Verifying Cryptographic Software Correctness with Respect to Reference Implementations

Authors:
José Bacelar Almeida;Manuel Barbosa;Jorge Sousa Pinto;Bárbara Vieira
Affiliations:
CCTC / Departamento de Informática, Universidade do Minho, Braga, Portugal 4710;CCTC / Departamento de Informática, Universidade do Minho, Braga, Portugal 4710;CCTC / Departamento de Informática, Universidade do Minho, Braga, Portugal 4710;CCTC / Departamento de Informática, Universidade do Minho, Braga, Portugal 4710
Venue:
FMICS '09 Proceedings of the 14th International Workshop on Formal Methods for Industrial Critical Systems
Year:
2009

Citing 11
Cited 1

Applied cryptography (2nd ed.): protocols, algorithms, and source code in C

Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Logical and mathematical reasoning about imperative programs: preliminary report

POPL '85 Proceedings of the 12th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
An axiomatic basis for computer programming

Communications of the ACM
The SLAM project: debugging system software via static analysis

POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Lazy abstraction

POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Simple relational correctness proofs for static analyses and program transformations

Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Secure Information Flow by Self-Composition

CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Downgrading policies and relaxed noninterference

Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Simplify: a theorem prover for program checking

Journal of the ACM (JACM)
The Why/Krakatoa/Caduceus platform for deductive program verification

CAV'07 Proceedings of the 19th international conference on Computer aided verification
Secure information flow as a safety problem

SAS'05 Proceedings of the 12th international conference on Static Analysis

Formal verification of side-channel countermeasures using self-composition

Science of Computer Programming

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper presents techniques developed to check program equivalences in the context of cryptographic software development, where specifications are typically reference implementations. The techniques allow for the integration of interactive proof techniques (required given the difficulty and generality of the results sought) in a verification infrastructure that is capable of discharging many verification conditions automatically. To this end, the difficult results in the verification process (to be proved interactively) are isolated as a set of lemmas. The fundamental notion of natural invariant is used to link the specification level and the interactive proof construction process.