Cookies
O website necessita de alguns cookies e outros recursos semelhantes para funcionar. Caso o permita, o INESC TEC irá utilizar cookies para recolher dados sobre as suas visitas, contribuindo, assim, para estatísticas agregadas que permitem melhorar o nosso serviço. Ver mais
Aceitar Rejeitar
  • Menu
Publicações

Publicações por José Bacelar Almeida

2019

Machine-Checked Proofs for Cryptographic Standards

Autores
Almeida, JB; Ruet, CB; Barbosa, M; Barthe, G; Dupressoir, F; Grégoire, B; Laporte, V; Oliveira, T; Stoughton, A; Strub, PY;

Publicação
IACR Cryptol. ePrint Arch.

Abstract

2019

The Last Mile: High-Assurance and High-Speed Cryptographic Implementations

Autores
Almeida, JB; Barbosa, M; Barthe, G; Grégoire, B; Koutsos, A; Laporte, V; Oliveira, T; Strub, PY;

Publicação
CoRR

Abstract

2018

hnforcing ideal-world leakage bounds in real-world secret sharing MPC frameworks

Autores
Almeida, JB; Barbosa, M; Barthe, G; Pacheco, H; Pereira, V; Portela, B;

Publicação
IEEE 31ST COMPUTER SECURITY FOUNDATIONS SYMPOSIUM (CSF 2018)

Abstract
We give a language-based security treatment of domain-specific languages and compilers for secure multi-party computation, a cryptographic paradigm that. enables collaborative computation over encrypted data. Computations are specified in a core imperative language, as if they were intended to be executed by a trusted-third party, and formally verified against. an information-flow policy modelling (an upper bound to) their leakage. This allows non-experts to assess the impact of performance driven authorized disclosure of intermediate values. Specifications are then compiled to multi-party protocols. We formalize protocol security using (distributed) probabilistic information-flow and prove security-preserving compilation: protocols only leak what. is allowed by the source policy. The proof exploits a natural but previously missing correspondence between simulation-based cryptographic proofs and (composable) probabilistic non-interference. Finally, we extend our framework to justify leakage cancelling, a domain-specific optimization that allows to first write an efficient specification that fails to meet the allowed leakage upper-bound, and then apply a probabilistic preprocessing that brings leakage to the acceptable range.

2017

A Fast and Verified Software Stack for Secure Function Evaluation

Autores
Almeida, JB; Barbosa, M; Barthe, G; Dupressoir, F; Grégoire, B; Laporte, V; Pereira, V;

Publicação
IACR Cryptology ePrint Archive

Abstract

2023

Leakage-Free Probabilistic Jasmin Programs

Autores
Almeida, JB; Firsov, D; Oliveira, T; Unruh, D;

Publicação
IACR Cryptol. ePrint Arch.

Abstract

2024

Formally Verifying Kyber Episode V: Machine-Checked IND-CCA Security and Correctness of ML-KEM in EasyCrypt

Autores
Almeida, JB; Olmos, SA; Barbosa, M; Barthe, G; Dupressoir, F; Grégoire, B; Laporte, V; Lechenet, JC; Low, C; Oliveira, T; Pacheco, H; Quaresma, M; Schwabe, P; Strub, PY;

Publicação
ADVANCES IN CRYPTOLOGY - CRYPTO 2024, PT II

Abstract
We present a formally verified proof of the correctness and IND-CCA security of ML-KEM, the Kyber-based Key Encapsulation Mechanism (KEM) undergoing standardization by NIST. The proof is machine-checked in EasyCrypt and it includes: 1) A formalization of the correctness (decryption failure probability) and IND-CPA security of the Kyber base public-key encryption scheme, following Bos et al. at Euro S&P 2018; 2) A formalization of the relevant variant of the Fujisaki-Okamoto transform in the Random Oracle Model (ROM), which follows closely (but not exactly) Hofheinz, Hovelmanns and Kiltz at TCC 2017; 3) A proof that the IND-CCA security of the ML-KEM specification and its correctness as a KEM follows from the previous results; 4) Two formally verified implementations of ML-KEM written in Jasmin that are provably constant-time, functionally equivalent to the ML-KEM specification and, for this reason, inherit the provable security guarantees established in the previous points. The top-level theorems give self-contained concrete bounds for the correctness and security of ML-KEM down to (a variant of) Module-LWE. We discuss how they are built modularly by leveraging various EasyCrypt features.

  • 8
  • 8