Conflicts, Models and Heuristics for Quantifier Instantiation in SMT

Reynolds, Andrew

doi:10.29007/jmd3

Cited by 5 publications

(3 citation statements)

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…An SMT problem where the quantifiers are not specified is called a quantifier‐free problem, and it is equisatisfiable to the same SMT problem with existential quantifiers. On the other hand, SMT problems combining existential and for‐all quantifiers are called quantified problems, and these are much harder to solve [32].…”

Section: Preliminariesmentioning

confidence: 99%

Characteristic automated search of cryptographic algorithms for distinguishing attacks (CASCADA)

Ranea

Rijmen

2022

IET Information Security

View full text Add to dashboard Cite

Automated search methods based on Satisfiability Modulo Theory (SMT) problems are being widely used to evaluate the security of block ciphers against distinguishing attacks. While these methods provide a systematic and generic methodology, most of their software implementations are limited to a small set of ciphers and attacks, and extending these implementations requires significant effort and expertise. In this work, the authors present cryptographic algorithms for distinguishing attacks (CASCADA), an open-source Python library to evaluate the security of cryptographic primitives, specially block ciphers, against distinguishing attacks with bit-vector SMT solvers. The tool CASCADA implements the bit-vector property framework herein proposed and several SMT-based automated search methods to evaluate the security of ciphers against differential, relatedkey differential, rotational-XOR, impossible-differential, impossible-rotational-XOR, related-key impossible-differential, linear and zero-correlation cryptanalysis. The library CASCADA is the result of a huge engineering effort, and it provides many functionalities, a modular design, an extensive documentation and a complete suite of tests.This is an open access article under the terms of the Creative Commons Attribution License, which permits use, distribution and reproduction in any medium, provided the original work is properly cited.

show abstract

Section: Preliminariesmentioning

confidence: 99%

Characteristic automated search of cryptographic algorithms for distinguishing attacks (CASCADA)

Ranea

Rijmen

2022

IET Information Security

View full text Add to dashboard Cite

show abstract

“…Since we limit ourselves to terms of depth one, our method can fail to prove invariants requiring some more complex instantiations. Note that in that case it is always possible to change the choice and the refinement of the set G with more sophisticated methods [13,27]. Finally, we remark that, by limiting the possible refinements of G, our method has a notion of progress: given a transition system S and a candidate invariant φ, if there exists an n such that S n |= φ n , and if all the model checking problems S n |= φ n , with n < n , terminate, then our algorithm eventually finds a counterexample.…”

Section: Terminationmentioning

confidence: 99%

Verification of SMT Systems with Quantifiers

Cimatti

Griggio

Redondi

2022

Automated Technology for Verification and Analysis

View full text Add to dashboard Cite

We consider the problem of invariant checking for transition systems using SMT and quantified variables ranging over finite but unbounded domains. We propose a general approach, obtained by combining two ingredients: exploration of a finite instance, to obtain candidate inductive invariants, and instantiation-based techniques to discharge quantified queries. A thorough experimental evaluation on a wide range of benchmarks demonstrates the generality and effectiveness of our approach. Our algorithm is the first capable of approaching in a uniform way such a large variety of models.

show abstract

“…The development of quantified reasoning techniques over SMT solvers have typically been based on quantifier instantiation (see [Reynolds 2016] for a recent survey of these methods). The Simplify theorem prover [Detlefs et al 2005;Nelson 1980] introduced the E-matching technique, which chooses instantiations based on matching pattern terms.…”

Section: Related Workmentioning

confidence: 99%

Foundations for natural proofs and quantifier instantiation

Löding

Madhusudan

Peña

2017

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

We give foundational results that explain the efficacy of heuristics used for dealing with quantified formulas and recursive definitions. We develop a framework for first order logic (FOL) over an uninterpreted combination of background theories. Our central technical result is that systematic term instantiation is complete for a fragment of FOL that we call safe. Coupled with the fact that unfolding recursive definitions is essentially term instantiation and with the observation that heap verification engines generate verification conditions in the safe fragment explains the efficacy of verification engines like natural proofs that resort to such heuristics. Furthermore, we study recursive definitions with least fixpoint semantics and show that though they are not amenable to complete procedures, we can systematically introduce induction principles that in practice bridge the divide between FOL and FOL with recursive definitions.

show abstract

Conflicts, Models and Heuristics for Quantifier Instantiation in SMT

Cited by 5 publications

References 42 publications

Characteristic automated search of cryptographic algorithms for distinguishing attacks (CASCADA)

Characteristic automated search of cryptographic algorithms for distinguishing attacks (CASCADA)

Verification of SMT Systems with Quantifiers

Foundations for natural proofs and quantifier instantiation

Contact Info

Product

Resources

About