Skip to main content
SpringerLink
Log in

Verified Transformations and Hoare Logic: Beautiful Proofs for Ugly Assembly Language

  • Conference paper
  • First Online:
Software Verification (NSV 2020, VSTTE 2020)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 12549))

Abstract

Hand-optimized assembly language code is often difficult to formally verify. This paper combines Hoare logic with verified code transformations to make it easier to verify such code. This approach greatly simplifies existing proofs of highly optimized OpenSSL-based AES-GCM cryptographic code. Furthermore, applying various verified transformations to the AES-GCM code enables additional platform-specific performance improvements.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://github.com/project-everest/hacl-star/tree/_vale_unstructured/vale.

References

  1. Almeida, J.B., et al.: Jasmin: high-assurance and high-speed cryptography. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (2017). https://doi.org/10.1145/3133956.3134078

  2. Almeida, J.B., et al.: The last mile: high-assurance and high-speed cryptographic implementations. CoRR abs/1904.04606 (2019)

  3. Appel, A.W.: Verified software toolchain. In: ESOP: 20th European Symposium on Programming (2011)

    Google Scholar 

  4. Appel, A.W.: Verification of a cryptographic primitive: SHA-256. ACM Trans. Program. Lang. Syst. 37(2), 7:1–7:31 (2015)

    Article  Google Scholar 

  5. Bond, B., et al.: Vale: verifying high-performance cryptographic assembly code. In: Proceedings of the USENIX Security Symposium (2017)

    Google Scholar 

  6. Erbsen, A., Philipoom, J., Gross, J., Sloan, R., Chlipala, A.: Simple high-level code for cryptographic arithmetic - with proofs, without compromises. In: Proceedings of the IEEE Symposium on Security and Privacy (2019)

    Google Scholar 

  7. Fromherz, A., Giannarakis, N., Hawblitzel, C., Parno, B., Rastogi, A., Swamy, N.: A verified, efficient embedding of a verifiable assembly language. In: Proceedings of the ACM Symposium on Principles of Programming Languages (POPL) (2019)

    Google Scholar 

  8. Gueron, S., Krasnov, V.: The fragility of AES-GCM authentication algorithm. In: Proceedings of the Conference on Information Technology: New Generations (2014)

    Google Scholar 

  9. Gueron, S.: Intel® advanced encryption standard (AES) new instructions set (2012). https://software.intel.com/sites/default/files/article/165683/aes-wp-2012-09-22-v01.pdf

  10. Klein, G., et al.: Comprehensive formal verification of an OS microkernel. ACM Trans. Comput. Syst. 32(1), 2:1–2:70 (2014)

    Article  Google Scholar 

  11. Leroy, X., Blazy, S., Kästner, D., Schommer, B., Pister, M., Ferdinand, C.: CompCert - a formally verified optimizing compiler. In: Embedded Real Time Software and Systems (ERTS). SEE (2016)

    Google Scholar 

  12. Massalin, H.: Superoptimizer - a look at the smallest program. In: Architectural Support for Programming Languages and Operating Systems (ASPLOS) (1987)

    Google Scholar 

  13. McKeeman, W.M.: Peephole optimization. Commun. ACM 8, 7 (1965)

    Google Scholar 

  14. Mozilla: Measurement dashboard (2018). https://mzl.la/2ug9YCH

  15. Mullen, E., Zuniga, D., Tatlock, Z., Grossman, D.: Verified peephole optimizations for CompCert. In: Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI) (2016)

    Google Scholar 

  16. Pnueli, A., Siegel, M., Singerman, E.: Translation validation. In: Steffen, B. (ed.) TACAS 1998. LNCS, vol. 1384, pp. 151–166. Springer, Heidelberg (1998). https://doi.org/10.1007/BFb0054170

    Chapter  Google Scholar 

  17. Protzenko, J., et al.: EverCrypt: a fast, verified, cross-platform cryptographic provider. In: Proceedings of the IEEE Symposium on Security and Privacy (2020)

    Google Scholar 

  18. Recoules, F., Bardin, S., Bonichon, R., Mounier, L., Potet, M.L.: Get rid of inline assembly through verification-oriented lifting. In: Proceedings of the 34th IEEE/ACM International Conference on Automated Software Engineering (ASE 2019) (2019)

    Google Scholar 

  19. Sewell, T.A.L., Myreen, M.O., Klein, G.: Translation validation for a verified OS kernel. In: Proceedings of ACM PLDI (2013)

    Google Scholar 

  20. Swamy, N., et al.: Dependent types and multi-monadic effects in F*. In: Proceedings of the ACM Conference on Principles of Programming Languages (POPL), pp. 256–270. ACM (2016)

    Google Scholar 

  21. Wheeler, D.A.: SLOCCount. Software Distribution. http://www.dwheeler.com/sloccount/

Download references

Acknowledgements

We thank the anonymous reviewers for valuable feedback. Work at Carnegie Mellon University was supported in part by the Department of the Navy, Office of Naval Research under Grant No. N00014-18-1-2892, and grants from the Intel Corporation and the Alfred P. Sloan Foundation.

Author information

Authors and Affiliations

  1. Carnegie Mellon University, Pittsburgh, USA

    Jay Bosamiya & Bryan Parno

  2. Massachusetts Institute of Technology, Cambridge, USA

    Sydney Gibson

  3. University of Pennsylvania, Philadelphia, USA

    Yao Li

  4. Microsoft Research, Redmond, USA

    Chris Hawblitzel

Authors
  1. Jay Bosamiya
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sydney Gibson
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yao Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bryan Parno
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Chris Hawblitzel
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jay Bosamiya .

Editor information

Editors and Affiliations

  1. MPI-SWS Kaiserslautern, Kaiserslautern, Germany

    Maria Christakis

  2. University of California, San Diego, La Jolla, CA, USA

    Nadia Polikarpova

  3. Computer Science, University of North Carolina at Chapel Hill, Chapel Hill, NC, USA

    Parasara Sridhar Duggirala

  4. Engineering and Informatics, University of Sussex, Brighton, UK

    Peter Schrammel

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bosamiya, J., Gibson, S., Li, Y., Parno, B., Hawblitzel, C. (2020). Verified Transformations and Hoare Logic: Beautiful Proofs for Ugly Assembly Language. In: Christakis, M., Polikarpova, N., Duggirala, P.S., Schrammel, P. (eds) Software Verification. NSV VSTTE 2020 2020. Lecture Notes in Computer Science(), vol 12549. Springer, Cham. https://doi.org/10.1007/978-3-030-63618-0_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-63618-0_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-63617-3

  • Online ISBN: 978-3-030-63618-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation