Verification of Cryptosystems - from Introduction to Computer-Aided Security Proofs

Abstract

This paper gives an overview of verification methods for the security of cryptosystems from basic concepts of cryptography to advanced topics on computer-aided security proofs. The security of cryptosystems is formalized using probabilities and computational complexity of attacks while the mathematical proofs for such security tend to be complicated and error prone. To obtain rigorous security proofs there have been many studies on formalizing and machine-checking proofs using formal methods. Among various verification tools EasyCrypt is the most successful tool that can rigorously construct security proofs more easily than previous tools. In this paper we introduce a method for defining the security of cryptosystems as games among probabilistic polynomial-time (PPT) Turing machines and proving it by game transformation techniques. Then we explain how to formalize such security proofs in the framework of probabilistic relational Hoare logic (pRHL) and to write and machine-check proofs using EasyCrypt. Note that readers do not need to be familiar with cryptography or interactive theorem provers.