid 43906961)
4. P. Audebaud and C. Paulin-Mohring. Proofs of randomized algorithms in Coq. Science of Computer Programming, 2008.
5. M. Backes and P. Laud. Computationally sound secrecy proofs by mechanized flow analysis. In Proceedings of the 13th ACM Conference on Computer and Communications Security, pages 370- 379. ACM Press, 2006. (Pubitemid 47131384)
6. G. Barthe, J. Cederquist, and S. Tarento. A machine-checked formalization of the generic model and the random oracle model. In 2nd International Joint Conference on Automated Reasoning, pages 385-399. Springer-Verlag, 2004. (Pubitemid 38939987)
7. M. Bellare and P. Rogaway. Optimal asymmetric encryption - How to encrypt with RSA. In Advances in Cryptology - EUROCRYPT'94, volume 950 of Lecture Notes in Computer Science, pages 92-111. Springer-Verlag, 1995.
8. M. Bellare and P. Rogaway. The security of triple encryption and a framework for code-based game-playing proofs. In Advances in Cryptology - EUROCRYPT'06, volume 4004 of Lecture Notes in Computer Science, pages 409-426, 2006. (Pubitemid 44072253)
9. N. Benton. Simple relational correctness proofs for static analyses and program transformations. In Proceedings of the 31th ACM Symposium on Principles of Programming Languages, pages 14-25. ACM Press, 2004.
10. Y. Bertot, B. Grégoire, and X. Leroy. A structured approach to proving compiler optimizations based on dataflow analysis. In International Workshop on Types for Proofs and Programs, volume 3839 of LNCS, pages 66-81. Springer-Verlag, 2006. (Pubitemid 43900644)
11. B. Blanchet. A computationally sound mechanized prover for security protocols. In IEEE Symposium on Security and Privacy, pages 140- 154, 2006. (Pubitemid 44753719)
12. B. Blanchet and D. Pointcheval. Automated security proofs with sequences of games. In Advances in Cryptology - CRYPTO'06, volume 4117 of Lecture Notes in Computer Science, pages 537-554. Springer-Verlag, 2006. (Pubitemid 44532137)
13. R. Canetti, O. Goldreich, and S. Halevi. The random oracle methodology, revisited. J. ACM, 51(4):557-594, 2004.
14. R. Corin and J. den Hartog. A probabilistic Hoare-style logic for game-based cryptographic proofs. In Proceedings of the 33rd International Colloquium on Automata, Languages and Programming, volume 4052 of LNCS, pages 252-263, 2006. (Pubitemid 44113252)
15. J.-S. Coron. On the exact security of Full Domain Hash. In Advances in Cryptology, volume 1880 of Lecture Notes in Computer Science, pages 229-235. Springer-Verlag, 2000.
16. J. Courant, M. Daubignard, C. Ene, P. Lafourcade, and Y. Lakhnech. Towards automated proofs for asymmetric encryption in the random oracle model. In Computer and Communications Security. ACM Press, 2008.
17. E. Fujisaki, T. Okamoto, D. Pointcheval, and J. Stern. RSA-OAEP is secure under the RSA assumption. Journal of Cryptology, 17(2):81-104, 2004.
18. S. Goldwasser and S. Micali. Probabilistic encryption. J. Comput. Syst. Sci., 28(2):270-299, 1984. (Pubitemid 14586283)
19. S. Halevi. A plausible approach to computer-aided cryptographic proofs. Cryptology ePrint Archive, Report 2005/181, 2005.
20. J. Hurd, A. McIver, and C. Morgan. Probabilistic guarded commands mechanized in HOL. Theor. Comput. Sci., 346(1):96-112, 2005.
21. B. Jonsson, K. G. Larsen, and W. Yi. Probabilistic extensions of process algebras. In Handbook of Process Algebra, pages 685-711. Elsevier, 2001.
22. D. Kozen. Semantics of probabilistic programs. J. Comput. Syst. Sci., 22:328-350, 1981. (Pubitemid 12444639)
23. P. Laud. Semantics and program analysis of computationally secure information flow. In European Symposium on Programming, volume 2028 of Lecture Notes in Computer Science, pages 77-91. Springer- Verlag, 2001. (Pubitemid 33256352)
24. X. Leroy. Formal certification of a compiler back-end, or: programming a compiler with a proof assistant. In Proceedings of the 33rd ACM Symposium Principles of Programming Languages, pages 42-54. ACM Press, 2006. (Pubitemid 43906957)
25. C. Meadows. Formal methods for cryptographic protocol analysis: Emerging issues and trends. IEEE Journal on Selected Areas in Communications, 21(1):44-54, 2003.
26. D. Nowak. A framework for game-based security proofs. In Information and Communications Security, volume 4861, pages 319-333. Springer-Verlag, 2007.
27. N. Ramsey and A. Pfeffer. Stochastic lambda calculus and monads of probability distributions. In Proceedings of the 29th ACM Symposium on Principles of Programming Languages, pages 154-165. ACM Press, 2002. (Pubitemid 35009038)
28. A. Roy, A. Datta, A. Derek, and J. C. Mitchell. Inductive proofs of computational secrecy. In European Symposium On Research In Computer Security, volume 4734 of Lecture Notes in Computer Science, pages 219-234. Springer-Verlag, 2007.
29. A. Sabelfeld and D. Sands. A per model of secure information flow in sequential programs. Higher-Order and Symbolic Computation, 14(1):59-91, 2001. (Pubitemid 32366274)
30. V. Shoup. OAEP reconsidered. In Advances in Cryptology - CRYPTO'01, volume 2139 of Lecture Notes in Computer Science, pages 239-259. Springer-Verlag, 2001. (Pubitemid 33317919)
31. V. Shoup. Sequences of games: a tool for taming complexity in security proofs. Cryptology ePrint Archive, Report 2004/332, 2004.
32. C. Sprenger and D. Basin. Cryptographically-sound protocol-model abstractions. In Proceedings of CSF'08, pages 115-129. IEEE Computer Society, 2008.
33. J. Stern. Why provable security matters? In Advances in Cryptology - EUROCRYPT'03, volume 2656 of Lecture Notes in Computer Science. Springer-Verlag, 2003. (Pubitemid 137630671)
34. The Coq development team. The Coq Proof Assistant Reference Manual v8.1, 2006. Available at http://coq.inria.fr.