Conference paper Open Access
Machine-Checked Proofs for Cryptographic Standards
Almeida, J.; Baritel-Ruet, C.; Barbosa, M.; Barthe, G.; Dupressoir, F.; Grégoire, B.; Laporte, V.; Stoughton; A.; Strub, P.
We present a high-assurance and high-speed implementation of the SHA-3 hash function. Our implementation is written in the Jasmin programming language, and is formally verified for functional correctness, provable security and timing attack resistance in the EasyCrypt proof assistant. Our implementation is the first to achieve simultaneously the four desirable properties (efficiency, correctness, provable security, and side-channel protection) for a non-trivial cryptographic primitive. Concretely, our mechanized proofs show that: 1) the SHA-3 hash function is indifferentiable from a random oracle, and thus is resistant against collision, first and second preimage attacks; 2) the SHA-3 hash function is correctly implemented by a vectorized x86 implementation. Furthermore, the implementation is provably protected against timing attacks in an idealized model of timing leaks. The proofs include new EasyCrypt libraries of independent interest for programmable random oracles and modular indifferentiability proofs.
| Name | Size | |
|---|---|---|
|
22-Machine-Checked-Proofs-for-Cryptographic-Standards.pdf
md5:22382f6bfe11ac414f946df62a8d8303 |
982.5 kB | Download |
| Views | 76 |
| Downloads | 63 |
| Data volume | 61.9 MB |
| Unique views | 70 |
| Unique downloads | 61 |
- Publication date:
- July 22, 2020
- DOI:
-
- Keyword(s):
- high-assurance cryptography EasyCrypt Jasmin SHA-3 indifferentiability
- Grants:
-
European Commission:
- FutureTPM - Future Proofing the Connected World: A Quantum-Resistant Trusted Platform Module (779391)
- Meeting:
- Conference on Computer and Communications Security (CCS 19), London, United Kingdom, November 11–15, 2019
- Communities:
- License (for files):
- Creative Commons Attribution 4.0 International