Reflection, rewinding, and coin-toss in EasyCrypt

Firsov, Denis; Unruh, Dominique

doi:10.1145/3497775.3503693

Search citation statements

Order By: Relevance

Paper Sections

Select...

Citation Types

Supporting

Mentioning

Contrasting

Year Published

2022

2023

Publication Types

Select...

Other2

Article1

Relationship

Self Cite1

Independent2

Authors

Journals

Cited by 3 publications

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Zero-Knowledge in EasyCrypt

Firsov,

Unruh

2023

2023 IEEE 36th Computer Security Foundations Symposium (CSF)

View full text Add to dashboard Cite

Zero-Knowledge in EasyCrypt

Firsov,

Unruh

2023

2023 IEEE 36th Computer Security Foundations Symposium (CSF)

View full text Add to dashboard Cite

Reflection, rewinding, and coin-toss in EasyCrypt

Firsov

Unruh

2022

Proceedings of the 11th ACM SIGPLAN International Conference on Certified Programs and Proofs

Self Cite

View full text Add to dashboard Cite

In this paper we derive a suite of lemmas which allows users to internally reflect EasyCrypt programs into distributions which correspond to their denotational semantics (probabilistic reflection). Based on this we develop techniques for reasoning about rewinding of adversaries in EasyCrypt. (A widely used technique in cryptology.) We use our reflection and rewindability results to prove the security of a coin-toss protocol.CCS Concepts: • Security and privacy → Logic and verification.

show abstract

A Core Calculus for Equational Proofs of Cryptographic Protocols

Gancher

Sojakova

Fan

et al. 2023

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

Many proofs of interactive cryptographic protocols (e.g., as in Universal Composability) operate by proving the protocol at hand to be observationally equivalent to an idealized specification. While pervasive, formal tool support for observational equivalence of cryptographic protocols is still a nascent area of research. Current mechanization efforts tend to either focus on diff-equivalence, which establishes observational equivalence between protocols with identical control structures, or require an explicit witness for the observational equivalence in the form of a bisimulation relation. Our goal is to simplify proofs for cryptographic protocols by introducing a core calculus, IPDL, for cryptographic observational equivalences. Via IPDL, we aim to address a number of theoretical issues for cryptographic proofs in a simple manner, including probabilistic behaviors, distributed message-passing, and resource-bounded adversaries and simulators. We demonstrate IPDL on a number of case studies, including a distributed coin toss protocol, Oblivious Transfer, and the GMW multi-party computation protocol. All proofs of case studies are mechanized via an embedding of IPDL into the Coq proof assistant.

show abstract

Reflection, rewinding, and coin-toss in EasyCrypt

Cited by 3 publications

References 16 publications

Zero-Knowledge in EasyCrypt

Zero-Knowledge in EasyCrypt

Reflection, rewinding, and coin-toss in EasyCrypt

A Core Calculus for Equational Proofs of Cryptographic Protocols

Contact Info

Product

Resources

About