M. Abadi and V. Cortier, Deciding knowledge in security protocols under equational theories, Theoretical Computer Science, vol.367, issue.1-2, pp.2-32, 2006.
DOI : 10.1016/j.tcs.2006.08.032

URL : https://hal.archives-ouvertes.fr/inria-00000554

M. Abadi and P. Rogaway, Reconciling Two Views of Cryptography (The Computational Soundness of Formal Encryption)*, Journal of Cryptology, vol.15, issue.2, pp.103-127, 2002.
DOI : 10.1007/s00145-001-0014-7

R. Affeldt, M. Tanaka, and N. Marti, Formal Proof of Provable Security by Game-Playing in a Proof Assistant, 1st International conference on Provable Security, pp.151-168, 2007.
DOI : 10.1007/978-3-540-75670-5_10

T. Amtoft, S. Bandhakavi, and A. Banerjee, A logic for information flow in object-oriented programs, 33rd ACM SIGPLAN-SIGACT symposium on Principles of Programming Languages, POPL 2006, pp.91-102, 2006.

P. Audebaud and C. Paulin-mohring, Proofs of randomized algorithms in Coq, Science of Computer Programming, vol.74, issue.8, pp.568-589, 2009.
DOI : 10.1016/j.scico.2007.09.002

URL : https://hal.archives-ouvertes.fr/inria-00431771

M. Backes and P. Laud, Computationally sound secrecy proofs by mechanized flow analysis, Proceedings of the 13th ACM conference on Computer and communications security , CCS '06, pp.370-379, 2006.
DOI : 10.1145/1180405.1180450

URL : https://hal.archives-ouvertes.fr/inria-00080498

M. Backes and B. Pfitzmann, Limits of the Cryptographic Realization of Dolev-Yao-Style XOR, Computer Security ? ESORICS 2005, 10th European symposium on Research in Computer Security, pp.178-196, 2005.
DOI : 10.1007/11555827_11

M. Backes, M. Berg, and D. Unruh, A Formal Language for Cryptographic Pseudocode, 15th International conference on Logic for Programming, Artificial Intelligence and Reasoning, pp.353-376, 2008.
DOI : 10.1007/978-3-540-89439-1_26

M. Backes, C. Hritcu, and M. Maffei, Type-checking zero-knowledge, Proceedings of the 15th ACM conference on Computer and communications security, CCS '08, pp.357-370, 2008.
DOI : 10.1145/1455770.1455816

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

M. Backes, M. Maffei, and D. Unruh, Zero-Knowledge in the Applied Pi-calculus and Automated Verification of the Direct Anonymous Attestation Protocol, 2008 IEEE Symposium on Security and Privacy (sp 2008), pp.202-215, 2008.
DOI : 10.1109/SP.2008.23

M. Backes, M. P. Grochulla, C. Hritcu, and M. Maffei, Achieving Security Despite Compromise Using Zero-knowledge, 2009 22nd IEEE Computer Security Foundations Symposium, pp.308-323, 2009.
DOI : 10.1109/CSF.2009.24

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

M. Backes, M. Maffei, and D. Unruh, Computationally sound verification of source code, Proceedings of the 17th ACM conference on Computer and communications security, CCS '10, 2010.
DOI : 10.1145/1866307.1866351

E. Bangerter, J. Camenisch, S. Krenn, A. Sadeghi, and T. Schneider, Automatic generation of sound zero-knowledge protocols. Cryptology ePrint Archive, Report, vol.471, pp.130-131, 2008.

