Abstract
Many proofs of interactive cryptographic protocols (e.g., as in Universal Composability) operate by proving the protocol at hand to be observationally equivalent to an idealized specification. While pervasive, formal tool support for observational equivalence of cryptographic protocols is still a nascent area of research. Current mechanization efforts tend to either focus on diff-equivalence, which establishes observational equivalence between protocols with identical control structures, or require an explicit witness for the observational equivalence in the form of a bisimulation relation. Our goal is to simplify proofs for cryptographic protocols by introducing a core calculus, IPDL, for cryptographic observational equivalences. Via IPDL, we aim to address a number of theoretical issues for cryptographic proofs in a simple manner, including probabilistic behaviors, distributed message-passing, and resource-bounded adversaries and simulators. We demonstrate IPDL on a number of case studies, including a distributed coin toss protocol, Oblivious Transfer, and the GMW multi-party computation protocol. All proofs of case studies are mechanized via an embedding of IPDL into the Coq proof assistant.
- Martin Abadi and Phillip Rogaway. 2002. Reconciling two views of cryptography (the computational soundness of formal encryption). Journal of cryptology, 15, 2 (2002), 103–127.
Google Scholar
Digital Library
- Michael Backes, Ankit Malik, and Dominique Unruh. 2012. Computational Soundness without Protocol Restrictions. In Proceedings of the 2012 ACM Conference on Computer and Communications Security (CCS ’12). Association for Computing Machinery, New York, NY, USA. 699–711. isbn:9781450316514 https://doi.org/10.1145/2382196.2382270
Google Scholar
Digital Library
- Michael Backes, Birgit Pfitzmann, and Michael Waidner. 2007. The reactive simulatability (RSIM) framework for asynchronous systems. Information and Computation, 205, 12 (2007), 1685–1720. issn:0890-5401 https://doi.org/10.1016/j.ic.2007.05.002
Google Scholar
Digital Library
- David Baelde, Stéphanie Delaune, Charlie Jacomme, Adrien Koutsos, and Solène Moreau. 2021. An Interactive Prover for Protocol Verification in the Computational Model. In SP 2021 - 42nd IEEE Symposium on Security and Privacy. San Fransisco / Virtual, United States. https://hal.archives-ouvertes.fr/hal-03172119
Google Scholar
- Gergei Bana and Hubert Comon-Lundh. 2014. A Computationally Complete Symbolic Attacker for Equivalence Properties. Proceedings of the ACM Conference on Computer and Communications Security, 11, https://doi.org/10.1145/2660267.2660276
Google Scholar
Digital Library
- M. Barbosa, G. Barthe, K. Bhargavan, B. Blanchet, C. Cremers, K. Liao, and B. Parno. 2021. SoK: Computer-Aided Cryptography. In 2021 2021 IEEE Symposium on Security and Privacy (SP). IEEE Computer Society, Los Alamitos, CA, USA. 777–795. issn:2375-1207 https://doi.org/10.1109/SP40001.2021.00008
Google Scholar
Cross Ref
- Manuel Barbosa, Gilles Barthe, Benjamin Grégoire, Adrien Koutsos, and Pierre-Yves Strub. 2021. Mechanized Proofs of Adversarial Complexity and Application to Universal Composability. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (CCS ’21). Association for Computing Machinery, New York, NY, USA. 2541–2563. isbn:9781450384544 https://doi.org/10.1145/3460120.3484548
Google Scholar
Digital Library
- G. Barthe, B. Grégoire, S. Heraud, and Santiago Zanella Béguelin. 2011. Computer-Aided Security Proofs for the Working Cryptographer. In CRYPTO.
Google Scholar
- Gilles Barthe, Benjamin Grégoire, and Benedikt Schmidt. 2015. Automated proofs of pairing-based cryptography. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. 1156–1168.
Google Scholar
Digital Library
- Donald Beaver. 1995. Precomputing oblivious transfer. In Annual International Cryptology Conference. 97–109.
