, Computer-Aided Security Proofs for the Working Cryptographer, Lecture Notes in Computer Science, vol.6841, pp.71-90, 2011.
DOI : 10.1007/978-3-642-22792-9_5
URL : https://hal.archives-ouvertes.fr/hal-01112075
, Beyond Provable Security Verifiable IND-CCA Security of OAEP, CT-RSA, pp.180-196, 2011.
DOI : 10.1109/SP.2009.17
URL : https://hal.archives-ouvertes.fr/hal-01112084
, Keying Hash Functions for Message Authentication, Advances in Cryptology -CRYPTO '96, pp.1-15, 1996.
DOI : 10.1007/3-540-68697-5_1
URL : http://uncensored.citadel.org/pub/unix/bck2.pdf
, The Security of Cipher Block Chaining, Advances in Cryptology -CRYPTO '94, 14th Annual International Cryptology Conference Proceedings, pp.341-358, 1994.
DOI : 10.1007/3-540-48658-5_32
, Random oracles are practical, Proceedings of the 1st ACM conference on Computer and communications security , CCS '93, pp.62-73, 1993.
DOI : 10.1145/168588.168596
, UMAC: Fast and Secure Message Authentication, Advances in Cryptology -CRYPTO '99, 19th Annual International Cryptology Conference Proceedings, pp.216-233, 1999.
DOI : 10.1007/3-540-48405-1_14
URL : http://www.cs.ucdavis.edu/~rogaway/papers/umac-proc.ps
, Cbc macs for arbitrary-length messages: The three-key constructions, Advances in Cryptology CRYPTO 00, pp.197-215, 2000.
, A Block-Cipher Mode of Operation for Parallelizable Message Authentication, Advances in Cryptology -EUROCRYPT 2002, pp.384-397, 2002.
DOI : 10.1007/3-540-46035-7_25
, Automated Security Proofs with Sequences of Games, Lecture Notes in Computer Science, vol.4117, pp.537-554, 2006.
DOI : 10.1007/11818175_32
, A Probabilistic Hoare-style Logic for Game-Based Cryptographic Proofs, Lecture Notes in Computer Science, vol.4052, issue.2, pp.252-263, 2006.
DOI : 10.1007/11787006_22
, Towards automated proofs for asymmetric encryption schemes in the random oracle model, Proceedings of the 15th ACM conference on Computer and communications security, CCS '08, 2008.
DOI : 10.1145/1455770.1455817
, Modular code-based cryptographic verification, Proceedings of the 18th ACM conference on Computer and communications security, CCS '11, pp.341-350, 2011.
DOI : 10.1145/2046707.2046746
URL : https://hal.archives-ouvertes.fr/inria-00614372
, OCaml implementation of our method. Laboratoire Verimag, 2012.
, Automated proofs for encryption modes, 13th Annual Asian Computing Science Conference Focusing on Information Security and Privacy: Theory and Practice (ASIAN'09), pp.39-53, 2009.
, Tweakable Block Ciphers, Advances in Cryptology ? CRYPTO 2002, pp.31-46, 2002.
DOI : 10.1007/3-540-45708-9_3
URL : https://link.springer.com/content/pdf/10.1007%2Fs00145-010-9073-y.pdf
, CBC MAC for Real-Time Data Sources, Journal of Cryptology, vol.13, issue.3, pp.315-338, 1997.
DOI : 10.1007/s001450010009
URL : http://eprint.iacr.org/1997/010.ps.gz
, Universal classes of hash functions, Journal of Computer and System Sciences, vol.18, issue.2, pp.143-154, 1919.
, New hash functions and their use in authentication and set equality, Journal of Computer and System Sciences, vol.22, issue.3, pp.265-279, 1981.
DOI : 10.1016/0022-0000(81)90033-7
, (y) {Indis(x Var ? x)?Equal(x, x)} (H3) {H(H; y; ?)?Indis(t; V ; V )} x := H(y) {Indis(t; V, x; V , x)} provided L H ? V , even if t = y (H4) {H(H; y; ?)?Indis(t; V, L H , y; V , y)} x := H(y) {Indis(t, H5) {H(H; t; V, y)} x := H(y) {H(H; t
, All the proofs for hash function computation are essentially the same as the proofs for block cipher evaluation. This is due to our choice of using an adversary that does not have access to the random oracle when trying to distinguish distributions (see Section 3)