skip to main content

A Core Calculus for Equational Proofs of Cryptographic Protocols

Published:11 January 2023Publication History
Skip Abstract Section

Abstract

Many proofs of interactive cryptographic protocols (e.g., as in Universal Composability) operate by proving the protocol at hand to be observationally equivalent to an idealized specification. While pervasive, formal tool support for observational equivalence of cryptographic protocols is still a nascent area of research. Current mechanization efforts tend to either focus on diff-equivalence, which establishes observational equivalence between protocols with identical control structures, or require an explicit witness for the observational equivalence in the form of a bisimulation relation. Our goal is to simplify proofs for cryptographic protocols by introducing a core calculus, IPDL, for cryptographic observational equivalences. Via IPDL, we aim to address a number of theoretical issues for cryptographic proofs in a simple manner, including probabilistic behaviors, distributed message-passing, and resource-bounded adversaries and simulators. We demonstrate IPDL on a number of case studies, including a distributed coin toss protocol, Oblivious Transfer, and the GMW multi-party computation protocol. All proofs of case studies are mechanized via an embedding of IPDL into the Coq proof assistant.

References

  1. Martin Abadi and Phillip Rogaway. 2002. Reconciling two views of cryptography (the computational soundness of formal encryption). Journal of cryptology, 15, 2 (2002), 103–127. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Michael Backes, Ankit Malik, and Dominique Unruh. 2012. Computational Soundness without Protocol Restrictions. In Proceedings of the 2012 ACM Conference on Computer and Communications Security (CCS ’12). Association for Computing Machinery, New York, NY, USA. 699–711. isbn:9781450316514 https://doi.org/10.1145/2382196.2382270 Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Michael Backes, Birgit Pfitzmann, and Michael Waidner. 2007. The reactive simulatability (RSIM) framework for asynchronous systems. Information and Computation, 205, 12 (2007), 1685–1720. issn:0890-5401 https://doi.org/10.1016/j.ic.2007.05.002 Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. David Baelde, Stéphanie Delaune, Charlie Jacomme, Adrien Koutsos, and Solène Moreau. 2021. An Interactive Prover for Protocol Verification in the Computational Model. In SP 2021 - 42nd IEEE Symposium on Security and Privacy. San Fransisco / Virtual, United States. https://hal.archives-ouvertes.fr/hal-03172119 Google ScholarGoogle Scholar
  5. Gergei Bana and Hubert Comon-Lundh. 2014. A Computationally Complete Symbolic Attacker for Equivalence Properties. Proceedings of the ACM Conference on Computer and Communications Security, 11, https://doi.org/10.1145/2660267.2660276 Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. M. Barbosa, G. Barthe, K. Bhargavan, B. Blanchet, C. Cremers, K. Liao, and B. Parno. 2021. SoK: Computer-Aided Cryptography. In 2021 2021 IEEE Symposium on Security and Privacy (SP). IEEE Computer Society, Los Alamitos, CA, USA. 777–795. issn:2375-1207 https://doi.org/10.1109/SP40001.2021.00008 Google ScholarGoogle ScholarCross RefCross Ref
  7. Manuel Barbosa, Gilles Barthe, Benjamin Grégoire, Adrien Koutsos, and Pierre-Yves Strub. 2021. Mechanized Proofs of Adversarial Complexity and Application to Universal Composability. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (CCS ’21). Association for Computing Machinery, New York, NY, USA. 2541–2563. isbn:9781450384544 https://doi.org/10.1145/3460120.3484548 Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. G. Barthe, B. Grégoire, S. Heraud, and Santiago Zanella Béguelin. 2011. Computer-Aided Security Proofs for the Working Cryptographer. In CRYPTO. Google ScholarGoogle Scholar
  9. Gilles Barthe, Benjamin Grégoire, and Benedikt Schmidt. 2015. Automated proofs of pairing-based cryptography. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. 1156–1168. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Donald Beaver. 1995. Precomputing oblivious transfer. In Annual International Cryptology Conference. 97–109. Google ScholarGoogle ScholarCross RefCross Ref
  11. Karthikeyan Bhargavan, Abhishek Bichhawat, Quoc Huy Do, Pedram Hosseyni, Ralf Küsters, Guido Schmitz, and Tim Würtele. 2021. DY* : A Modular Symbolic Verification Framework for Executable Cryptographic Protocol Code. In EuroS&P 2021 - 6th IEEE European Symposium on Security and Privacy. Virtual, Austria. https://hal.inria.fr/hal-03178425 Google ScholarGoogle Scholar
  12. Bruno Blanchet. 2006. A Computationally Sound Mechanized Prover for Security Protocols. 140–154. https://doi.org/10.1109/SP.2006.1 Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Bruno Blanchet. 2013. Automatic verification of security protocols in the symbolic model: The verifier proverif. In Foundations of security analysis and design VII. Springer, 54–87. Google ScholarGoogle Scholar
  14. Manuel Blum. 1983. Coin flipping by telephone a protocol for solving impossible problems. ACM SIGACT News, 15, 1 (1983), 23–27. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. David Butler, David Aspinall, and Adrià Gascón. 2020. Formalising Oblivious Transfer in the Semi-Honest and Malicious Model in CryptHOL. In Proceedings of the 9th ACM SIGPLAN International Conference on Certified Programs and Proofs (CPP 2020). Association for Computing Machinery, New York, NY, USA. 229–243. isbn:9781450370974 https://doi.org/10.1145/3372885.3373815 Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Ran Canetti. 2000. Universally Composable Security: A New Paradigm for Cryptographic Protocols. Cryptology ePrint Archive, Report 2000/067. https://ia.cr/2000/067 Google ScholarGoogle Scholar