Google Scholar
Cross Ref
- Karthikeyan Bhargavan, Abhishek Bichhawat, Quoc Huy Do, Pedram Hosseyni, Ralf Küsters, Guido Schmitz, and Tim Würtele. 2021. DY* : A Modular Symbolic Verification Framework for Executable Cryptographic Protocol Code. In EuroS&P 2021 - 6th IEEE European Symposium on Security and Privacy. Virtual, Austria. https://hal.inria.fr/hal-03178425
Google Scholar
- Bruno Blanchet. 2006. A Computationally Sound Mechanized Prover for Security Protocols. 140–154. https://doi.org/10.1109/SP.2006.1
Google Scholar
Digital Library
- Bruno Blanchet. 2013. Automatic verification of security protocols in the symbolic model: The verifier proverif. In Foundations of security analysis and design VII. Springer, 54–87.
Google Scholar
- Manuel Blum. 1983. Coin flipping by telephone a protocol for solving impossible problems. ACM SIGACT News, 15, 1 (1983), 23–27.
Google Scholar
Digital Library
- David Butler, David Aspinall, and Adrià Gascón. 2020. Formalising Oblivious Transfer in the Semi-Honest and Malicious Model in CryptHOL. In Proceedings of the 9th ACM SIGPLAN International Conference on Certified Programs and Proofs (CPP 2020). Association for Computing Machinery, New York, NY, USA. 229–243. isbn:9781450370974 https://doi.org/10.1145/3372885.3373815
Google Scholar
Digital Library
- Ran Canetti. 2000. Universally Composable Security: A New Paradigm for Cryptographic Protocols. Cryptology ePrint Archive, Report 2000/067. https://ia.cr/2000/067
Google Scholar
- Ran Canetti, Alley Stoughton, and Mayank Varia. 2019. EasyUC: Using EasyCrypt to Mechanize Proofs of Universally Composable Security. In 32nd IEEE Computer Security Foundations Symposium. https://eprint.iacr.org/2019/582
Google Scholar
Cross Ref
- Miguel Castro and Barbara Liskov. 1999. Practical byzantine fault tolerance. In OsDI. 99, 173–186.
Google Scholar
Digital Library
- Veronique Cortier and Bogdan Warinschi. 2011. A Composable Computational Soundness Notion. In Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS ’11). Association for Computing Machinery, New York, NY, USA. 63–74. isbn:9781450309486 https://doi.org/10.1145/2046707.2046717
Google Scholar
Digital Library
- Cas J. F. Cremers. 2008. The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols. In Computer Aided Verification, Aarti Gupta and Sharad Malik (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 414–418.
Google Scholar
- Karim M. El Defrawy and Vitor Pereira. 2019. A High-Assurance Evaluator for Machine-Checked Secure Multiparty Computation. Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security.
Google Scholar
- Danny Dolev and Andrew Yao. 1983. On the security of public key protocols. IEEE Transactions on information theory, 29, 2 (1983), 198–208.
Google Scholar
Digital Library
- Denis Firsov and Dominique Unruh. 2022. Reflection, Rewinding, and Coin-Toss in EasyCrypt. In Proceedings of the 11th ACM SIGPLAN International Conference on Certified Programs and Proofs (CPP 2022). Association for Computing Machinery, New York, NY, USA. 166–179. isbn:9781450391825 https://doi.org/10.1145/3497775.3503693
Google Scholar
Digital Library
- Joshua Gancher, Kristina Sojakova, Xiong Fan, Elaine Shi, and Greg Morrisett. 2022. A Core Calculus for Equational Proofs of Distributed Cryptographic Protocols: Supplemental Material. https://github.com/ipdl/ipdl
Google Scholar
- Oded Goldreich, Silvio Micali, and Avi Wigderson. 1987. How to play any mental game. In Proceedings of the nineteenth annual ACM symposium on Theory of computing. 218–229.
