Stochastic lambda calculus and monads of probability distributions
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A Per Model of Secure Information Flow in Sequential Programs
Higher-Order and Symbolic Computation
Simple relational correctness proofs for static analyses and program transformations
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The random oracle methodology, revisited
Journal of the ACM (JACM)
RSA-OAEP Is Secure under the RSA Assumption
Journal of Cryptology
Formal certification of a compiler back-end or: programming a compiler with a proof assistant
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A logic for information flow in object-oriented programs
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A Computationally Sound Mechanized Prover for Security Protocols
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Probabilistic guarded commands mechanized in HOL
Theoretical Computer Science - Quantitative aspects of programming languages (QAPL 2004)
Computationally sound secrecy proofs by mechanized flow analysis
Proceedings of the 13th ACM conference on Computer and communications security
Cryptographically-Sound Protocol-Model Abstractions
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Inductive Proofs of Computational Secrecy
ESORICS '07 Proceedings of the 12th European symposium on Research In Computer Security
Towards automated proofs for asymmetric encryption schemes in the random oracle model
Proceedings of the 15th ACM conference on Computer and communications security
Proofs of randomized algorithms in Coq
Science of Computer Programming
Why provable security matters?
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Formal proof of provable security by game-playing in a proof assistant
ProvSec'07 Proceedings of the 1st international conference on Provable security
A framework for game-based security proofs
ICICS'07 Proceedings of the 9th international conference on Information and communications security
A probabilistic hoare-style logic for game-based cryptographic proofs
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
A structured approach to proving compiler optimizations based on dataflow analysis
TYPES'04 Proceedings of the 2004 international conference on Types for Proofs and Programs
Automated security proofs with sequences of games
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
The security of triple encryption and a framework for code-based game-playing proofs
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Formal methods for cryptographic protocol analysis: emerging issues and trends
IEEE Journal on Selected Areas in Communications
Formal Certification of ElGamal Encryption
Formal Aspects in Security and Trust
The Computational SLR: A Logic for Reasoning about Computational Indistinguishability
TLCA '09 Proceedings of the 9th International Conference on Typed Lambda Calculi and Applications
Computational indistinguishability logic
Proceedings of the 17th ACM conference on Computer and communications security
A certifying compiler for zero-knowledge proofs of knowledge based on Σ-protocols
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
The computational slr: A logic for reasoning about computational indistinguishability
Mathematical Structures in Computer Science
A calculus for game-based security proofs
ProvSec'10 Proceedings of the 4th international conference on Provable security
AuraConf: a unified approach to authorization and confidentiality
Proceedings of the 7th ACM SIGPLAN workshop on Types in language design and implementation
On the equality of probabilistic terms
LPAR'10 Proceedings of the 16th international conference on Logic for programming, artificial intelligence, and reasoning
Automated Proofs for Asymmetric Encryption
Journal of Automated Reasoning
Beyond provable security verifiable IND-CCA security of OAEP
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Proving the security of ElGamal encryption via indistinguishability logic
Proceedings of the 2011 ACM Symposium on Applied Computing
Measure transformer semantics for Bayesian machine learning
ESOP'11/ETAPS'11 Proceedings of the 20th European conference on Programming languages and systems: part of the joint European conferences on theory and practice of software
Relational verification using product programs
FM'11 Proceedings of the 17th international conference on Formal methods
Computer-aided security proofs for the working cryptographer
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Logical formalisation and analysis of the mifare classic card in PVS
ITP'11 Proceedings of the Second international conference on Interactive theorem proving
A formalization of polytime functions
ITP'11 Proceedings of the Second international conference on Interactive theorem proving
Verifiable security of Boneh-Franklin identity-based encryption
ProvSec'11 Proceedings of the 5th international conference on Provable security
A machine-checked framework for relational separation logic
SEFM'11 Proceedings of the 9th international conference on Software engineering and formal methods
Probabilistic relational reasoning for differential privacy
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A user interface for a game-based protocol verification tool
FAST'09 Proceedings of the 6th international conference on Formal Aspects in Security and Trust
Programming language techniques for cryptographic proofs
ITP'10 Proceedings of the First international conference on Interactive Theorem Proving
CPP'11 Proceedings of the First international conference on Certified Programs and Proofs
A computational indistinguishability logic for the bounded storage model
FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
Certifying assembly with formal security proofs: The case of BBS
Science of Computer Programming
Security protocol verification: symbolic and computational models
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Verified indifferentiable hashing into elliptic curves
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Probabilistic relational hoare logics for computer-aided security proofs
MPC'12 Proceedings of the 11th international conference on Mathematics of Program Construction
Full proof cryptography: verifiable compilation of efficient zero-knowledge protocols
Proceedings of the 2012 ACM conference on Computer and communications security
Verified security of redundancy-free encryption from Rabin and RSA
Proceedings of the 2012 ACM conference on Computer and communications security
Computer-Aided cryptographic proofs
SAS'12 Proceedings of the 19th international conference on Static Analysis
Automation in computer-aided cryptography: proofs, attacks and designs
CPP'12 Proceedings of the Second international conference on Certified Programs and Proofs
Computer-aided cryptographic proofs
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Bayesian inference using data flow analysis
Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering
Probabilistic Relational Reasoning for Differential Privacy
ACM Transactions on Programming Languages and Systems (TOPLAS)
Verifying quantitative reliability for programs that execute on unreliable hardware
Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications
Computationally complete symbolic attacker and key exchange
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
ICALP'13 Proceedings of the 40th international conference on Automata, Languages, and Programming - Volume Part II
Computer-Aided security proofs
QEST'13 Proceedings of the 10th international conference on Quantitative Evaluation of Systems
Probabilistic relational verification for cryptographic implementations
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
Proceedings of ACM SIGPLAN on Program Protection and Reverse Engineering Workshop 2014
Verified indifferentiable hashing into elliptic curves
Journal of Computer Security - Security and Trust Principles
Efficient construction of machine-checked symbolic protocol security proofs
Journal of Computer Security
Hi-index | 0.00 |
As cryptographic proofs have become essentially unverifiable, cryptographers have argued in favor of developing techniques that help tame the complexity of their proofs. Game-based techniques provide a popular approach in which proofs are structured as sequences of games and in which proof steps establish the validity of transitions between successive games. Code-based techniques form an instance of this approach that takes a code-centric view of games, and that relies on programming language theory to justify proof steps. While code-based techniques contribute to formalize the security statements precisely and to carry out proofs systematically, typical proofs are so long and involved that formal verification is necessary to achieve a high degree of confidence. We present Certicrypt, a framework that enables the machine-checked construction and verification of code-based proofs. Certicrypt is built upon the general-purpose proof assistant Coq, and draws on many areas, including probability, complexity, algebra, and semantics of programming languages. Certicrypt provides certified tools to reason about the equivalence of probabilistic programs, including a relational Hoare logic, a theory of observational equivalence, verified program transformations, and game-based techniques such as reasoning about failure events. The usefulness of Certicrypt is demonstrated through various examples, including a proof of semantic security of OAEP (with a bound that improves upon existing published results), and a proof of existential unforgeability of FDH signatures. Our work provides a first yet significant step towards Halevi's ambitious programme of providing tool support for cryptographic proofs.