Computer-Aided Proofs for Multiparty Computation with Active Security

Haagh, Helene; Karbyshev, Aleksandr; Oechsner, Sabine; Spitters, Bas; Strub, Pierre-Yves

doi:10.1109/csf.2018.00016

Cited by 17 publications

(20 citation statements)

References 25 publications

(40 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In EasyCrypt sometimes this is not possible. For example in [11] the authors had to prove on paper that the security definitions they formalised were equivalent to the traditional definitions in the literature. At a technical level this is because the proof technique in EasyCrypt is often to reduce proofs to showing properties about the equivalence of programs.…”

Section: Comparison With Easycryptmentioning

confidence: 99%

On the Formalisation of $$\varSigma $$ -Protocols and Commitment Schemes

Butler

Aspinall

Gascón

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

There is a fundamental relationship between Σ-protocols and commitment schemes whereby the former can be used to construct the latter. In this work we provide the first formal analysis in a proof assistant of such a relationship and in doing so formalise Σ-protocols and commitment schemes and provide proofs of security for well known instantiations of both primitives.Every definition and every theorem presented in this paper has been checked mechanically by the Isabelle/HOL proof assistant.

show abstract

Section: Comparison With Easycryptmentioning

confidence: 99%

On the Formalisation of $$\varSigma $$ -Protocols and Commitment Schemes

Butler

Aspinall

Gascón

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…There are a number of tools that can be used for reduction based cryptographic proofs such as CertiCrypt [4], CryptHOL [6], EasyCrypt [3] and FCF [36]. These tools were all initially designed for game-based cryptographic proofs however some have been used for simulationbased proofs too; in [11,12,14,29] standalone MPC protocols were considered whereas more recent work [17,33] considers composibility in the form of Constructive Cryptography and Universal Composibility respectively.…”

Section: Rivest Commitment Schemementioning

confidence: 99%

“…Formal methods offer one way to establish far higher levels of rigour in proofs and tools have been developed to formally reason about cryptography and obtain machine-checked proof of security statements. Formalisation of cryptography is a maturing area of research; the EasyCrypt framework [2] has captured proofs of low-lying cryptographic primitives [34] as well as MPC [29] and Universal Composibility [17]. Moreover CryptHOL [6] has also considered fundamental primitives [6,13] and MPC protocols [11,12] as well as Constructive Cryptography [33].…”

Section: Introductionmentioning

confidence: 99%

Formalising $$\varSigma $$-Protocols and Commitment Schemes Using CryptHOL

Butler

Lochbihler²,

Aspinall

et al. 2020

J Autom Reasoning

View full text Add to dashboard Cite

Machine-checked proofs of security are important to increase the rigour of provable security. In this work we present a formalised theory of two fundamental two party cryptographic primitives: $$\varSigma $$ Σ -protocols and Commitment Schemes. $$\varSigma $$ Σ -protocols allow a prover to convince a verifier that they possess some knowledge without leaking information about the knowledge. Commitment schemes allow a committer to commit to a message and keep it secret until revealing it at a later time. We use CryptHOL (Lochbihler in Archive of formal proofs, 2017) to formalise both primitives and prove secure multiple examples namely; the Schnorr, Chaum-Pedersen and Okamoto $$\varSigma $$ Σ -protocols as well as a construction that allows for compound (AND and OR) $$\varSigma $$ Σ -protocols and the Pedersen and Rivest commitment schemes. A highlight of the work is a formalisation of the construction of commitment schemes from $$\varSigma $$ Σ -protocols (Damgard in Lecture notes, 2002). We formalise this proof at an abstract level using the modularity available in Isabelle/HOL and CryptHOL. This way, the proofs of the instantiations come for free.

show abstract

“…Prominent examples are CryptoVerif [10], CertiCrypt [2], EasyCrypt [3], Verypto [9], FCF [30], and CryptHOL [6]. All these tools focus primarily on the gamebased paradigm, and the results on formalizing simulationbased proofs are limited to those that study individual protocols, e.g., [12], [17].…”

Section: A Problem Contextmentioning

confidence: 99%

Formalizing Constructive Cryptography using CryptHOL

Lochbihler¹,

Sefidgar

Basin

et al. 2019

2019 IEEE 32nd Computer Security Foundations Symposium (CSF)

View full text Add to dashboard Cite

Computer-aided cryptography increases the rigour of cryptographic proofs by mechanizing their verification. Existing tools focus mainly on game-based proofs, and efforts to formalize composable frameworks such as Universal Composability have met with limited success. In this paper, we formalize an instance of Constructive Cryptography, a generic theory allowing for clean, composable cryptographic security statements. Namely, we extend CryptHOL, a framework for game-based proofs, with an abstract model of Random Systems and provide proof rules for their equality and composition. We formalize security as a special kind of system construction in which a complex system is built from simpler ones. As a simple case study, we formalize the construction of an information-theoretically secure channel from a key, a random function, and an insecure channel.

show abstract

Computer-Aided Proofs for Multiparty Computation with Active Security

Cited by 17 publications

References 25 publications

On the Formalisation of $$\varSigma $$ -Protocols and Commitment Schemes

On the Formalisation of $$\varSigma $$ -Protocols and Commitment Schemes

Formalising $$\varSigma $$-Protocols and Commitment Schemes Using CryptHOL

Formalizing Constructive Cryptography using CryptHOL

Contact Info

Product

Resources

About