Skip to Main content Skip to Navigation
New interface
Conference papers

Composition Theorems for CryptoVerif and Application to TLS 1.3

Abstract : We present composition theorems for security protocols , to compose a key exchange protocol and a symmetric-key protocol that uses the exchanged key. Our results rely on the computational model of cryptography and are stated in the framework of the tool CryptoVerif. They support key exchange protocols that guarantee injective or non-injective authentication. They also allow random oracles shared between the composed protocols. To our knowledge, they are the first composition theorems for key exchange stated for a computational protocol verification tool, and also the first to allow such flexibility. As a case study, we apply our composition theorems to a proof of TLS 1.3 Draft-18. This work fills a gap in a previous paper that informally claims a compositional proof of TLS 1.3, without formally justifying it.
Document type :
Conference papers
Complete list of metadata

Cited literature [38 references]  Display  Hide  Download
Contributor : Bruno Blanchet Connect in order to contact the contributor
Submitted on : Friday, December 7, 2018 - 12:29:32 PM
Last modification on : Wednesday, June 8, 2022 - 12:50:04 PM
Long-term archiving on: : Friday, March 8, 2019 - 2:08:01 PM


Files produced by the author(s)




Bruno Blanchet. Composition Theorems for CryptoVerif and Application to TLS 1.3. 31st IEEE Computer Security Foundations Symposium (CSF'18), Jul 2018, Oxford, United Kingdom. ⟨10.1109/CSF.2018.00009⟩. ⟨hal-01947959⟩



Record views


Files downloads