A Trustworthy Proof Checker

Proof-carrying code (PCC) and other applications in computer security require machine-checkable proofs of properties of machine-language programs. The main advantage of the PCC approach is that the amount of code that must be explicitly trusted is very small: it consists of the logic in which predicates and proofs are expressed, the safety predicate, and the proof checker. We have built a minimal proof checker, and we explain its design principles and the representation issues of the logic, safety predicate, and safety proofs. We show that the trusted computing base (TCB) in such a system can indeed be very small. In our current system the TCB is less than 2,700 lines of code (an order of magnitude smaller even than other PCC systems), which adds to our confidence of its correctness.

[1]  Akinori Yonezawa,et al.  Proving Compiler Correctness in a Mechanized Logic R. Milner and R. Weyhrauch , 1974 .

[2]  Andrew W. Appel,et al.  Foundational proof checkers with small witnesses , 2003, PPDP '03.

[3]  Ken Thompson,et al.  Reflections on trusting trust , 1984, CACM.

[4]  Wai Wong,et al.  Recording and Checking HOL Proofs , 1995, TPHOLs.

[5]  Andrew W. Appel,et al.  Proof-carrying authentication , 1999, CCS '99.

[6]  Furio Honsell,et al.  A framework for defining logics , 1993, JACM.

[7]  K. Thompson Reflections on trusting trust , 1984, CACM.

[8]  George C. Necula,et al.  Oracle-based checking of untrusted software , 2001, POPL '01.

[9]  Robert S. Boyer,et al.  A computational logic handbook , 1979, Perspectives in computing.

[10]  Andrew W. Appel,et al.  A stratified semantics of general references embeddable in higher-order logic , 2002, Proceedings 17th Annual IEEE Symposium on Logic in Computer Science.

[11]  Geoffrey Norman Watson Proof representations in Theorem Provers , 1998 .

[12]  Robert S. Boyer,et al.  Automated Correctness Proofs of Machine Code Programs for a Commercial Microprocessor , 1992, CADE.

[13]  David William John Stringer-Calvert,et al.  Mechanical verification of compiler correctness , 1998 .

[14]  T. Coquand An algorithm for testing conversion in type theory , 1991 .

[15]  Andrew W. Appel,et al.  Foundational proof-carrying code , 2001, Proceedings 16th Annual IEEE Symposium on Logic in Computer Science.

[16]  George C. Necula,et al.  A certifying compiler for Java , 2000, PLDI '00.

[17]  Lujo Bauer,et al.  A General and Flexible Access-Control System for the Web , 2002, USENIX Security Symposium.

[18]  Gérard P. Huet,et al.  The Constructive Engine , 1989, A Perspective in Theoretical Computer Science.

[19]  Michael J. C. Gordon,et al.  Edinburgh LCF: A mechanised logic of computation , 1979 .

[20]  Andrew W. Appel,et al.  A semantic model of types and machine instructions for proof-carrying code , 2000, POPL '00.

[21]  Gordon D. Plotkin,et al.  Logical frameworks , 1991 .

[22]  David Walker,et al.  From System F to Typed Assembly Language (Extended Version) , 1997 .

[23]  Michael J. C. Gordon,et al.  From LCF to HOL: a short history , 2000, Proof, Language, and Interaction.

[24]  Frank Pfenning,et al.  System Description: Twelf - A Meta-Logical Framework for Deductive Systems , 1999, CADE.

[25]  Frank Pfenning,et al.  On equivalence and canonical forms in the LF type theory , 2001, TOCL.

[26]  George C. Necula,et al.  Proof-carrying code , 1997, POPL '97.

[27]  M. Wahab,et al.  Verification and Abstraction of Flow-Graph Programs with Pointers and Computed Jumps , 1998 .

[28]  Hugo Herbelin,et al.  The Coq proof assistant : reference manual, version 6.1 , 1997 .

[29]  Christine Paulin-Mohring,et al.  The coq proof assistant reference manual , 2000 .

[30]  Andrew W. Appel,et al.  Machine Instruction Syntax and Semantics in Higher Order Logic , 2000, CADE.

[31]  Robert Pollack,et al.  How to Believe a Machine-Checked Proof , 1997 .

[32]  Mike Gordon A mechanized Hoare logic of state transitions , 1994 .

[33]  Andrew W. Appel,et al.  An indexed model of recursive types for foundational proof-carrying code , 2001, TOPL.

[34]  Alan Robinson,et al.  Handbook of automated reasoning , 2001 .

[35]  John DeTreville,et al.  Binder, a logic-based security language , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[36]  Dan S. Wallach,et al.  Java security: Web browsers and beyond , 1997 .