Certified Security Proofs of Cryptographic Protocols in the Computational Model : an Application to Intrusion Resilience Pierre Corbineau Mathilde Duclos Yassine Lakhnech Université de Grenoble, CNRS Verimag, Grenoble, France December 9th 2011
Introduction We report on A formalization in Coq of CIL: Computational Indistinguishability Logic [CCS 10] a logic for proving correctness of cryptographic systems in the complexity-theoric model; and its application to prove correctness of an intrusient-resilient key-exchange protocol - a non-trivial protocol in a model that goes beyond the black box model.
Security Protocols are rules for exchanging messages ensure secure communication on an open network in the presence of adversaries applications: ATM, e-commerce, electronic vote or contract signing, etc. of particular importance: authenticated key-exchange protocols Confidentiality: key is indistinguishable from a random key Authentication: in a presence of a passive adversary, two legitimate partners engaged in a session compute the same key.
Motivation Cryptographers develop proofs in the complexity-theoretic (computational) model: System: a set of randomized oracles, called oracle system. Adversary: any randomized machine with access to the oracles. She tries to answer a question. Correctness: a bound on the probability that the adversary answers correctly depending on the ressources of the adversary, both in terms of computation and number of calls to the oracles. Black-Box model does not give any extra information on the internal state of the oracle system. I.e., view of the adversary is the interaction. Non-black-box: some information about the internal state of the oracles.
State of affairs Many flawed security proofs in the literature: Asiacrypt 05: Jackobson-Pointcheval 01, Wong-Chan 01, Abdalla-Pointcheval 05, Bellare-Canetti-Krawczyck 98, Bellare-Rogaway s OAEP,... Adhoc definitions of properties. Proofs are adhoc, untrustable,... Many models that depend on the properties, cryptographic primitives, strength of the adversary, etc... Can Formal Methods offer something? Our research program: Computer-aided Formal Proofs in the complexity-theoretic approach
Outline 1 CIL in Coq Oracle systems Adversary Indistinguishability and Contexts 2 Dziembowski s intrusion resilient protocol Intrusion-Resilient Key Generation Protocol Proof in CIL of the Key Generation Protocol
Outline 1 CIL in Coq Oracle systems Adversary Indistinguishability and Contexts 2 Dziembowski s intrusion resilient protocol Intrusion-Resilient Key Generation Protocol Proof in CIL of the Key Generation Protocol
Oracles and signatures Cryptographic systems are modeled as oracle systems. Each oracle has : A name of type oracle_name An input type and an output type An implementation complying with this signature and the internal state of the system Record oracle_signature := mkos { oracle_name : Type; oracle_input: oracle_name -> Type; oracle_output: oracle_name -> Type.} Definition oracle_fun (input:type) (output:type) := input * State -> distr (output * State). Variable os : oracle_signature. Definition oracle_functions := forall name, oracle_fun (oracle_input os name) (oracle_output os name).
Adversary model An adversary interacts with the oracle system by sending queries. D e f i n i t i o n run_function state A := state - > distr ( Response state A). A response can be : a request of an oracle call a final value to be returned I n d u c t i v e Response state A := Request : f o r a l l ( name : oracle_name os), ( oracle_ input os name ) - > ( oracle_ output os name - > state ) -> Response state A Return : A -> Response state A.
Indistinguishability Indistinguishablity between two oracles systems: A, O 1 k,ɛ O 2 ( O.P (A O) ( ) = 1) ( O, o.p (A O) (# o > k o ) = 0) P(A O1 )(answer = true) P (A O2 )(answer = true) ɛ Definition indistinguishable (f1:frame os State) (f2:frame os State2) (call_bound:oracle_name os -> nat) (epsilon:u):= forall (att:attack _ bool), at_most_calls att call_bound -> diff (outcome f1 att (True_ev _)) (outcome f2 att (True_ev _)) <= epsilon.
Contexts Adversary Context Oracle System Adversary Context Simulator Oracle System σ C[O] σ O σ O Adv state m A Context state m c Oracle state m Adversary extended state < m A, m c > Oracle state m
Other CIL Rules Some other rules are based upon forward bisimulation, backward bisimulation, determinization... hand proofs in CIL: FDH, PSS, ElGamal, OAEP,... a general theorem for verifying iterative hash designs applied to many Sha-3 candidates (Ph.D. Thesis M. Daubignard).