E. Bangerter, J. Camenisch, and S. Krenn, Efficiency Limitations for ??-Protocols for Group Homomorphisms, 7th Theory of Cryptography conference, TCC 2010, pp.553-571, 2010.
DOI : 10.1007/3-540-44647-8_15

G. Barthe, J. Cederquist, and S. Tarento, A Machine-Checked Formalization of the Generic Model and the Random Oracle Model, Automated Reasoning, 2nd International Joint conference, pp.385-399, 2004.
DOI : 10.1007/978-3-540-25984-8_29

G. Barthe, B. Grégoire, S. Heraud, and S. Zanella-béguelin, Formal Certification of ElGamal Encryption, 5th International workshop on Formal Aspects in Security and Trust, pp.1-19, 2008.
DOI : 10.1007/978-3-642-01465-9_1

G. Barthe, B. Grégoire, C. Kunz, and T. Rezk, Certificate translation for optimizing compilers, ACM Transactions on Programming Languages and Systems, vol.31, issue.5, pp.1-45, 2009.
DOI : 10.1145/1538917.1538919

G. Barthe, B. Grégoire, and S. Zanella-béguelin, Formal certification of code-based cryptographic proofs, 36th ACM SIGPLAN-SIGACT symposium on Principles of Programming Languages, POPL 2009, pp.90-101, 2009.

G. Barthe, M. Daubignard, B. Kapron, and Y. Lakhnech, Computational indistinguishability logic, Proceedings of the 17th ACM conference on Computer and communications security, CCS '10
DOI : 10.1145/1866307.1866350

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

G. Barthe, D. Hedin, S. Zanella-béguelin, B. Gregoire, and S. Heraud, A Machine-Checked Formalization of Sigma-Protocols, 2010 23rd IEEE Computer Security Foundations Symposium, pp.246-260
DOI : 10.1109/CSF.2010.24

URL : https://hal.archives-ouvertes.fr/inria-00552886

M. Bellare and P. Rogaway, Random oracles are practical, Proceedings of the 1st ACM conference on Computer and communications security , CCS '93, pp.62-73, 1993.
DOI : 10.1145/168588.168596

M. Bellare and P. Rogaway, Optimal asymmetric encryption, Advances in Cryptology ? EUROCRYPT 1994, pp.92-111, 1994.
DOI : 10.1007/BFb0053428

M. Bellare and P. Rogaway, The Exact Security of Digital Signatures-How to Sign with RSA and Rabin, Advances in Cryptology ? EUROCRYPT 1996, pp.399-416, 1996.
DOI : 10.1007/3-540-68339-9_34

M. Bellare and P. Rogaway, The Security of Triple Encryption and a Framework??for??Code-Based??Game-Playing??Proofs, Advances in Cryptology ? EUROCRYPT 2006, pp.409-426, 2006.
DOI : 10.1007/11761679_25

M. Bellare, D. Hofheinz, and E. Kiltz, Subtleties in the definition of IND-CCA: When and how should challenge-decryption be disallowed? Cryptology ePrint Archive, Report, vol.418, issue.36, p.33, 2009.

. Benton, Simple relational correctness proofs for static analyses and program transformations, 31st ACM SIGPLAN-SIGACT symposium on Principles of Programming Languages, POPL 2004, pp.14-25, 2004.

Y. Bertot, B. Grégoire, and X. Leroy, A Structured Approach to Proving Compiler Optimizations Based on Dataflow Analysis, Types for Proofs and Programs, pp.66-81, 2006.
DOI : 10.1007/11617990_5

URL : https://hal.archives-ouvertes.fr/inria-00289549

B. Blanchet, A computationally sound mechanized prover for security protocols, 27th IEEE symposium on Security and Privacy, pp.140-154, 2006.