  17. Ran Canetti, Alley Stoughton, and Mayank Varia. 2019. EasyUC: Using EasyCrypt to Mechanize Proofs of Universally Composable Security. In 32nd IEEE Computer Security Foundations Symposium. https://eprint.iacr.org/2019/582 Google ScholarGoogle ScholarCross RefCross Ref
  18. Miguel Castro and Barbara Liskov. 1999. Practical byzantine fault tolerance. In OsDI. 99, 173–186. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Veronique Cortier and Bogdan Warinschi. 2011. A Composable Computational Soundness Notion. In Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS ’11). Association for Computing Machinery, New York, NY, USA. 63–74. isbn:9781450309486 https://doi.org/10.1145/2046707.2046717 Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Cas J. F. Cremers. 2008. The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols. In Computer Aided Verification, Aarti Gupta and Sharad Malik (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 414–418. Google ScholarGoogle Scholar
  21. Karim M. El Defrawy and Vitor Pereira. 2019. A High-Assurance Evaluator for Machine-Checked Secure Multiparty Computation. Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. Google ScholarGoogle Scholar
  22. Danny Dolev and Andrew Yao. 1983. On the security of public key protocols. IEEE Transactions on information theory, 29, 2 (1983), 198–208. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Denis Firsov and Dominique Unruh. 2022. Reflection, Rewinding, and Coin-Toss in EasyCrypt. In Proceedings of the 11th ACM SIGPLAN International Conference on Certified Programs and Proofs (CPP 2022). Association for Computing Machinery, New York, NY, USA. 166–179. isbn:9781450391825 https://doi.org/10.1145/3497775.3503693 Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Joshua Gancher, Kristina Sojakova, Xiong Fan, Elaine Shi, and Greg Morrisett. 2022. A Core Calculus for Equational Proofs of Distributed Cryptographic Protocols: Supplemental Material. https://github.com/ipdl/ipdl Google ScholarGoogle Scholar
  25. Oded Goldreich, Silvio Micali, and Avi Wigderson. 1987. How to play any mental game. In Proceedings of the nineteenth annual ACM symposium on Theory of computing. 218–229. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Andrew K. Hirsch and Deepak Garg. 2022. Pirouette: Higher-Order Typed Functional Choreographies. Proc. ACM Program. Lang., 6, POPL (2022), Article 23, jan, 27 pages. https://doi.org/10.1145/3498684 Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Kevin Liao, Matthew A. Hammer, and Andrew Miller. 2019. ILC: A Calculus for Composable, Computational Cryptography. In Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2019). Association for Computing Machinery, New York, NY, USA. 640–654. isbn:9781450367127 https://doi.org/10.1145/3314221.3314607 Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Yehuda Lindell. 2020. Secure Multiparty Computation. Commun. ACM, 64, 1 (2020), dec, 86–96. issn:0001-0782 https://doi.org/10.1145/3387108 Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Andreas Lochbihler and S. Reza Sefidgar. 2018. A tutorial introduction to CryptHOL. Cryptology ePrint Archive, Report 2018/941. https://ia.cr/2018/941 Google ScholarGoogle Scholar
  30. Andreas Lochbihler, S. Reza Sefidgar, David Basin, and Ueli Maurer. 2019. Formalizing Constructive Cryptography using CryptHOL. In 32nd IEEE Computer Security Foundations Symposium. http://www.andreas-lochbihler.de/pub/lochbihler2019csf.pdf Google ScholarGoogle ScholarCross RefCross Ref
  31. Gavin Lowe. 1996. Breaking and fixing the Needham-Schroeder Public-Key Protocol using FDR. In Tools and Algorithms for the Construction and Analysis of Systems, Tiziana Margaria and Bernhard Steffen (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 147–166. isbn:978-3-540-49874-2 Google ScholarGoogle Scholar
  32. Assia Mahboubi and Enrico Tassi. 2021. Mathematical Components. Zenodo. https://doi.org/10.5281/zenodo.4457887 Google ScholarGoogle ScholarCross RefCross Ref
  33. Ueli Maurer. 2012. Constructive Cryptography – A New Paradigm for Security Definitions and Proofs. In Theory of Security and Applications, Sebastian Mödersheim and Catuscia Palamidessi (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 33–56. isbn:978-3-642-27375-9 Google ScholarGoogle Scholar
  34. Simon Meier, Benedikt Schmidt, Cas Cremers, and David Basin. 2013. The TAMARIN Prover for the Symbolic Analysis of Security Protocols. In Computer Aided Verification, Natasha Sharygina and Helmut Veith (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 696–701. isbn:978-3-642-39799-8 Google ScholarGoogle Scholar
  35. Robin Milner, Joachim Parrow, and David Walker. 1992. A calculus of mobile processes, I. Information and Computation, 100, 1 (1992), 1–40. issn:0890-5401 https://doi.org/10.1016/0890-5401(92)90008-4 Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Moni Naor and Benny Pinkas. 1999. Oblivious transfer and polynomial evaluation. In Proceedings of the thirty-first annual ACM symposium on Theory of computing. 245–254. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Adam Petcher and Greg Morrisett. 2015. The Foundational Cryptography Framework. In Principles of Security and Trust, Riccardo Focardi and Andrew Myers (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 53–72. isbn:978-3-662-46666-7 Google ScholarGoogle Scholar
  38. S. Schneider. 1996. Security properties and CSP. In Proceedings 1996 IEEE Symposium on Security and Privacy. 174–187. https://doi.org/10.1109/SECPRI.1996.502680 Google ScholarGoogle ScholarCross RefCross Ref

Index Terms

  1. A Core Calculus for Equational Proofs of Cryptographic Protocols

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      • Article Metrics

        • Downloads (Last 12 months)251
        • Downloads (Last 6 weeks)25

        Other Metrics

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!