Documentation

VCVio.CryptoFoundations.AsymmEncAlg.INDCCA

Asymmetric Encryption Schemes: IND-CCA #

IND-CCA interfaces and games for asymmetric encryption schemes.

def AsymmEncAlg.decryptionOracle {m : TypeType v} [Monad m] {M PK SK C : Type} (encAlg : AsymmEncAlg m M PK SK C) (sk : SK) :
QueryImpl (OracleSpec.ofFn fun (x : C) => M) (OptionT m)

Oracle that uses a secret key to respond to decryption requests. Invalid ciphertexts become oracle failure in OptionT.

Instances For
    def AsymmEncAlg.IND_CCA_oracleSpec {M PK SK C ι : Type} {spec : OracleSpec ι} (_encAlg : AsymmEncAlg (OracleComp spec) M PK SK C) :

    IND-CCA adversaries get access to the base oracle set spec plus a decryption oracle. Challenge generation is handled explicitly between the two phases of the game.

    Instances For
      structure AsymmEncAlg.IND_CCA_Adversary {M PK SK C ι : Type} {spec : OracleSpec ι} (encAlg : AsymmEncAlg (OracleComp spec) M PK SK C) :

      Two-phase IND-CCA adversary: chooseMessages runs before the challenge and outputs (m₀, m₁, st); distinguish st c⋆ runs after seeing the challenge ciphertext.

      Instances For
        def AsymmEncAlg.IND_CCA_preChallengeImpl {M PK SK C ι : Type} {spec : OracleSpec ι} (encAlg : AsymmEncAlg (OracleComp spec) M PK SK C) (sk : SK) :

        Pre-challenge decryption oracle for the IND-CCA game.

        Instances For
          def AsymmEncAlg.IND_CCA_postChallengeImpl {M PK SK C ι : Type} {spec : OracleSpec ι} [DecidableEq C] (encAlg : AsymmEncAlg (OracleComp spec) M PK SK C) (sk : SK) (cStar : C) :

          Post-challenge decryption oracle for the IND-CCA game. The challenge ciphertext itself is answered with none, while all other ciphertexts are decrypted normally.

          Instances For
            def AsymmEncAlg.IND_CCA_Game {M PK SK C ι : Type} {spec : OracleSpec ι} [DecidableEq C] {encAlg : AsymmEncAlg (OracleComp spec) M PK SK C} (runtime : ProbCompRuntime (OracleComp spec)) (adversary : encAlg.IND_CCA_Adversary) :

            IND-CCA security game in the standard two-phase form. The adversary chooses challenge messages with access to the decryption oracle, then receives the challenge ciphertext and continues interacting with a decryption oracle that returns none on the challenge ciphertext.

            Instances For
              noncomputable def AsymmEncAlg.IND_CCA_Advantage {M PK SK C ι : Type} {spec : OracleSpec ι} [DecidableEq C] {encAlg : AsymmEncAlg (OracleComp spec) M PK SK C} (runtime : ProbCompRuntime (OracleComp spec)) (adversary : encAlg.IND_CCA_Adversary) :

              Real-valued IND-CCA advantage, expressed as the Boolean bias of the IND-CCA game.

              Instances For