Using term rewriting to solve bit-vector arithmetic problems

Authors:
Iago Abal;Alcino Cunha;Joe Hurd;Jorge Sousa Pinto
Affiliations:
HASLab, INESC TEC & Universidade do Minho, Braga, Portugal;HASLab, INESC TEC & Universidade do Minho, Braga, Portugal;Galois, Inc., Portland, OR;HASLab, INESC TEC & Universidade do Minho, Braga, Portugal
Venue:
SAT'12 Proceedings of the 15th international conference on Theory and Applications of Satisfiability Testing
Year:
2012

Citing 3
Cited 1

Pragmatic equivalence and safety checking in Cryptol

Proceedings of the 3rd workshop on Programming languages meets program verification
The maude 2.0 system

RTA'03 Proceedings of the 14th international conference on Rewriting techniques and applications
Z3: an efficient SMT solver

TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems

Towards a mostly-automated prover for bit-vector arithmetic

Proceedings of the International C* Conference on Computer Science and Software Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Among many theories supported by SMT solvers, the theory of finite-precision bit-vector arithmetic is one of the most useful, for both hardware and software systems verification. This theory is also particularly useful for some specific domains such as cryptography, in which algorithms are naturally expressed in terms of bit-vectors. Cryptol is an example of a domain-specific language (DSL) and toolset for cryptography developed by Galois, Inc.; providing an SMT backend that relies on bit-vector decision procedures to certify the correctness of cryptographic specifications [3]. Most of these decision procedures use bit-blasting to reduce a bit-vector problem into pure propositional SAT. Unfortunately bit-blasting does not scale very well, especially in the presence of operators like multiplication or division.