In this deliverable, we investigate the state-of-the-art in cryptographic approaches to verifiable computing. Verifiable computing encompasses methods that allow to delegate the computation of a function f on outsourced data x to third parties, such that the data owner and/or other third parties can verify that the outcome y = f(x) has been computed correctly by the third party. Thereby, approa...

Today’s computer users receive few assurances that their software executes as expected. The problem is that legacy devices do not enable personal verification of code execution. In addition, legacy devices lack trusted paths for secure user I/O making it difficult to ensure the privacy of data. We present PRISM, a software-only humanverifiable code execution system that temporally separates a l...

Aiming for strong security assurance, recently there has been an increasing interest in formal verification of cryptographic constructions. This paper presents a mechanised formal verification of the popular Pedersen commitment protocol, proving its security properties of correctness, perfect hiding, and computational binding. To formally verify the protocol, we extended the theory of EasyCrypt...

At Auscrpt’92, Harn and Yang first proposed the conception of (t, n) threshold undeniable signature, in which only subsets with at least t members can represent a group to generate, confirm or disavow a signature. Later, several schemes are proposed, but none of them is secure. So up to now, how to design a secure (t, n) threshold undeniable signature scheme is remained an open problem. In this...

The basic properties of soundness, extensibility, and stability required from a verification system V taken in full yield the necessity of having a reflection rule in every such V. However, the reflection rule based on the Gödel provability predicate (implicit provability predicate) leads to a "reflection tower" of theories which cannot be formally verified. The paper introduces an explicit ref...

Model-Driven Engineering enables to assess a system’s model properties since the early phases of its lifecycle and to improve iteratively these models according to the verification results. Safety critical real-time systems have stringent requirements related to the specification and verification of system’s task-level time constraints. The common formal methods used to assess these properties ...

This paper overviews the application of formal verification techniques to hardware in general, and to floating-point hardware in particular. A specific challenge is to connect the usual mathematical view of continuous arithmetic operations with the discrete world, in a credible and verifiable way.

Cheater detection and identification are important issues in the process of secret reconstruction. To detect and identify cheaters most of the algorithms need the dealer to generate and distribute additional information to shareholders. Recently, algorithms have been proposed to detect and identify cheaters. If more than t (i.e. the threshold) shares, for example j (i.e. t < j) shares in the se...