Automated analysis of cryptographic constructions

• Autores: Miguel Ambrona Castellanos
• Directores de la Tesis: Gilles Barthe (dir. tes.)
• Lectura: En la Universidad Politécnica de Madrid ( España ) en 2018
• Idioma: español
• Tribunal Calificador de la Tesis: María Isabel González Vasco (presid.), Dario Fiore (secret.), Ángel Luis Pérez del Pozo (voc.), Mehdi Tibouchi (voc.), Emanuel Pimentel Barbosa (voc.)
• Programa de doctorado: Programa de Doctorado en Software, Sistemas y Computación por la Universidad Politécnica de Madrid
• Materias:
  • Matemáticas
    • Ciencia de los ordenadores
    • Análisis numérico
      • Construcción de algoritmos
  • Ciencias tecnológicas
• Enlaces
  • Tesis en acceso abierto en: Archivo Digital UPM
• Resumen

  • Computer-aided cryptography is an emerging area of research concerned with the application of formal methods and techniques from automated reasoning in cryptography. It allows cryptographers to outsource tedious or error-prone tasks to computers (including mundane parts of the analysis and validation of cryptographic proofs, verifying complex calculations or exploring design spaces of cryptographic constructions). Computer-aided cryptography has been successfully applied to the analysis of several primitives in classic public-key systems and symmetric schemes. However, it is still not clear how automated methods can be applied to more recent and advanced constructions. In this thesis we develop new techniques and tools to broaden the scope of computer-aided cryptography, with special emphasis on pairing-based cryptography.

    Our first contribution consists of a novel method (and an implementation) for automatically checking the security of cryptographic schemes (such as structure-preserving signatures, message authentication codes or assumptions defined over bilinear groups) in the generic group model, under strong standard definitions of security. Our work improves on previous works, which consider weaker security models. Our new approach allows us to reduce the security of schemes to the absence of solutions to a system of constraints. We then develop dedicated constraints-solving algorithms for testing that the systems are unsatisfiable.

    Our second contribution focuses on attribute-based encryption (ABE). More precisely, we present several new results about predicate encodings, a cryptographic primitive that can be used to build ABE in a modular way. We propose a purely algebraic formulation of the notion of privacy for predicate encodings, that leads to several new applications, such as logical combinations of predicate encodings and optimization techniques that resulted in improved ABE constructions (with extra features and better performance).

    Our third contribution builds on the first two. We provide, for the first time, computer-aided techniques and algorithms (plus an implementation) for automatically proving the security of attribute-based encryption constructions in the generic group model. Our method allows us to deal with indistinguishability based security definitions (as is required for ABE), which is a very important achievement. Previous works on automated analysis mainly focused on computational security experiments instead.

    As a last contribution we also study indifferentiability of symmetric constructions (such as different variants of Feistel networks or Even-Mansour ciphers). Unlike in our previous contributions, where our analysis was oriented towards proof search, here we focus on formalizing and synthesizing attacks. We develop methods for fully automated attack search. First, we formally define the notion of universal indifferentiability distinguishers and provide methods for proving the universality of candidate distinguishers. Then, we develop (and implement) heuristics that take the description of a cryptographic component and try to find a universal distinguisher for it.

    All our contributions share a common methodology: we leverage techniques from formal methods, expressing cryptographic constructions and security definitions in a symbolic language. We then provide computational soundness theorems for such symbolic models that guarantee that the conclusions derived symbolically can be lifted to the actual non-symbolic model. We demonstrate the effectiveness of our approaches by developing several tools that implement our techniques, which are then evaluated on a wide range of examples from the literature. The results presented in this thesis expand the scope of computer-aided cryptography, capturing stronger security notions and new settings.