The inductive approach to verifying cryptographic protocols
Journal of Computer Security
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION
DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION
RSA-OAEP Is Secure under the RSA Assumption
Journal of Cryptology
Formal certification of a compiler back-end or: programming a compiler with a proof assistant
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A machine-checked model for a Java-like language, virtual machine, and compiler
ACM Transactions on Programming Languages and Systems (TOPLAS)
Computationally sound mechanized proofs for basic and public-key Kerberos
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Towards Producing Formally Checkable Security Proofs, Automatically
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
Towards automated proofs for asymmetric encryption schemes in the random oracle model
Proceedings of the 15th ACM conference on Computer and communications security
A Computationally Sound Mechanized Prover for Security Protocols
IEEE Transactions on Dependable and Secure Computing
Formal certification of code-based cryptographic proofs
Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A Formal Language for Cryptographic Pseudocode
LPAR '08 Proceedings of the 15th International Conference on Logic for Programming, Artificial Intelligence, and Reasoning
OAEP Is Secure under Key-Dependent Messages
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Proofs of randomized algorithms in Coq
Science of Computer Programming
Strengthening Security of RSA-OAEP
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
Formally Certifying the Security of Digital Signature Schemes
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
seL4: formal verification of an OS kernel
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Formal proof of provable security by game-playing in a proof assistant
ProvSec'07 Proceedings of the 1st international conference on Provable security
A framework for game-based security proofs
ICICS'07 Proceedings of the 9th international conference on Information and communications security
Computational indistinguishability logic
Proceedings of the 17th ACM conference on Computer and communications security
The security of triple encryption and a framework for code-based game-playing proofs
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Programming language techniques for cryptographic proofs
ITP'10 Proceedings of the First international conference on Interactive Theorem Proving
Computer-aided security proofs for the working cryptographer
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Verifiable security of Boneh-Franklin identity-based encryption
ProvSec'11 Proceedings of the 5th international conference on Provable security
Automated verification of block cipher modes of operation, an improved method
FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
Security protocol verification: symbolic and computational models
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Verified security of redundancy-free encryption from Rabin and RSA
Proceedings of the 2012 ACM conference on Computer and communications security
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Fully automated analysis of padding-based encryption in the computational model
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Probabilistic relational verification for cryptographic implementations
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
Hi-index | 0.00 |
OAEP is a widely used public-key encryption scheme based on trapdoor permutations. Its security proof has been scrutinized and amended repeatedly. Fifteen years after the introduction of OAEP, we present a machine-checked proof of its security against adaptive chosenciphertext attacks under the assumption that the underlying permutation is partial-domain one-way. The proof can be independently verified by running a small and trustworthy proof checker and fixes minor glitches that have subsisted in published proofs. We provide an overview of the proof, highlight the differences with earlier works, and explain in some detail a crucial step in the reduction: the elimination of indirect queries made by the adversary to random oracles via the decryption oracle. We also provide--within the limits of a conference paper--a broader perspective on independently verifiable security proofs.