Outline 1 CIL in Coq Oracle systems Adversary Indistinguishability and Contexts 2 Dziembowski s intrusion resilient protocol Intrusion-Resilient Key Generation Protocol Proof in CIL of the Key Generation Protocol
Intrusion Resilience in Black-Box Model? Motivation: the black box model has its limits: does not cover side-channel attacks nor intrusive attacks there is a need to design cryptographic protocols resilient to intrusion (viruses). Aim: secure protocols in the presence of viruses.
Intrusion Resilience in Black-Box Model? Motivation: the black box model has its limits: does not cover side-channel attacks nor intrusive attacks there is a need to design cryptographic protocols resilient to intrusion (viruses). Aim: secure protocols in the presence of viruses. The Bounded Storage Memory model (from [Mau92]): a virus can be any computation that has no limit on its computation time and memory but whose output is limited in size. Intuition: outputting large data can easily be revealed.
Intrusion Resilient Key Generation Protocol Scheme is from [Dzi06]. Alice N a Bob S a def N b = H(f (K, N a, N b )) S b pk a, mac S (pk a ) ε pka (κ i ), mac S (ε pka (κ i )) check mac π 0 def = H(f (K, N a, N b )) κ i check mac R {0, 1} δ(k) π 1 K: a large random key. f : a random extractor. H: a random hash function.
An Example of an Oracle Formalization Definition o_bob_nonce_sender : oracle_fun State (input_type Bob_nonce_sender) (output_type Bob_nonce_sender) := fun e => match Bflags (snd e) with Bob_start => let n := Brnd_nonce (Brnds (snd e)) in let s := (long_term_key (snd e) (fst e) n) in mlet hashs := o_h (s,snd e) in let (K,LH,As,_,Ar,Br,v) := snd hashs in!(n,mks K LH As (Bob_middle (fst hashs)) Ar Br v) _ =>!(nul_string,snd e) end.
Idealized Protocol Alice if pass. adver. then S a := S b else S a R D H N a N b S b Bob R D H π 0 pk a, mac S (pk a ) κ i check mac R {0, 1} δ(k) check mac ε pka (0), mac S (ε pka (0)) π 1 κ A i := κ i S is independent from N A, N B ; κ i never sent over the network.
Attack Model Adversary can observe and corrupt several sessions. Sequential (no concurrent sessions). Chooses an uncorrupted session to be challenged on.
Proof Sketch O π O π id = = C π0 [O π1 ] C π id [O 0 π id ] 1 O π1 O π id = = O π0 O 1 π id 0 = = C π0 [O π id ] 1 = C π id [O π0 ] 1 = = C εpk ( ) [O MAC ] C MAC id [O ε (0) ] pk C H [O K ] C H [O U ] C εpk ( ) [O MAC id ] = C MAC id [O ε ( ) ] pk O K O U O MAC id O MAC O εpk ( ) O ε (0) pk π 0 : first part of the protocol π 1 : second part of the protocol
Focus on π 1 π id 1 π 1 π id 1
Focus on π 1 π id 1 π 1 π id 1 = = C εsk ( )[MAC] C MAC id [ε sk (0)]
Focus on π 1 π id 1 π 1 π1 id = = C εsk ( )[MAC] C MAC id [ε sk (0)] C εsk ( )[MAC id ] = C MAC id [ε sk ( )]
Focus on π 1 π id 1 π 1 π1 id = = C εsk ( )[MAC] C MAC id [ε sk (0)] C εsk ( )[MAC id ] = C MAC id [ε sk ( )] MAC id MAC ε pk ( ) ε pk (0)
Conclusion In this work, we have: demonstrated the usability of CIL s formalization in Coq to prove intrusion resilience of a non-trivial key-exchange protocol To our knowledge, the first formal proof of a scheme in the non-black-box model The first formal proof of a protocol in the concrete security model. Related Work: Formal verification of cryptographic schemes: Indistinguishability logics: Impaglazzio and Kapron (2006); Datta et. al. (2006); Zhang (2008)... Certicrypt, Easycrypt - SCALP Project
Future Work other examples: group key exchange protocols,... use decision procedures for higher automatization bisimilation, probability bounds,... improve the tactics to minimize the user s goals to non-trivial proofs, design a tool that builds the Coq formalization of a cryptographic scheme from a protocol description, and the trivial parts of the proof.
References S. Dziembowski. Intrusion-resilience via the bounded-storage model. Lecture Notes in Computer Science, 3876:207, 2006. U.M. Maurer. Conditionally-perfect secrecy and a provably-secure randomized cipher. Journal of Cryptology, 5(1):53 66, 1992.