Google Scholar
Digital Library
- Andrew K. Hirsch and Deepak Garg. 2022. Pirouette: Higher-Order Typed Functional Choreographies. Proc. ACM Program. Lang., 6, POPL (2022), Article 23, jan, 27 pages. https://doi.org/10.1145/3498684
Google Scholar
Digital Library
- Kevin Liao, Matthew A. Hammer, and Andrew Miller. 2019. ILC: A Calculus for Composable, Computational Cryptography. In Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2019). Association for Computing Machinery, New York, NY, USA. 640–654. isbn:9781450367127 https://doi.org/10.1145/3314221.3314607
Google Scholar
Digital Library
- Yehuda Lindell. 2020. Secure Multiparty Computation. Commun. ACM, 64, 1 (2020), dec, 86–96. issn:0001-0782 https://doi.org/10.1145/3387108
Google Scholar
Digital Library
- Andreas Lochbihler and S. Reza Sefidgar. 2018. A tutorial introduction to CryptHOL. Cryptology ePrint Archive, Report 2018/941. https://ia.cr/2018/941
Google Scholar
- Andreas Lochbihler, S. Reza Sefidgar, David Basin, and Ueli Maurer. 2019. Formalizing Constructive Cryptography using CryptHOL. In 32nd IEEE Computer Security Foundations Symposium. http://www.andreas-lochbihler.de/pub/lochbihler2019csf.pdf
Google Scholar
Cross Ref
- Gavin Lowe. 1996. Breaking and fixing the Needham-Schroeder Public-Key Protocol using FDR. In Tools and Algorithms for the Construction and Analysis of Systems, Tiziana Margaria and Bernhard Steffen (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 147–166. isbn:978-3-540-49874-2
Google Scholar
- Assia Mahboubi and Enrico Tassi. 2021. Mathematical Components. Zenodo. https://doi.org/10.5281/zenodo.4457887
Google Scholar
Cross Ref
- Ueli Maurer. 2012. Constructive Cryptography – A New Paradigm for Security Definitions and Proofs. In Theory of Security and Applications, Sebastian Mödersheim and Catuscia Palamidessi (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 33–56. isbn:978-3-642-27375-9
Google Scholar
- Simon Meier, Benedikt Schmidt, Cas Cremers, and David Basin. 2013. The TAMARIN Prover for the Symbolic Analysis of Security Protocols. In Computer Aided Verification, Natasha Sharygina and Helmut Veith (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 696–701. isbn:978-3-642-39799-8
Google Scholar
- Robin Milner, Joachim Parrow, and David Walker. 1992. A calculus of mobile processes, I. Information and Computation, 100, 1 (1992), 1–40. issn:0890-5401 https://doi.org/10.1016/0890-5401(92)90008-4
Google Scholar
Digital Library
- Moni Naor and Benny Pinkas. 1999. Oblivious transfer and polynomial evaluation. In Proceedings of the thirty-first annual ACM symposium on Theory of computing. 245–254.
Google Scholar
Digital Library
- Adam Petcher and Greg Morrisett. 2015. The Foundational Cryptography Framework. In Principles of Security and Trust, Riccardo Focardi and Andrew Myers (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 53–72. isbn:978-3-662-46666-7
Google Scholar
- S. Schneider. 1996. Security properties and CSP. In Proceedings 1996 IEEE Symposium on Security and Privacy. 174–187. https://doi.org/10.1109/SECPRI.1996.502680
Google Scholar
Cross Ref
Index Terms
A Core Calculus for Equational Proofs of Cryptographic Protocols
Recommendations
Resource Fairness and Composability of Cryptographic Protocols
We introduce the notion of resource-fair protocols. Informally, this property states that if one party learns the output of the protocol, then so can all other parties, as long as they expend roughly the same amount of resources. As opposed to ...
Probabilistic Termination and Composability of Cryptographic Protocols
When analyzing the round complexity of multi-party protocols, one often overlooks the fact that underlying resources, such as a broadcast channel, can by themselves be expensive to implement. For example, it is well known that it is impossible to ...
A Probabilistic Scheduler for the Analysis of Cryptographic Protocols
When modelling cryto-protocols by means of process calculi which express both nondeterministic and probabilistic behavior, it is customary to view the scheduler as an intruder. It has been established that the traditional scheduler needs to be carefully ...






Comments