Cookies
O website necessita de alguns cookies e outros recursos semelhantes para funcionar. Caso o permita, o INESC TEC irá utilizar cookies para recolher dados sobre as suas visitas, contribuindo, assim, para estatísticas agregadas que permitem melhorar o nosso serviço. Ver mais
Aceitar Rejeitar
  • Menu
    Sobre

    Sobre

    Sou Professor Associado com Agregação no Departamento de Ciência de Computadores da Faculdade de Ciências da Universidade do Porto (DCC-FCUP) e investigador do HASLab/INESC TEC. Os meus interesses de investigação centram-se na Criptografia e Segurança da Informação e na sua intersecção com a Verificação de Programas.

    Sou Doutorado em Electrical and Electronic Engineering pela Newcastle University, e licenciado em Engenharia Electrotécnica e de Computadores pela FEUP. Fui investigador visitante na University of Bristol, IT Porto e na École Normale Supérieure. Entre 2023 e 2025 fui investigador convidado no Max Planck Institute for Security and Privacy.

    Trabalho no desenvolvimento de software criptográfico confiável há 20 anos, com o objectivo de estabelecer uma ligação entre a segurança teórica e a segurança de aplicações reais. Interesso-me particularmente pela segurança demonstrável e a sua ligação à verificação formal de provas de segurança e de implementações de software criptográfico.

    Para informação sobre a minha investigação, projectos e publicações, por favor consultar a minha página no HASLab.

    Para informação sobre as minhas actividades de ensino, por favor consultar a minha página institucional na FCUP.

    Tópicos
    de interesse
    Explore tópicos de interesse
    Detalhes

    Detalhes

    • Nome

      Manuel Barbosa

    • Desde

      01 novembro 2011
    009
    Publicações
    Ler todas as publicações

    2025

    Jazzline: Composable CryptoLine Functional Correctness Proofs for Jasmin Programs

    Autores
    Almeida, JB; Barbosa, M; Barthe, G; Blatter, L; Marinho Alves, GXD; Duarte, JD; Grégoire, B; Oliveira, T; Quaresma, M; Strub, PY; Tsai, MH; Wang, BY; Yang, BY;

    Publicação
    CCS

    Abstract

    2025

    CCS25 - Artifact for "Jazzline: Composable CryptoLine functional correctness proofs for Jasmin programs"

    Autores
    Almeida, JB; Barbosa, M; BARTHE, G; Blatter, L; Duarte, JD; Marinho Alves, GXD; Grégoire, B; Oliveira, T; Quaresma, M; Strub, PY; Tsai, MH; Wang, BY; Yang, BY;

    Publicação
    Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security

    Abstract
    Jasmin is a programming language for high-speed and high-assurance cryptography. Correctness proofs of Jasmin programs are typically carried out deductively in EasyCrypt. This allows generality, modularity and composable reasoning, but does not scale well for low-level architecture-specific routines. CryptoLine offers a semi-automatic approach to formally verify algebraically-rich low-level cryptographic routines. CryptoLine proofs are self-contained: they are not integrated into higher-level formal verification developments. This paper shows how to soundly use CryptoLine to discharge subgoals in functional correctness proofs for complex Jasmin programs. We extend Jasmin with annotations and provide an automatic translation into a CryptoLine model, where most complex transformations are certified. We also formalize and implement the automatic extraction of the semantics of a CryptoLine proof to EasyCrypt. Our motivating use-case is the X-Wing hybrid KEM, for which we present the first formally verified implementation. © 2025 Copyright held by the owner/author(s).

    FecharLer Abstract

    2025

    Formally Verified Correctness Bounds for Lattice-Based Cryptography

    Autores
    Barbosa, M; Kannwischer, MJ; Lim, TH; Schwabe, P; Strub, PY;

    Publicação
    CCS

    Abstract
    Decryption errors play a crucial role in the security of KEMs based on Fujisaki-Okamoto because the concrete security guarantees provided by this transformation directly depend on the probability of such an event being bounded by a small real number. In this paper we present an approach to formally verify the claims of statistical probabilistic bounds for incorrect decryption in lattice-based KEM constructions. Our main motivating example is the PKE encryption scheme underlying ML-KEM. We formalize the statistical event that is used in the literature to heuristically approximate ML-KEM decryption errors and confirm that the upper bounds given in the literature for this event are correct. We consider FrodoKEM as an additional example, to demonstrate the wider applicability of the approach and the verification of a correctness bound without heuristic approximations. We also discuss other (non-approximate) approaches to bounding the probability of ML-KEM decryption. © 2025 Copyright held by the owner/author(s).

    FecharLer Abstract

    2025

    Privacy and Security of FIDO2 Revisited

    Autores
    Barbosa, M; Boldyreva, A; Chen, S; Cheng, K; Esquível, L;

    Publicação
    Proc. Priv. Enhancing Technol.

    Abstract

    2025

    Tempo: ML-KEM to PAKE Compiler Resilient to Timing Attacks

    Autores
    Arriaga, A; Barbosa, M; Jarecki, S;

    Publicação
    IACR Cryptol. ePrint Arch.

    Abstract