Automatic Equivalence Checking for Assembly Implementations of Cryptography Libraries

Lim, Jay P.; Nagarakatte, Santosh

doi:10.1109/cgo.2019.8661180

Cited by 9 publications

(9 citation statements)

References 44 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Significant progress could be made if functional correctness proofs could be solved by providing a sequence of simple transformations that connect specifications to targets and relying on an automatic tool to check these simple transformations. Promising recent work in this direction [118] demonstrates the feasibility of the approach. However, the current approaches are not automatic: neither in finding the transformations nor in proving them.…”

Section: Discussionmentioning

confidence: 92%

SoK: Computer-Aided Cryptography

Barbosa

Barthe

Bhargavan

et al. 2021

2021 IEEE Symposium on Security and Privacy (SP)

View full text Add to dashboard Cite

Computer-aided cryptography is an active area of research that develops and applies formal, machine-checkable approaches to the design, analysis, and implementation of cryptography. We present a cross-cutting systematization of the computer-aided cryptography literature, focusing on three main areas: (i) design-level security (both symbolic security and computational security), (ii) functional correctness and efficiency, and (iii) implementation-level security (with a focus on digital side-channel resistance). In each area, we first clarify the role of computer-aided cryptography-how it can help and what the caveats are-in addressing current challenges. We next present a taxonomy of state-of-the-art tools, comparing their accuracy, scope, trustworthiness, and usability. Then, we highlight their main achievements, trade-offs, and research challenges. After covering the three main areas, we present two case studies. First, we study efforts in combining tools focused on different areas to consolidate the guarantees they can provide. Second, we distill the lessons learned from the computer-aided cryptography community's involvement in the TLS 1.3 standardization effort. Finally, we conclude with recommendations to paper authors, tool developers, and standardization bodies moving forward.

show abstract

Section: Discussionmentioning

confidence: 92%

SoK: Computer-Aided Cryptography

Barbosa

Barthe

Bhargavan

et al. 2021

2021 IEEE Symposium on Security and Privacy (SP)

View full text Add to dashboard Cite

show abstract

“…The CASM [17] project verifies x86-based cryptography taken from OpenSSL, including SHA-256 (we verify SHA-384). CASM's toolchain is similar to ours, based on symbolic execution and SMT solvers.…”

Section: Related Workmentioning

confidence: 99%

Verified Cryptographic Code for Everybody

Boston

Breese

Dodds

et al. 2021

Lecture Notes in Computer Science

View full text Add to dashboard Cite

We have completed machine-assisted proofs of two highly-optimized cryptographic primitives, AES-256-GCM and SHA-384. We have verified that the implementations of these primitives, written in a mix of C and x86 assembly, are memory safe and functionally correct, by which we mean input-output equivalent to their algorithmic specifications. Our proofs were completed using SAW, a bounded cryptographic verification tool which we have extended to handle embedded x86. The code we have verified comes from AWS LibCrypto. This code is identical to BoringSSL and very similar to OpenSSL, from which it ultimately derives. We believe we are the first to formally verify these implementations, which protect the security of nearly everybody on the internet.

show abstract

“…Among many static approaches, our work is closely related to the graph-based method. [5,26,32,34,48]. Graphbased methods parse code into CFGs whose subtrees are searched using different graph matching techniques to obtain matching pairs.…”

Section: Static and Dynamic Analysismentioning

confidence: 99%

Verification of Functional Correctness of Code Diversification Techniques

Jang

Verbeek

Ravindran

2021

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Code diversification techniques are popular code-reuse attacks defense. The majority of code diversification research focuses on analyzing non-functional properties, such as whether the technique improves security. This paper provides a methodology to verify functional equivalence between the original and a diversified binary. We present a formal notion of binary equivalence resilient to diversification. Moreover, an algorithm is presented that checks whether two binaries -one original and one diversified -satisfy that notion of equivalence. The purpose of our work is to allow untrusted diversification techniques in a safety-critical context. We apply the methodology to three state-ofthe-art diversification techniques used on the GNU Coreutils package. Overall, results show that our method can prove functional equivalence for 85,315 functions in the analyzed binaries.

show abstract

Automatic Equivalence Checking for Assembly Implementations of Cryptography Libraries

Cited by 9 publications

References 44 publications

SoK: Computer-Aided Cryptography

SoK: Computer-Aided Cryptography

Verified Cryptographic Code for Everybody

Verification of Functional Correctness of Code Diversification Techniques

Contact Info

Product

Resources

About