论文信息 - Hardware/software co-verification of cryptographic algorithms using Cryptol

Hardware/software co-verification of cryptographic algorithms using Cryptol

Cryptol is a programming language designed for specifying cryptographic algorithms. Despite its high-level modeling nature, Cryptol programs are fully executable. Further, a large subset of Cryptol can be automatically synthesized to hardware. To meet the inherent high-assurance requirements of cryptographic systems, Cryptol comes with a suite of formal-methods based tools that enable users to perform various program verification tasks. In this paper, we provide an overview of Cryptol and its verification toolset, especially focusing on the co-verification of third-party VHDL implementations against highlevel Cryptol specifications. As a case study, we demonstrate the technique on two hand-written VHDL implementations of the Skein hash algorithm.

Magnus Carlsson | Adam Wick | Levent Erkök

[1] Stefan Lucks,et al. The Skein Hash Function Family , 2009 .

[2] Amir Pnueli,et al. The Code Validation Tool (CVT) , 1998, International Journal on Software Tools for Technology Transfer (STTT).

[3] Malay K. Ganai,et al. Robust Boolean reasoning for equivalence checking and functional property verification , 2002, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[4] Warren A. Hunt,et al. Formalization of the DE2 Language , 2005, CHARME.

[5] A. Pnueli,et al. The Code Validation Tool (CVT)– Automatic verification of code generated from synchronous languages , 1998 .

[6] John Matthews,et al. Pragmatic equivalence and safety checking in Cryptol , 2009, PLPV '09.

[7] David L. Dill,et al. Automatic Formal Verification of Block Cipher Implementations , 2008, 2008 Formal Methods in Computer-Aided Design.

[8] J. R. Lewis,et al. Cryptol: high assurance, retargetable crypto development and validation , 2003, IEEE Military Communications Conference, 2003. MILCOM 2003..

[9] John Matthews,et al. A verifying core for a cryptographic language compiler , 2006, ACL2 '06.

[10] Andrew Seawright,et al. RTL c-based methodology for designing and verifying a multi-threaded processor , 2002, DAC '02.

[11] Armin Biere. The AIGER And-Inverter Graph (AIG) Format Version 20070427 , 2007 .