For Publishers
DiscoveryMetadataPeer reviewHostingPublishing
For Researchers
JoinPublishReviewCollect
Register
Blog
About
Search
Advanced search
My ScienceOpen
Search
For Publishers
For Researchers
Blog
About
37
views
Article has an altmetric score of 11
0
references
 Top references
cited by
0
    
0 reviews
 Review
0
comments
 Comment
0
recommends
+1 Recommend
0 collections
    0
    shares
      19
      similar
       All similar
      • Record: found
      • Abstract: found
      • Article: found
      Is Open Access

      Verified Correctness and Security of mbedTLS HMAC-DRBG

      Preprint

      Read this article at

      ScienceOpenPublisherArXiv
      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          We have formalized the functional specification of HMAC-DRBG (NIST 800-90A), and we have proved its cryptographic security--that its output is pseudorandom--using a hybrid game-based proof. We have also proved that the mbedTLS implementation (C program) correctly implements this functional specification. That proof composes with an existing C compiler correctness proof to guarantee, end-to-end, that the machine language program gives strong pseudorandomness. All proofs (hybrid games, C program verification, compiler, and their composition) are machine-checked in the Coq proof assistant. Our proofs are modular: the hybrid game proof holds on any implementation of HMAC-DRBG that satisfies our functional specification. Therefore, our functional specification can serve as a high-assurance reference.

          Related collections

          Author and article information

          Journal
          Publication date Created: 28 August 2017
          Article
          DOI: 10.1145/3133956.3133974
          ArXiV ID: 1708.08542
          SO-VID: f620ffe5-2de6-4a41-ab5a-9769e5bf7d61
          License:

          http://arxiv.org/licenses/nonexclusive-distrib/1.0/

          History
          Custom metadata
          Comments Appearing in CCS '17
          Categories cs.CR

          Data availability:

          Comments

          Comment on this article

          scite_
          0
          0
          0
          0
          Smart Citations
          0
          0
          0
          0
          Citing PublicationsSupportingMentioningContrasting
          View Citations

          See how this article has been cited at scite.ai

          scite shows how a scientific paper has been cited by providing the context of the citation, a classification describing whether it supports, mentions, or contrasts the cited claim, and a label indicating in which section the citation was made.

          Similar content19

          See all similar