A machine-checked formalization of sigma-protocols

Proceedings - IEEE Computer Security Foundations Symposium

Volumn , Issue , 2010, Pages 246-260

  Barthe, Gilles ^a   Hedin, Daniel ^a   Béguelin, Santiago Zanella ^a   Grégoire, Benjamin ^b   Heraud, Sylvain ^b  

^a IMDEA SOFTWARE INSTITUTE   (Spain)

^b INRIA   (France)

Author keywords

[No Author keywords available]

Indexed keywords

COMPOSABILITY; COQ PROOF ASSISTANT; CRYPTOGRAPHIC SYSTEMS; SECURITY PROOFS; SECURITY PROPERTIES; SIGNATURE SCHEME; ZERO KNOWLEDGE PROOF;

CRYPTOGRAPHY; NETWORK PROTOCOLS; SECURITY SYSTEMS;

NETWORK SECURITY;

EID: 77957567040     PISSN: 19401434     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSF.2010.24     Document Type: Conference Paper

References (30)

1. S. Goldwasser, S. Micali, and C. Rackoff, "The knowledge complexity of interactive proof systems, " SIAM J. Comput., vol. 18, no. 1, pp. 186-208, 1989.
2. O. Goldreich, "Zero-knowledge twenty years after its invention, " Electronic Colloquium on Computational Complexity, Tech. Rep. TR02-063, 2002.
3. M. Backes, M. P. Grochulla, C. Hritcu, and M. Maffei, "Achieving security despite compromise using zeroknowledge, " in Proceedings of the 22nd IEEE Computer Security Foundations Symposium, CSF 2009. IEEE Computer Society, 2009, pp. 308-323.
4. R. Cramer, "Modular design of secure yet practical cryptographic protocols, " Ph.D. dissertation, CWI and Uni. of Amsterdam, 1996.
5. G. Barthe, B. Grégoire, and S. Zanella Béguelin, "Formal certification of code-based cryptographic proofs, " in Proceedings of the 36th ACM Symposium on Principles of Programming Languages. ACM Press, 2009, pp. 90-101.
6. S. Zanella Béguelin, B. Grégoire, G. Barthe, and F. Olmedo, "Formally certifying the security of digital signature schemes, " in 30th IEEE Symposium on Security and Privacy, S&P 2009. IEEE Computer Society, 2009, pp. 237-250.
7. G. Barthe, B. Grégoire, S. Heraud, and S. Zanella Béguelin, "Formal certification of ElGamal encryption. A gentle introduction to CertiCrypt, " in 5th International Workshop on Formal Aspects in Security and Trust, FAST 2008, ser. LNCS, vol. 5491. Springer-Verlag, 2009, pp. 1-19.
8. The Coq development team, "The Coq Proof Assistant Reference Manual Version 8.2, " 2009, online - http://coq.inria.fr.
9. U. Maurer, "Unifying zero-knowledge proofs of knowledge, " in Progress in Cryptology - AFRICACRYPT 2009, ser. LNCS, vol. 5580. Springer-Verlag, 2009, pp. 272-286.
10. E. Bangerter, J. Camenisch, S. Krenn, A.-R. Sadeghi, and T. Schneider, "Automatic generation of sound zero-knowledge protocols, " Cryptology ePrint Archive, Report 2008/471, 2008, online - http://eprint.iacr.org/2008/471.
11. E. Bangerter, J. Camenisch, and S. Krenn, "Efficiency limitations for sigma-protocols for group homomrphisms, " in Theory of Cryptography Conference, TCC 2010, ser. LNCS, vol. 5978. Springer-Verlag, 2010, pp. 553-571.
12. X. Leroy, "Formal certification of a compiler back-end, or: programming a compiler with a proof assistant, " in Proceedings of the 33rd ACM Symposium Principles of Programming Languages. ACM Press, 2006, pp. 42-54.
