Full proof cryptography: verifiable compilation of efficient zero-knowledge protocols

Authors:
José Bacelar Almeida;Manuel Barbosa;Endre Bangerter;Gilles Barthe;Stephan Krenn;Santiago Zanella Béguelin
Affiliations:
Universidade do Minho, Minho, Portugal;Universidade do Minho, Minho, Portugal;Bern University of Applied Sciences, Bern, Switzerland;IMDEA Software Institute, Madrid, Spain;IST Austria, Klosterneuburg, Austria;Microsoft Research, Cambridge, United Kingdom
Venue:
Proceedings of the 2012 ACM conference on Computer and communications security
Year:
2012

Citing 33
Cited 5

Security without identification: transaction systems to make big brother obsolete

Communications of the ACM
The knowledge complexity of interactive proof-systems

STOC '85 Proceedings of the seventeenth annual ACM symposium on Theory of computing
A secure and privacy-protecting protocol for transmitting personal information between organizations

Proceedings on Advances in cryptology---CRYPTO '86
How to prove yourself: practical solutions to identification and signature problems

Proceedings on Advances in cryptology---CRYPTO '86
Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems

Journal of the ACM (JACM)
The design and implementation of a certifying compiler

PLDI '98 Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
Design and implementation of the idemix anonymous credential system

Proceedings of the 9th ACM conference on Computer and communications security
A "Paradoxical" Indentity-Based Signature Scheme Resulting from Zero-Knowledge

CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols

CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations

CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Efficient Group Signature Schemes for Large Groups (Extended Abstract)

CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
How to Leak a Secret

ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
An Efficient Off-line Electronic Cash System Based On The Representation Problem.

An Efficient Off-line Electronic Cash System Based On The Representation Problem.
Automatic generation of two-party computations

Proceedings of the 10th ACM conference on Computer and communications security
Off-the-record communication, or, why not to use PGP

Proceedings of the 2004 ACM workshop on Privacy in the electronic society
Direct anonymous attestation

Proceedings of the 11th ACM conference on Computer and communications security
Translation and Run-Time Validation of Loop Transformations

Formal Methods in System Design
Formal certification of a compiler back-end or: programming a compiler with a proof assistant

Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Fairplay—a secure two-party computation system

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
A Security Protocol Compiler Generating C Source Codes

ISA '08 Proceedings of the 2008 International Conference on Information Security and Assurance (isa 2008)
Type-checking zero-knowledge

Proceedings of the 15th ACM conference on Computer and communications security
Formal certification of code-based cryptographic proofs

Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A non-interactive deniable authentication scheme based on designated verifier proofs

Information Sciences: an International Journal
Asynchronous Multiparty Computation: Theory and Implementation

Irvine Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09
Multi-party off-the-record messaging

Proceedings of the 16th ACM conference on Computer and communications security
A signature scheme with efficient protocols

SCN'02 Proceedings of the 3rd international conference on Security in communication networks
A Machine-Checked Formalization of Sigma-Protocols

CSF '10 Proceedings of the 2010 23rd IEEE Computer Security Foundations Symposium
A certifying compiler for zero-knowledge proofs of knowledge based on Σ-protocols

ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Automatic generation of sigma-protocols

EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
ZKPDL: a language-based system for efficient zero-knowledge proofs and electronic cash

USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Computer-aided security proofs for the working cryptographer

CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Probabilistic relational reasoning for differential privacy

POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Verified indifferentiable hashing into elliptic curves

POST'12 Proceedings of the First international conference on Principles of Security and Trust

Automation in computer-aided cryptography: proofs, attacks and designs

CPP'12 Proceedings of the Second international conference on Certified Programs and Proofs
Probabilistic Relational Reasoning for Differential Privacy

ACM Transactions on Programming Languages and Systems (TOPLAS)
Computer-Aided security proofs

QEST'13 Proceedings of the 10th international conference on Quantitative Evaluation of Systems
ZQL: a compiler for privacy-preserving data processing

SEC'13 Proceedings of the 22nd USENIX conference on Security
Verified indifferentiable hashing into elliptic curves

Journal of Computer Security - Security and Trust Principles

Quantified Score

Hi-index	0.00

Visualization

Abstract

Developers building cryptography into security-sensitive applications face a daunting task. Not only must they understand the security guarantees delivered by the constructions they choose, they must also implement and combine them correctly and efficiently. Cryptographic compilers free developers from this task by turning high-level specifications of security goals into efficient implementations. Yet, trusting such tools is hard as they rely on complex mathematical machinery and claim security properties that are subtle and difficult to verify. In this paper we present ZKCrypt, an optimizing cryptographic compiler achieving an unprecedented level of assurance without sacrificing practicality for a comprehensive class of cryptographic protocols, known as Zero-Knowledge Proofs of Knowledge. The pipeline of ZKCrypt integrates purpose-built verified compilers and verifying compilers producing formal proofs in the CertiCrypt framework. By combining the guarantees delivered by each stage, ZKCrypt provides assurance that the output implementation securely realizes the abstract proof goal given as input. We report on the main characteristics of ZKCrypt, highlight new definitions and concepts at its foundations, and illustrate its applicability through a representative example of an anonymous credential system