Automation for Cryptographic Design, Implementationand Security

Abstract

Computer automation is showing great potential to improve the speed and accuracy of the cryptographic design process. Over the past several years, a host of new software tools were made public for handling a variety of cryptographic tasks, including scheme design, proof generation, and proof verification. Automation is particularly compelling for these tasks, which are often both complex and tedious, and where a single error can compromisethe entire system.As part of our past work, we contributed to this e -ort by investigating tools for programmatically altering existing cryptographic constructions to reflect particular design goals. For instance, we developed a suite of tools, which could work together, for improving the e?fficiency of signature verification (AutoBatch), altering the algebraic setting of a signature or encryption scheme to optimize performance on a per application basis (Auto- Group/AutoGroup+), to strengthen the security of a digital signature scheme (AutoStrong), and more. Several other authors joined in this style of automation e -ort to produce interesting new tools such as AutoG&P and AutoLWE.Our objective for this proposal is to push the frontiers of cryptographic automationto help create new designs, ease implementation and strengthen security. Our approach to automation is to first search for naturally occurring patterns in common cryptographic tasks that might lend themselves to automation. The next step is to devise a means for translating the creative design task into a problem that computers are better at solving (e.g., an SMT problem). After this, we develop a proof-of-concept software program to test the automation s accuracy and performance. Finally, we formally prove that the output of this program is suitably correct and secure.For this proposal, we will specifically investigate new tools that allow users to automatically devise algorithms to algebraically verify the correctness of one set of pairing groups elements with respect to another (for cryptographic design purposes), to automatically strengthen the security guarantee of advanced cryptosystems such as attribute-based encryption (for security purposes), and to navigate the security and e?fficiency tradeoffs of various schemes with computer assistance (for implementation purposes).

Document Details

Document Type

DoD Grant Award

Publication Date

May 23, 2019

Source ID

N000141912294

Entities

Tags