A verified extensible library of elliptic curves

Proceedings - IEEE Computer Security Foundations Symposium

Volumn 2016-August, Issue , 2016, Pages 296-309

  Zinzindohoué, Jean Karim ^a   Bartzia, Evmorfia Iro ^a   Bhargavan, Karthikeyan ^a  

^a INRIA   (France)

Author keywords

[No Author keywords available]

Indexed keywords

CODES (SYMBOLS); PUBLIC KEY CRYPTOGRAPHY; SECURITY OF DATA; SECURITY SYSTEMS; SIDE CHANNEL ATTACK; THEOREM PROVING;

ARBITRARY PRECISION; CRYPTOGRAPHIC CODES; DEPENDENTLY TYPED PROGRAMMING; ELLIPTIC CURVE CRYPTOGRAPHY; EXTENSIBLE LIBRARY; MATHEMATICAL SPECIFICATIONS; TECHNICAL INNOVATION; TRANSPORT LAYER SECURITY;

GEOMETRY;

EID: 84985991108     PISSN: 19401434     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSF.2016.28     Document Type: Conference Paper

References (31)

1. G. Barthe, B. Grégoire, and S. Zanella Béguelin, "Formal certification of code-based cryptographic proofs, " pp. 90-101, 2009.
2. G. Barthe, B. Grégoire, S. Heraud, and S. Z. Béguelin, "Computeraided security proofs for the working cryptographer, " in Advances in Cryptology (CRYPTO), 2011, pp. 71-90.
3. K. Bhargavan, C. Fournet, M. Kohlweiss, A. Pironti, P.-Y. Strub, and S. Zanella-Béguelin, "Proving the tls handshake secure (as it is), " in Advances in Cryptology (CRYPTO), 2014, pp. 235-255.
4. N. J. Al Fardan and K. G. Paterson, "Lucky thirteen: Breaking the tls and dtls record protocols, " in IEEE Symposium on Security and Privacy (Oakland), 2013, pp. 526-540.
5. A. W. Appel, "Verification of a cryptographic primitive: Sha-256, " ACM Transactions on Programming Languages and Systems (TOPLAS), vol. 37, no. 2, p. 7, 2015.
6. G. Barthe, G. Betarte, J. Campo, C. Luna, and D. Pichardie, "Systemlevel non-interference for constant-time cryptography, " in Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2014, pp. 1267-1279.
7. J. B. Almeida, M. Barbosa, G. Barthe, and F. Dupressoir, "Verifiable side-channel security of cryptographic implementations: constant-time MEE-CBC, " IACR Cryptology ePrint Archive, vol. 2015, p. 1241, 2015. [Online]. Available: http://eprint.iacr.org/2015/1241
8. B. B. Brumley, M. Barbosa, D. Page, and F. Vercauteren, "Practical realisation and elimination of an ecc-related software bug attack, " in Topics in Cryptology-CT-RSA 2012. Springer, 2012, pp. 171-186.
9. OpenSSL, "Bignum squaring may produce incorrect results (cve-2014-3570), " Jan. 2015, https://www.openssl.org/news/secadv/20150108.txt.
10. D. Adrian, K. Bhargavan, Z. Durumeric, P. Gaudry, M. Green, J. A. Halderman, N. Heninger, D. Springall, E. Thomé, L. Valenta, B. VanderSloot, E. Wustrow, S. Zanella-Béguelin, and P. Zimmermann, "Imperfect forward secrecy: How diffie-hellman fails in practice, " in ACM Conference on Computer and Communications Security (CCS), 2015, pp. 5-17.
11. S. Checkoway, R. Niederhagen, A. Everspaugh, M. Green, T. Lange, T. Ristenpart, D. J. Bernstein, J. Maskiewicz, H. Shacham, and M. Fredrikson, "On the practical exploitability of dual ec in tls implementations, " in USENIX Security Symposium, 2014, pp. 319-335.
12. A. Langley and M. Hamburg, "Elliptic curves for security, " IETF RFC 7748, 2016.
13. E. Kasper, "We SSL, " Real World Cryptography, 2015.
14. A. Langlet and W.-T. Chang, "QUIC Crypto, " https://www.chromium. org/quic, 2015.
15. E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.3, " IETF Internet Draft, 2016.
16. K. Bhargavan, C. Fournet, M. Kohlweiss, A. Pironti, and P.-Y. Strub, "Implementing tls with verified cryptographic security, " in IEEE Symposium on Security & Privacy (Oakland), 2013, pp. 445-462.
17. T. Jager, J. Schwenk, and J. Somorovsky, "Practical invalid curve attacks on tls-ecdh, " in Computer Security-ESORICS 2015. Springer, 2015, pp. 407-425.
18. Y.-F. Chen, C.-H. Hsu, H.-H. Lin, P. Schwabe, M.-H. Tsai, B.-Y. Wang, B.-Y. Yang, and S.-Y. Yang, "Verifying curve25519 software, " in Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2014, pp. 299-309.
19. D. J. Bernstein, "qhasm software package (2007), " URL: http://cr. yp. to/qhasm. html. Citations in this document, vol. 4.
20. N. Swamy, C. Hritçu, C. Keller, A. Rastogi, A. Delignat-Lavaud, S. Forest, K. Bhargavan, C. Fournet, P.-Y. Strub, M. Kohlweiss, J.-K. Zinzindohoue, and S. Zanella-Béguelin, "Dependent types and multi-monadic effects in F, " in 43nd ACM SIGPLANSIGACT Symposium on Principles of Programming Languages (POPL). ACM, Jan. 2016, pp. 256-270. [Online]. Available: https://www.fstar-lang.org/papers/mumon/
21. E.-I. Bartzia and P.-Y. Strub, "A formal library for elliptic curves in the coq proof assistant, " in Interactive Theorem Proving. Springer, 2014, pp. 77-92.
22. J. B. Almeida, M. Barbosa, G. Barthe, and F. Dupressoir, "Certified computer-aided cryptography: efficient provably secure machine code from high-level implementations, " in ACM Conference on Computer and Communications Security (CCS), 2013, pp. 1217-1230.
23. N. Koblitz, "Elliptic curve cryptosystems, " Mathematics of Computation, vol. 48, no. 177, pp. 203-209, 1987.
24. W. J. Bowman and A. Ahmed, "Noninterference for free, " in ACM International Conference on Functional Programming (ICFP), 2015, pp. 101-113.
25. hyperelliptic.org, "SAGE script for montgomery curves addition and doubling, " http://www.hyperelliptic.org/EFD/g1p/auto-montgomxz. html#ladder-ladd-1987-m-2.
26. -, "SAGE script for weierstrass curves addition, " http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#additionadd-2007-bl.
27. -, "SAGE script for weierstrass curves doubling, " http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b.
28. D. J. Bernstein, "Curve25519: new diffie-hellman speed records, " in Public Key Cryptography-PKC 2006. Springer, 2006, pp. 207-228.
29. C. Hawblitzel, J. Howell, J. R. Lorch, A. Narayan, B. Parno, D. Zhang, and B. Zill, "Ironclad apps: End-to-end security via automated fullsystem verification, " in 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI 14), 2014, pp. 165-181.
30. L. Beringer, A. Petcher, K. Q. Ye, and A. W. Appel, "Verified correctness and security of openssl hmac, " in USENIX Security Symposium, 2015, pp. 207-221.
31. G. Inc, "Cryptol.