B. Blanchet, A Computationally Sound Mechanized Prover for Security Protocols, IEEE Transactions on Dependable and Secure Computing, vol.5, issue.4, pp.193-207, 2008.
DOI : 10.1109/TDSC.2007.1005

B. Blanchet and D. Pointcheval, Automated Security Proofs with Sequences of Games, Advances in Cryptology ? CRYPTO 2006, pp.537-554, 2006.
DOI : 10.1007/11818175_32

B. Blanchet, A. D. Jaggard, A. Scedrov, and J. Tsay, Computationally sound mechanized proofs for basic and public-key Kerberos, Proceedings of the 2008 ACM symposium on Information, computer and communications security , ASIACCS '08, pp.87-99, 2008.
DOI : 10.1145/1368310.1368326

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

M. Blum, P. Feldman, and S. Micali, Non-interactive zero-knowledge and its applications, Proceedings of the twentieth annual ACM symposium on Theory of computing , STOC '88, pp.103-112, 1988.
DOI : 10.1145/62212.62222

D. Boneh, Simplified OAEP for the RSA and Rabin Functions, Advances in Cryptology ? CRYPTO 2001, pp.275-291, 2001.
DOI : 10.1007/3-540-44647-8_17

D. Brown, What hashes make RSA-OAEP secure? Cryptology ePrint Archive, Report, vol.223, 2006.

S. Cavallar, B. Dodson, A. Lenstra, W. Lioen, P. Montgomery et al., Factorization of a 512-Bit RSA Modulus, Advances in Cryptology ? EUROCRYPT, pp.1-18, 2000.
DOI : 10.1007/3-540-45539-6_1

URL : https://hal.archives-ouvertes.fr/inria-00099117

J. Coron, On the Exact Security of Full Domain Hash, Advances in Cryptology ? CRYPTO, pp.229-235, 2000.
DOI : 10.1007/3-540-44598-6_14

J. Coron, Optimal Security Proofs for PSS and Other Signature Schemes, Advances in Cryptology ? EUROCRYPT 2002, pp.272-287, 2002.
DOI : 10.1007/3-540-46035-7_18

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

V. Cortier and B. Warinschi, Computationally Sound, Automated Proofs for Security Protocols, Programming Languages and Systems, 14th European symposium on Programming, pp.157-171, 2005.
DOI : 10.1007/978-3-540-31987-0_12

URL : https://hal.archives-ouvertes.fr/inria-00000556

V. Cortier, S. Kremer, and B. Warinschi, A Survey of Symbolic Methods in Computational Analysis of Cryptographic Systems, Journal of Automated Reasoning, vol.13, issue.1, pp.1-35, 2010.
DOI : 10.1007/s10817-010-9187-9

URL : https://hal.archives-ouvertes.fr/inria-00525776

J. Courant, M. Daubignard, C. Ene, P. Lafourcade, and Y. Lakhnech, Towards automated proofs for asymmetric encryption schemes in the random oracle model, Proceedings of the 15th ACM conference on Computer and communications security, CCS '08, pp.371-380, 2008.
DOI : 10.1145/1455770.1455817

R. Cramer, Modular Design of Secure yet Practical Cryptographic Protocols. PhD thesis, CWI and Uni. of Amsterdam, pp.111-127, 1996.

I. Damgård, On the Existence of Bit Commitment Schemes and Zero-Knowledge Proofs, Advances in Cryptology ? CRYPTO 1989, pp.17-27, 1990.
DOI : 10.1007/0-387-34805-0_3

I. Damgård, Efficient Concurrent Zero-Knowledge in the Auxiliary String Model, Advances in Cryptology ? EUROCRYPT, pp.418-430, 2000.
DOI : 10.1007/3-540-45539-6_30

I. Damgård, On sigma-protocols, Lecture Notes on Cryptologic Protocol Theory, 2010.

I. Damgård and B. Pfitzmann, Sequential iteration of interactive arguments and an efficient zero-knowledge argument for NP, Automata, Languages and Programming, 25th International Colloquiumm, pp.772-783, 1998.
DOI : 10.1007/BFb0055101

J. Hartog, Towards mechanized correctness proofs for cryptographic algorithms, Science of Computer Programming, vol.74, issue.1-2, pp.52-63, 2008.
DOI : 10.1016/j.scico.2008.09.006