13. G. Barthe, B. Grégoire, C. Kunz, and T. Rezk, "Certificate translation for optimizing compilers, " ACM Trans. Program. Lang. Syst., vol. 31, no. 5, pp. 1-45, 2009.
14. M. Backes, M. Maffei, and D. Unruh, "Zero-knowledge in the applied pi-calculus and automated verification of the direct anonymous attestation protocol, " in 2008 IEEE Symposium on Security and Privacy. IEEE Computer Society, 2008, pp. 202-215.
15. M. Backes, C. Hritcu, and M. Maffei, "Type-checking zeroknowledge, " in Proceedings of the 15th ACM conference on Computer and communications security, CCS'08. ACM Press, 2008, pp. 357-370.
16. M. Abadi and P. Rogaway, "Reconciling two views of cryptography (the computational soundness of formal encryption), " Journal of Cryptology, vol. 15, no. 2, pp. 103-127, 2002.
17. V. Cortier and B. Warinschi, "Computationally sound, automated proofs for security protocols, " in Proceedings of ESOP'05, ser. LNCS, vol. 3444. Springer-Verlag, 2005, pp. 157-171.
18. P. Audebaud and C. Paulin-Mohring, "Proofs of randomized algorithms in Coq, " Science of Computer Programming, vol. 74, no. 8, pp. 568-589, 2009.
19. I. Damgård and B. Pfitzmann, "Sequential iteration of interactive arguments and an efficient zero-knowledge argument for NP, " in International Colloquium on Automata, Languages and Programming, ICALP'98, ser. LNCS, vol. 1443. Springer-Verlag, 1998, pp. 772-783.
20. C.-P. Schnorr, "Efficient signature generation by smart cards, " J. Cryptology, vol. 4, no. 3, pp. 161-174, 1991.
21. T. Okamoto, "Provably secure and practical identification schemes and corresponding signature schemes, " in Advances in Cryptology - CRYPTO'92, ser. LNCS, vol. 740. Springer-Verlag, 1992, pp. 31-53.
22. L. C. Guillou and J.-J. Quisquater, "A practical zeroknowledge protocol fitted to security microprocessor minimizing both transmission and memory, " in Advances in Cryptology - EUROCRYPT'88, ser. LNCS, vol. 330. Springer-Verlag, 1988, pp. 123-128.
23. A. Fiat and A. Shamir, "How to prove yourself: Practical solutions to identification and signature problems, " in Advances in Cryptology, CRYPTO'86, ser. LNCS, vol. 263. Springer-Verlag, 1986, pp. 186-194.
24. U. Feige, A. Fiat, and A. Shamir, "Zero-knowledge proofs of identity, " J. Cryptology, vol. 1, no. 2, pp. 77-94, 1988.
25. I. Damgård, "On sigma-protocols, " Lecture Notes, 2008.
26. O. Goldreich and Y. Oren, "Definitions and properties of zeroknowledge proof systems, " Journal of Cryptology, vol. 7, pp. 1-32, 1994.
27. J. A. Garay, P. MacKenzie, and K. Yang, "Strengthening zeroknowledge protocols using signatures, " in In proceedings of EUROCRYPT 03, LNCS series. Springer-Verlag, 2003, pp. 177-194.
28. I. Damgård, "Efficient concurrent zero-knowledge in the auxiliary string model, " in Advances in Cryptology - EUROCRYPT' 00, ser. LNCS, vol. 1807. Springer-Verlag, 2000, pp. 418-430.
29. M. Blum, P. Feldman, and S. Micali, "Non-interactive zeroknowledge and its applications, " in Proceedings of the 20th annual ACM symposium on Theory of computing, STOC'88. ACM Press, 1988, pp. 103-112.
30. I. Damgård, "On the existence of bit commitment schemes and zero-knowledge, " in Advances in Cryptology - CRYPTO'89, ser. LNCS, vol. 435, 1989, pp. 17-27.