Verifying classic McEliece: examining the role of formal methods in post-quantum cryptography standardisation. (English) Zbl 1519.94064
Deneuville, Jean-Christophe (ed.), Code-based cryptography. 10th international workshop, CBCrypto 2022, Trondheim, Norway, May 29–30, 2022. Revised selected papers. Cham: Springer. Lect. Notes Comput. Sci. 13839, 21-36 (2023).
Summary: Developers of computer-aided cryptographic tools are optimistic that formal methods will become a vital part of developing new cryptographic systems. We study the use of such tools to specify and verify the implementation of Classic McEliece, one of the code-based cryptography candidates in the fourth round of the NIST Post-Quantum standardisation Process. From our case study we draw conclusions about the practical applicability of these methods to the development of novel cryptography.
For the entire collection see [Zbl 1517.94006].
For the entire collection see [Zbl 1517.94006].
Keywords:
code-based cryptographyReferences:
| [1] | Announcing four candidates to be standardized, plus fourth round candidates: CSRC. https://csrc.nist.gov/News/2022/pqc-candidates-to-be-standardized-and-round-4. NIST Accessed 07 Sept 2022 |
| [2] | Control Bits Verification. https://github.com/linesthatinterlace/verif-cb. Wrenna Robson Accessed 12 Sept 2022 |
| [3] | Cryptography in Lean 4. https://github.com/joehendrix/lean-crypto. Joe Hendrix Accessed 7 Sept 2022 |
| [4] | Cryptol-Specs. https://github.com/GaloisInc/cryptol-specs. Galois Incorporated Accessed 7 Jan 2022 |
| [5] | Post-quantum cryptography: CSRC. https://csrc.nist.gov/projects/post-quantum-cryptography. NIST Accessed 18 Jan 2022 |
| [6] | PQC Verification. https://github.com/linesthatinterlace/pqc-verification. Wrenna Robson Accessed 7 Sept 2022 |
| [7] | Affeldt, R.: A Coq formalization of information theory and linear error correcting codes (2022). https://github.com/affeldt-aist/infotheo |
| [8] | Albrecht, M.R., et al.: Classic McEliece: conservative code-based cryptography (2020). https://classic.mceliece.org/nist/mceliece-20201010.pdf |
| [9] | Almeida, J.B., et al.: The last mile: high-assurance and high-speed cryptographic implementations. In: 2020 IEEE Symposium on Security and Privacy (SP), pp. 965-982. IEEE (2020) |
| [10] | Barbosa, M., et al.: SoK: computer-aided cryptography. In: 2021 IEEE Symposium on Security and Privacy (SP), pp. 777-795. IEEE (2021) |
| [11] | Bernstein, D.J.: djbsort (2019). https://sorting.cr.yp.to |
| [12] | Bernstein, D.J.: Understanding binary-Goppa decoding (2019). https://cr.yp.to/papers/goppadecoding-20220320.pdf |
| [13] | Bernstein, D.J.: Verified fast formulas for control bits for permutation networks (2020). https://ia.cr/2020/1493. Cryptology ePrint Archive, Report 2020/1493 |
| [14] | Bernstein, D.J.: Fast verified post-quantum software. In: International Cryptographic Module Conference 2021 (2021) |
| [15] | Bernstein, D.J., et al.: NTRU Prime: round 3 (2020). https://ntruprime.cr.yp.to/nist/ntruprime-20201007.pdf |
| [16] | Bernstein, DJ; Chou, T.; Schwabe, P.; Bertoni, G.; Coron, J-S, McBits: fast constant-time code-based cryptography, Cryptographic Hardware and Embedded Systems - CHES 2013, 250-272 (2013), Heidelberg: Springer, Heidelberg · Zbl 1353.94035 · doi:10.1007/978-3-642-40349-1_15 |
| [17] | Bertot, Y., Huet, G., Castéran, P., Paulin-Mohring, C.: Interactive Theorem Proving and Program Development: Coq’Art: The Calculus of Inductive Constructions. Texts in Theoretical Computer Science An EATCS Series. Springer, Berlin (2013) |
| [18] | Bhargavan, K., et al.: Everest: towards a verified, drop-in replacement of HTTPS. In: 2nd Summit on Advances in Programming Languages (SNAPL 2017). Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik (2017) |
| [19] | Boston, B.; Silva, A.; Leino, KRM, Verified cryptographic code for everybody, Computer Aided Verification, 645-668 (2021), Cham: Springer, Cham · Zbl 1493.68206 · doi:10.1007/978-3-030-81685-8_31 |
| [20] | Carter, K., Foltzer, A., Hendrix, J., Huffman, B., Tomb, A.: SAW: the software analysis workbench. In: Proceedings of the 2013 ACM SIGAda Annual Conference on High Integrity Language Technology, pp. 15-18 (2013) |
| [21] | Castryck, W., Decru, T.: An efficient key recovery attack on SIDH (preliminary version). Cryptology ePrint Archive, Paper 2022/975 (2022). https://eprint.iacr.org/2022/975 · Zbl 1501.94035 |
| [22] | Chou, T.; Fischer, W.; Homma, N., McBits revisited, Cryptographic Hardware and Embedded Systems - CHES 2017, 213-231 (2017), Cham: Springer, Cham · Zbl 1450.94029 · doi:10.1007/978-3-319-66787-4_11 |
| [23] | Chudnov, A.; Chockler, H.; Weissenbacher, G., Continuous formal verification of amazon s2n, Computer Aided Verification, 430-446 (2018), Cham: Springer, Cham · doi:10.1007/978-3-319-96142-2_26 |
| [24] | Erbsen, A., Philipoom, J., Gross, J., Sloan, R., Chlipala, A.: Simple high-level code for cryptographic arithmetic – with proofs, without compromises. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 1202-1219. IEEE (2019) |
| [25] | Erkök, L., Carlsson, M., Wick, A.: Hardware/software co-verification of cryptographic algorithms using Cryptol. In: 2009 Formal Methods in Computer-Aided Design, pp. 188-191. IEEE (2009) |
| [26] | Fu, Y.F., Liu, J., Shi, X., Tsai, M.H., Wang, B.Y., Yang, B.Y.: Signed cryptographic program verification with typed cryptoline. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 1591-1606 (2019) |
| [27] | The mathlib Community: The Lean mathematical library. In: Proceedings of the 9th ACM SIGPLAN International Conference on Certified Programs and Proofs, CPP 2020, pp. 367-381, New York. Association for Computing Machinery (2020) |
| [28] | McEliece, R.J.: A public-key cryptosystem based on algebraic coding theory. DSN Progress Report, 4244:114-116 (1978) |
| [29] | Mouha, N.; Hailane, A., The application of formal methods to real-world cryptographic algorithms, protocols, and systems, Computer, 54, 1, 29-38 (2021) · doi:10.1109/MC.2020.3033613 |
| [30] | Moura, L.; Ullrich, S.; Platzer, A.; Sutcliffe, G., The Lean 4 theorem prover and programming language, Automated Deduction - CADE 28, 625-635 (2021), Cham: Springer, Cham · Zbl 1540.68264 · doi:10.1007/978-3-030-79876-5_37 |
| [31] | Robson, W.: Classic McEliece Verification (2022). https://github.com/linesthatinterlace/pqc-verification |
| [32] | Zinzindohoué, J.K., Bhargavan, K., Protzenko, J., Beurdouche, B.: HACL*: a verified modern cryptographic library. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1789-1806 (2017) |
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. In some cases that data have been complemented/enhanced by data from zbMATH Open. This attempts to reflect the references listed in the original paper as accurately as possible without claiming completeness or a perfect matching.
