An Approach to Formal Verification of Arithmetic Functions in Assembly

Affeldt, Reynald; Marti, Nicolas

doi:10.1007/978-3-540-77505-8_27

Cited by 11 publications

(20 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…14), it avoids the costly multi-precision division while benefiting from specifically-tailored instructions in cryptography-enhanced architectures such as SmartMIPS [Mips01]. Moreover, we already have a formal proof for an optimized version of the Montgomery multiplication [AM06], whereas, to the best of our knowledge, such a formal proof for multi-precision division does not exist yet.…”

Section: Implementation Of Modular Multiplication In Assemblymentioning

confidence: 99%

“…Algorithms in pseudo-code and illustrations can be found in [MOV01], ch. 14; [AM06] provides a concrete implementation of the Montgomery multiplication together with its formal verification.…”

Section: Implementation Of Modular Multiplication In Assemblymentioning

confidence: 99%

“…With such tools, formal verification is by default performed interactively (by means of tactics) but interaction can be automated and intermediate results can be aggregated (in the form of libraries of lemmas) to facilitate other formal verifications. As a consequence, various frameworks for formal verification of cryptography using proof assistants based on proof theory have already been proposed: on the one hand, [AM06,MG07] for cryptographic assembly code, and on the other hand, [ATM07, BBU08, BGZ09, Now07] for security proofs. However, it is not clear how to connect them in practice, or, in other words, how the formal security proof for a cryptographic primitive relates to its formally-verified implementation.…”

Section: Introductionmentioning

confidence: 99%

“…This choice of application is not gratuitous: this is the first step before verifying more cryptographic primitives, since many of them actually rely on pseudorandom number generation. To achieve our goal, we extend and integrate two existing frameworks developed for the Coq proof assistant: one for formal verification of assembly code [AM06], and another for formal verification of cryptographic primitives [Now07]. More precisely, our technical contributions consist in the following:…”

Section: Introductionmentioning

confidence: 99%

“…• We extend the formal framework for assembly code of [AM06] to connect with the formal framework for security proofs of [Now07]. Various technical extensions are called for, that range from the natural issue of encoding mathematical objects such as arbitrarily-large integers into computer memory, to technical issues such as composition of assembly snippets to achieve verification of large programs.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Certifying assembly with formal security proofs: The case of BBS

Affeldt

Nowak

Yamada

2012

Science of Computer Programming

Self Cite

View full text Add to dashboard Cite

With today's dissemination of embedded systems manipulating sensitive data, it has become important to equip low-level programs with strong security guarantees. Unfortunately, security proofs as done by cryptographers are about algorithms, not about concrete implementations running on hardware. In this article, we show how to perform security proofs to guarantee the security of assembly language implementations of cryptographic primitives. Our approach is based on a framework in the Coq proof assistant that integrates correctness proofs of assembly programs with game-playing proofs of provable security. We demonstrate the usability of our approach using the Blum-Blum-Shub pseudorandom number generator, for which a MIPS implementation for smartcards is shown cryptographically secure.

show abstract

Section: Implementation Of Modular Multiplication In Assemblymentioning

confidence: 99%

Section: Implementation Of Modular Multiplication In Assemblymentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Certifying assembly with formal security proofs: The case of BBS

Affeldt

Nowak

Yamada

2012

Science of Computer Programming

Self Cite

View full text Add to dashboard Cite

show abstract

Formal Proof of Provable Security by Game-Playing in a Proof Assistant

Self Cite

View full text Add to dashboard Cite

Abstract. Game-playing is an approach to write security proofs that are easy to verify. In this approach, security definitions and intractable problems are written as programs called games and reductionist security proofs are sequences of game transformations. This bias towards programming languages suggests the implementation of a tool based on compiler techniques (syntactic program transformations) to build security proofs, but it also raises the question of the soundness of such a tool. In this paper, we advocate the formalization of game-playing in a proof assistant as a tool to build security proofs. In a proof assistant, starting from just the formal definition of a probabilistic programming language, all the properties required in game-based security proofs can be proved internally as lemmas whose soundness is ensured by proof theory. Concretely, we show how to formalize the game-playing framework of Bellare and Rogaway in the Coq proof assistant, how to prove formally reusable lemmas such as the fundamental lemma of game-playing, and how to use them to formally prove the PRP/PRF Switching Lemma.

show abstract

On construction of a library of formally verified low-level arithmetic functions

Affeldt

2013

Innovations Syst Softw Eng

Self Cite

View full text Add to dashboard Cite

Most information security infrastructures rely on cryptography, which is usually implemented with low-level arithmetic functions. The formal verification of these functions therefore becomes a prerequisite to firmly assess any security property. We propose an approach for the construction of a library of formally verified low-level arithmetic functions that can be used to implement realistic cryptographic schemes in a trustful way. For that purpose, we introduce a formalization of data structures for signed multi-precision arithmetic and we experiment it with formal verification of basic functions, using Separation logic. Because this direct style of formal verification leads to technically involved specifications, we also propose for larger functions to show a formal simulation relation between pseudo-code and assembly. This is illustrated with the binary extended gcd algorithm.

show abstract

An Approach to Formal Verification of Arithmetic Functions in Assembly

Cited by 11 publications

References 12 publications

Certifying assembly with formal security proofs: The case of BBS

Certifying assembly with formal security proofs: The case of BBS

Formal Proof of Provable Security by Game-Playing in a Proof Assistant

On construction of a library of formally verified low-level arithmetic functions

Contact Info

Product

Resources

About