Summary
2020
Session Number:E03
Session:
Number:E03-2
Formal Verification of Merkle-Damgård Construction in ProVerif
Mieno Takehiko, Yoshimura Togo, Hiroyuki Okazaki, Yuichi Futa, Kenichi Arai,
pp.602-606
Publication Date:2020/10/18
Online ISSN:2188-5079
DOI:10.34385/proc.65.E03-2
PDF download
Summary:
ProVerif is one of the most successful automatic cryptographic protocol verifiers.
However, in ProVerif, it is difficult to formalize recursive execution, whose internal state is changed by an execution result, such as a stream cipher.
In this paper, we propose a method of formalizing recursive execution with an internal state in ProVerif.
In our proposed method, we treat function calls as communication between internal processes using private channel.
The Merkle-Damgård construction (MD construction) is a method of constructing a cryptographic hash function such as SHA-1 or MD5.
The behavior of MD construction is similar to recursive execution, because its construction includes one-way compression functions and an internal variable changed by the output of these functions.
We also formalize the MD construction algorithm utilizing our proposed method for recursive execution.
We verify that our formal model of MD construction successfully holds properties of cryptographic hash function, preimage resistance and collision resistance.