U. Feige, A. Fiat, and A. Shamir, Zero-knowledge proofs of identity, Journal of Cryptology, vol.3, issue.2, pp.77-94, 1988.
DOI : 10.1007/BF02351717

A. Fiat and A. Shamir, How To Prove Yourself: Practical Solutions to Identification and Signature Problems, Advances in Cryptology ? CRYPTO 1986, pp.186-194, 1987.
DOI : 10.1007/3-540-47721-7_12

E. Fujisaki and T. Okamoto, How to Enhance the Security of Public-Key Encryption at Minimum Cost, 2nd International workshop on Practice and Theory in Public Key Cryptography, PKC 1999, pp.634-634, 1999.
DOI : 10.1007/3-540-49162-7_5

E. Fujisaki, T. Okamoto, D. Pointcheval, and J. Stern, RSA-OAEP Is Secure under the RSA Assumption, Journal of Cryptology, vol.17, issue.2, pp.81-104, 2004.
DOI : 10.1007/s00145-002-0204-y

J. A. Garay, P. Mackenzie, and K. Yang, Strengthening Zero-Knowledge Protocols Using Signatures, Journal of Cryptology, vol.19, issue.2, pp.169-209, 2006.
DOI : 10.1007/s00145-005-0307-3

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

O. Goldreich, Foundations of Cryptography: Basic Tools, 2001.

O. Goldreich, Zero-knowledge twenty years after its invention, Electronic Colloquium on Computational Complexity, pp.111-132, 2002.

O. Goldreich and Y. Oren, Definitions and properties of zero-knowledge proof systems, Journal of Cryptology, vol.7, issue.1, pp.1-32, 1994.
DOI : 10.1007/BF00195207

O. Goldreich, S. Goldwasser, and S. Micali, How to construct random functions, Journal of the ACM, vol.33, issue.4, pp.792-807, 1986.
DOI : 10.1145/6490.6503

S. Goldwasser and S. Micali, Probabilistic encryption, Journal of Computer and System Sciences, vol.28, issue.2, pp.270-299, 1984.
DOI : 10.1016/0022-0000(84)90070-9

URL : http://doi.org/10.1016/0022-0000(84)90070-9

S. Goldwasser, S. Micali, and C. Rackoff, The Knowledge Complexity of Interactive Proof Systems, SIAM Journal on Computing, vol.18, issue.1, pp.186-208, 1989.
DOI : 10.1137/0218012

G. Gonthier, Formal Proof ? The Four Colour Theorem, Notices of the AMS, vol.55, issue.11, pp.1382-1393, 2008.

L. Guillou and J. Quisquater, A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing Both Transmission and Memory, Advances in Cryptology ? EUROCRYPT 1988, pp.123-128, 1988.
DOI : 10.1007/3-540-45961-8_11

T. Hales, Formal Proof. Notices of the AMS, pp.1370-1380, 2008.

T. Hales, J. Harrison, S. Mclaughlin, T. Nipkow, S. Obua et al., A Revision of the Proof of the Kepler Conjecture, Discrete & Computational Geometry, vol.70, issue.4, pp.1-34, 2010.
DOI : 10.1007/s00454-009-9148-4

S. Halevi, A plausible approach to computer-aided cryptographic proofs. Cryptology ePrint Archive, Report, vol.181, 2005.

C. Hall, D. Wagner, J. Kelsey, and B. Schneier, Building PRFs from PRPs, Advances in Cryptology ? CRYPTO 1998, pp.370-389, 1998.
DOI : 10.1007/BFb0055742

J. Håstad, R. Impagliazzo, L. A. Levin, and M. Luby, A Pseudorandom Generator from any One-way Function, SIAM Journal on Computing, vol.28, issue.4, pp.1364-1396, 1999.
DOI : 10.1137/S0097539793244708

M. Hofmann, A mixed modal/linear lambda calculus with applications to bellantoni-cook safe recursion, 11th International workshop on Computer Science Logic, pp.275-294, 1997.
DOI : 10.1007/BFb0028020

