On formal verification of arithmetic-based cryptographic primitives

TL;DR

This paper extends a Coq-based toolbox with number-theoretic features to facilitate formal verification of arithmetic-based cryptographic primitives, enabling machine-checked security proofs for schemes like Blum-Blum-Shub and Goldwasser-Micali.

Contribution

It introduces new number-theoretic capabilities into an existing proof assistant toolbox for formal verification of cryptographic primitives.

Findings

Successfully verified unpredictability of Blum-Blum-Shub generator

Proved semantic security of Goldwasser-Micali scheme

Enhanced toolbox supports arithmetic-based cryptographic proofs

Abstract

Cryptographic primitives are fundamental for information security: they are used as basic components for cryptographic protocols or public-key cryptosystems. In many cases, their security proofs consist in showing that they are reducible to computationally hard problems. Those reductions can be subtle and tedious, and thus not easily checkable. On top of the proof assistant Coq, we had implemented in previous work a toolbox for writing and checking game-based security proofs of cryptographic primitives. In this paper we describe its extension with number-theoretic capabilities so that it is now possible to write and check arithmetic-based cryptographic primitives in our toolbox. We illustrate our work by machine checking the game-based proofs of unpredictability of the pseudo-random bit generator of Blum, Blum and Shub, and semantic security of the public-key cryptographic scheme of Goldwasser and Micali.