The Foundational Cryptography Framework

We present the Foundational Cryptography Framework FCF for developing and checking complete proofs of security for cryptographic schemes within a proof assistant. This is a general-purpose framework that is capable of modeling and reasoning about a wide range of cryptographic schemes, security definitions, and assumptions. Security is proven in the computational model, and the proof provides concrete bounds as well as asymptotic conclusions. FCF provides a language for probabilistic programs, a theory that is used to reason about programs, and a library of tactics and definitions that are useful in proofs about cryptography. The framework is designed to leverage fully the existing theory and capabilities of the Coq proof assistant in order to reduce the effort required to develop proofs.

[1]  Matthias Berg,et al.  Formal verification of cryptographic security proofs , 2013 .

[2]  Vitaly Shmatikov,et al.  Probabilistic Polynomial-Time Semantics for a Protocol Security Logic , 2005, ICALP.

[3]  Christine Paulin-Mohring,et al.  The coq proof assistant reference manual , 2000 .

[4]  John C. Mitchell,et al.  Protocol Composition Logic (PCL) , 2007, Computation, Meaning, and Logic.

[5]  Martín Abadi,et al.  Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption) , 2007, Journal of Cryptology.

[6]  Norman Ramsey,et al.  Stochastic lambda calculus and monads of probability distributions , 2002, POPL '02.

[7]  Andrew D. Gordon,et al.  Refinement Types for Secure Implementations , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[8]  Bruno Blanchet,et al.  Computationally Sound Mechanized Proofs of Correspondence Assertions , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).

[9]  Pierre-Yves Strub,et al.  Modular code-based cryptographic verification , 2011, CCS '11.

[10]  Lawrence Charles Paulson,et al.  Isabelle/HOL: A Proof Assistant for Higher-Order Logic , 2002 .

[11]  Andrew D. Gordon,et al.  Refinement Types for Secure Implementations , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[12]  Michael Backes,et al.  Computational Soundness of Symbolic Zero-Knowledge Proofs Against Active Attackers , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[13]  Hugo Krawczyk,et al.  Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries , 2013, IACR Cryptol. ePrint Arch..

[14]  David Nowak,et al.  A Framework for Game-Based Security Proofs , 2007, ICICS.

[15]  Gilles Barthe,et al.  Certified computer-aided cryptography: efficient provably secure machine code from high-level implementations , 2013, IACR Cryptol. ePrint Arch..

[16]  Shai Halevi,et al.  A plausible approach to computer-aided cryptographic proofs , 2005, IACR Cryptol. ePrint Arch..

[17]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[18]  Reynald Affeldt,et al.  Formal Proof of Provable Security by Game-Playing in a Proof Assistant , 2007, ProvSec.

[19]  Mihir Bellare,et al.  Code-Based Game-Playing Proofs and the Security of Triple Encryption , 2004, IACR Cryptol. ePrint Arch..

[20]  Benjamin Grégoire,et al.  Computer-Aided Security Proofs for the Working Cryptographer , 2011, CRYPTO.

[21]  Benjamin Grégoire,et al.  Formal certification of code-based cryptographic proofs , 2009, POPL '09.

[22]  Martín Abadi,et al.  Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption)* , 2000, Journal of Cryptology.