J. Hurd, A. Mciver, and C. Morgan, Probabilistic guarded commands mechanized in HOL, Theoretical Computer Science, vol.346, issue.1, pp.96-112, 2005.
DOI : 10.1016/j.tcs.2005.08.005

R. Impagliazzo and B. M. Kapron, Logics for reasoning about cryptographic constructions, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings., pp.286-320, 2006.
DOI : 10.1109/SFCS.2003.1238211

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

R. Impagliazzo and S. Rudich, Limits on the provable consequences of one-way permutations, Proceedings of the twenty-first annual ACM symposium on Theory of computing , STOC '89, pp.44-61, 1989.
DOI : 10.1145/73007.73012

B. Jonsson, W. Yi, and K. G. Larsen, Probabilistic extensions of process algebras, Handbook of Process Algebra, pp.685-710, 2001.

J. Katz and N. Wang, Efficiency improvements for signature schemes with tight security reductions, Proceedings of the 10th ACM conference on Computer and communication security , CCS '03, pp.155-164, 2003.
DOI : 10.1145/948109.948132

E. Kiltz and K. Pietrzak, On the Security of Padding-Based Encryption Schemes ??? or ??? Why We Cannot Prove OAEP Secure in the Standard Model, Advances in Cryptology ? EUROCRYPT 2009, pp.389-406, 2009.
DOI : 10.1007/BFb0054137

E. Kiltz, A. O. Neill, and A. Smith, Instantiability of RSA-OAEP under Chosen-Plaintext Attack, Advances in Cryptology ? CRYPTO 2010, pp.295-313, 2010.
DOI : 10.1007/978-3-642-14623-7_16

G. Klein and T. Nipkow, A machine-checked model for a Java-like language, virtual machine, and compiler, ACM Transactions on Programming Languages and Systems, vol.28, issue.4, pp.619-695, 2006.
DOI : 10.1145/1146809.1146811

G. Klein, K. Elphinstone, G. Heiser, J. Andronick, D. Cock et al., seL4, Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles, SOSP '09, pp.207-220, 2009.
DOI : 10.1145/1629575.1629596

T. Kleinjung, K. Aoki, J. Franke, A. Lenstra, E. Thomé et al., Factorization of a 768-Bit RSA Modulus, Advances in Cryptology ? CRYPTO 2010, pp.333-350, 2010.
DOI : 10.1007/978-3-642-14623-7_18

URL : https://hal.archives-ouvertes.fr/inria-00444693

D. Kozen, Semantics of probabilistic programs, 20th Annual Symposium on Foundations of Computer Science (sfcs 1979), pp.328-350, 1981.
DOI : 10.1109/SFCS.1979.38

URL : http://dx.doi.org/10.1016/0022-0000(81)90036-2

P. Laud, Semantics and Program Analysis of Computationally Secure Information Flow, Programming Languages and Systems, 10th European symposium on Programming, pp.77-91, 2001.
DOI : 10.1007/3-540-45309-1_6

A. K. Lenstra and H. W. Jr, The Development of the Number Field Sieve, Lecture Notes in Mathematics, vol.1554, 1993.
DOI : 10.1007/BFb0091534

A. K. Lenstra and E. R. Verheul, Selecting Cryptographic Key Sizes, Journal of Cryptology, vol.14, issue.4, pp.255-293, 2001.
DOI : 10.1007/s00145-001-0009-4

A. K. Lenstra, E. Tromer, A. Shamir, W. Kortsmit, B. Dodson et al., Factoring Estimates for a 1024-Bit RSA Modulus, Advances in Cryptology ? ASIACRYPT 2003, pp.55-74, 2003.
DOI : 10.1007/978-3-540-40061-5_4

