A Machine-Checked Formalization of the Generic Model and the Random Oracle Model, IJCAR, pp.385-399, 2004. ,
DOI : 10.1007/978-3-540-25984-8_29
A framework for language-based cryptographic proofs, ACM SIGPLAN Workshop on Mechanizing Metatheory, 2007. ,
A Machine-Checked Formalization of the Random Oracle Model, Proceedings of TYPES'04, pp.33-49, 2004. ,
DOI : 10.1007/11617990_3
Relations among notions of security for public-key encryption schemes, CRYPTO'98, pp.26-45, 1998. ,
DOI : 10.1007/BFb0055718
Optimal asymmetric encryption, EUROCRYPT'04, pp.92-111, 1994. ,
DOI : 10.1007/BFb0053428
URL : http://dsns.csie.nctu.edu.tw/research/crypto/HTML/PDF/E94/92.PDF
The Security of Triple Encryption and a Framework??for??Code-Based??Game-Playing??Proofs, Cryptology ePrint Archive Report, vol.28, issue.4, 2004. ,
DOI : 10.1002/j.1538-7305.1949.tb00928.x
Random oracles are practical, Proceedings of the 1st ACM conference on Computer and communications security , CCS '93, pp.62-73, 1993. ,
DOI : 10.1145/168588.168596
A computationally sound mechanized prover for security protocols, S&P'06, pp.140-154, 2006. ,
Automated Security Proofs with Sequences of Games, CRYPTO'06, pp.537-554, 2006. ,
DOI : 10.1007/11818175_32
A Probabilistic Hoare-style Logic for Game-Based Cryptographic Proofs, ICALP'06, pp.252-263, 2006. ,
DOI : 10.1007/11787006_22
Towards Practical Public Key Systems Secure Against Chosen Ciphertext attacks, CRYPTO'91, pp.445-456, 1992. ,
DOI : 10.1007/3-540-46766-1_36
Computationally Sound Compositional Logic for Key Exchange Protocols, 19th IEEE Computer Security Foundations Workshop (CSFW'06), pp.321-334, 2006. ,
DOI : 10.1109/CSFW.2006.9
Zero-knowledge proofs of identity, Journal of Cryptology, vol.3, issue.2, pp.77-94, 1988. ,
DOI : 10.1145/359340.359342
How to Enhance the Security of Public-Key Encryption at Minimum Cost, PKC'99, pp.53-68, 1999. ,
DOI : 10.1007/3-540-49162-7_5
A plausible approach to computer-aided cryptographic proofs. ePrint archive report, 2005. ,
REACT: Rapid Enhanced-Security Asymmetric Cryptosystem Transform, CT-RSA'01, pp.159-175, 2001. ,
DOI : 10.1007/3-540-45353-9_13
Oaep reconsidered Sequences of games: a tool for taming complexity in security proofs, J. Cryptology, vol.15332, issue.4, pp.223-249, 2002. ,
The Analysis of Zheng-Seberry Scheme, ACISP, pp.159-168, 2002. ,
DOI : 10.1007/3-540-45450-0_13
Machine-Checked Security Proofs of Cryptographic Signature Schemes, ESORICS'05, pp.140-158, 2005. ,
DOI : 10.1007/11555827_9
Immunizing public key cryptosystems against chosen ciphertext attacks, IEEE Journal on Selected Areas in Communications, vol.11, issue.5, pp.715-724, 1993. ,
DOI : 10.1109/49.223871
URL : http://ro.uow.edu.au/cgi/viewcontent.cgi?article=2093&context=infopapers
?y; V 1 , y, z; V 2 ) can be written as X ? V 1 ,y,z;V 2 ?y.X. Hence, by transitivity we get X ? V 1 ,y,z;V 2 ?y.?z.X. Since y||z is constructible from (V 1 , y, z; V 2 ), we apply lemma 11 to obtain Using the properties of || and that {y, y||z]](?y.?z.X), and by weakening we get z} ? (V 1 ? V 2 ) = ?, we have D([[x := y||z]](?y.?z.X), V 1 ? {x}, V 2 ) = D(?x.X, V 1 ? {x}, V 2 ), and hence by transitivity of indistinguishability, [[x := y||z]](X) ? V 1 ,x;V 2 ?x.X ,
Since y||z is constructible from (V 1 , y, z; V 2 ), we apply corollary 1 to obtain [[x := y||z]](X) |= Indis(?t ,
Since y||z is constructible from (V 1 , y, z; V 2 ), we apply lemma 12 to obtain ,