X. Leroy, Formal certification of a compiler back-end, or: programming a compiler with a proof assistant, 33rd ACM SIGPLAN-SIGACT symposium on Principles of Programming Languages, POPL 2006, pp.42-54, 2006.
URL : https://hal.archives-ouvertes.fr/inria-00000963

M. Luby and C. Rackoff, How to Construct Pseudorandom Permutations from Pseudorandom Functions, SIAM Journal on Computing, vol.17, issue.2, pp.373-386, 1988.
DOI : 10.1137/0217022

U. Maurer, Unifying Zero-Knowledge Proofs of Knowledge, Progress in Cryptology ? AFRICACRYPT 2009, pp.272-286, 2009.
DOI : 10.1145/359340.359342

C. Meadows, Formal methods for cryptographic protocol analysis: emerging issues and trends, IEEE Journal on Selected Areas in Communications, vol.21, issue.1, pp.44-54, 2003.
DOI : 10.1109/JSAC.2002.806125

D. Nowak, A Framework for Game-Based Security Proofs, 9th International conference on Information and Communications Security, pp.319-333, 2007.
DOI : 10.1007/978-3-540-77048-0_25

T. Okamoto, Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes, Advances in Cryptology ? CRYPTO 1992, pp.31-53, 1993.
DOI : 10.1007/3-540-48071-4_3

D. Okamoto and . Pointcheval, The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes, 4th International workshop on Practice and Theory in Public Key Cryptography, PKC 2001, pp.104-118, 1992.
DOI : 10.1007/3-540-44586-2_8

T. Okamoto and D. Pointcheval, REACT: Rapid Enhanced-Security Asymmetric Cryptosystem Transform, Topics in Cryptology ? CT-RSA 2001, pp.159-174, 2001.
DOI : 10.1007/3-540-45353-9_13

L. C. Paulson, The inductive approach to verifying cryptographic protocols, Journal of Computer Security, vol.6, issue.1-2, pp.85-128, 1998.
DOI : 10.3233/JCS-1998-61-205

N. Ramsey and A. Pfeffer, Stochastic lambda calculus and monads of probability distributions, 29th ACM SIGPLAN-SIGACT symposium on Principles of Programming Languages, POPL 2002, pp.154-165, 2002.

A. Roy, A. Datta, A. Derek, and J. Mitchell, Inductive Proofs of Computational Secrecy, Computer Security ? ESORICS 2007, 12th European symposium on Research In Computer Security, pp.219-234, 2008.
DOI : 10.1007/978-3-540-74835-9_15

A. Sabelfeld and D. Sands, A Per Model of Secure Information Flow in Sequential Programs, Higher-Order and Symbolic Computation, pp.59-91, 2001.
DOI : 10.1007/3-540-49099-X_4

C. Schnorr, Efficient signature generation by smart cards, Journal of Cryptology, vol.4, issue.3, pp.161-174, 1991.
DOI : 10.1007/BF00196725

A. Shamir and E. Tromer, On the cost of factoring RSA-1024, RSA CryptoBytes, vol.6, pp.10-19, 2003.

V. Shoup, OAEP Reconsidered, Advances in Cryptology ? CRYPTO 2001, pp.239-259, 2001.
DOI : 10.1007/3-540-44647-8_15

V. Shoup, Sequences of games: a tool for taming complexity in security proofs, Cryptology ePrint Archive Report, vol.332, 2004.

C. Sprenger and D. Basin, Cryptographically-sound protocol-model abstractions, 21st IEEE Computer Security Foundations symposium, CSF 2008, pp.115-129, 2008.

J. Stern, Why Provable Security Matters?, Advances in Cryptology ? EUROCRYPT 2003, pp.644-644, 2003.
DOI : 10.1007/3-540-39200-9_28

Y. Zhang, The Computational SLR: A Logic for Reasoning about Computational Indistinguishability, 8th International conference on Typed Lambda Calculi and Applications, pp.401-415, 2008.
DOI : 10.1007/978-3-540-77048-0_25