Formal verification of side channel countermeasures using self-composition

Detalhes bibliográficos
Autor(a) principal: Almeida, José Bacelar
Data de Publicação: 2011
Outros Autores: Barbosa, Manuel, Pinto, Jorge Sousa, Vieira, Bárbara
Tipo de documento: Artigo
Idioma: eng
Título da fonte: Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
Texto Completo: https://hdl.handle.net/1822/14219
Resumo: Formal verification of cryptographic software implementations poses significant challenges for off-the-shelf tools. This is due to the domain-specific characteristics of the code, involving aggressive optimisations and non-functional security requirements, namely the critical aspect of countermeasures against side-channel attacks. In this paper we extend previous results supporting the practicality of self-composition proofs of non-interference and generalisations thereof. We tackle the formal verification of high-level security policies adopted in the implementation of the recently proposed NaCl cryptographic library. We formalize these policies and propose a formal verification approach based on self-composition, extending the range of security policies that could previously be handled using this technique. We demonstrate our results by addressing compliance with the NaCl security policies in real-world cryptographic code, highlighting the potential for automation of our techniques.
id RCAP_f2a90bc77ca0967c030999ff9d162cfe
oai_identifier_str oai:repositorium.sdum.uminho.pt:1822/14219
network_acronym_str RCAP
network_name_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository_id_str https://opendoar.ac.uk/repository/7160
spelling Formal verification of side channel countermeasures using self-compositionCryptographic algorithmsProgram verificationProgram equivalenceSelf-compositionSide-channel countermeasuresFormal verification of cryptographic software implementations poses significant challenges for off-the-shelf tools. This is due to the domain-specific characteristics of the code, involving aggressive optimisations and non-functional security requirements, namely the critical aspect of countermeasures against side-channel attacks. In this paper we extend previous results supporting the practicality of self-composition proofs of non-interference and generalisations thereof. We tackle the formal verification of high-level security policies adopted in the implementation of the recently proposed NaCl cryptographic library. We formalize these policies and propose a formal verification approach based on self-composition, extending the range of security policies that could previously be handled using this technique. We demonstrate our results by addressing compliance with the NaCl security policies in real-world cryptographic code, highlighting the potential for automation of our techniques.Fundação para a Ciência e a Tecnologia (FCT)ElsevierUniversidade do MinhoAlmeida, José BacelarBarbosa, ManuelPinto, Jorge SousaVieira, Bárbara20112011-01-01T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttps://hdl.handle.net/1822/14219eng0167-6423The original publication is available at http://www.sciencedirect.com/science/article/pii/S0167642311001857info:eu-repo/semantics/openAccessreponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiainstacron:RCAAP2025-04-12T04:42:58Zoai:repositorium.sdum.uminho.pt:1822/14219Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireinfo@rcaap.ptopendoar:https://opendoar.ac.uk/repository/71602025-05-28T15:37:55.600842Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiafalse
dc.title.none.fl_str_mv Formal verification of side channel countermeasures using self-composition
title Formal verification of side channel countermeasures using self-composition
spellingShingle Formal verification of side channel countermeasures using self-composition
Almeida, José Bacelar
Cryptographic algorithms
Program verification
Program equivalence
Self-composition
Side-channel countermeasures
title_short Formal verification of side channel countermeasures using self-composition
title_full Formal verification of side channel countermeasures using self-composition
title_fullStr Formal verification of side channel countermeasures using self-composition
title_full_unstemmed Formal verification of side channel countermeasures using self-composition
title_sort Formal verification of side channel countermeasures using self-composition
author Almeida, José Bacelar
author_facet Almeida, José Bacelar
Barbosa, Manuel
Pinto, Jorge Sousa
Vieira, Bárbara
author_role author
author2 Barbosa, Manuel
Pinto, Jorge Sousa
Vieira, Bárbara
author2_role author
author
author
dc.contributor.none.fl_str_mv Universidade do Minho
dc.contributor.author.fl_str_mv Almeida, José Bacelar
Barbosa, Manuel
Pinto, Jorge Sousa
Vieira, Bárbara
dc.subject.por.fl_str_mv Cryptographic algorithms
Program verification
Program equivalence
Self-composition
Side-channel countermeasures
topic Cryptographic algorithms
Program verification
Program equivalence
Self-composition
Side-channel countermeasures
description Formal verification of cryptographic software implementations poses significant challenges for off-the-shelf tools. This is due to the domain-specific characteristics of the code, involving aggressive optimisations and non-functional security requirements, namely the critical aspect of countermeasures against side-channel attacks. In this paper we extend previous results supporting the practicality of self-composition proofs of non-interference and generalisations thereof. We tackle the formal verification of high-level security policies adopted in the implementation of the recently proposed NaCl cryptographic library. We formalize these policies and propose a formal verification approach based on self-composition, extending the range of security policies that could previously be handled using this technique. We demonstrate our results by addressing compliance with the NaCl security policies in real-world cryptographic code, highlighting the potential for automation of our techniques.
publishDate 2011
dc.date.none.fl_str_mv 2011
2011-01-01T00:00:00Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv https://hdl.handle.net/1822/14219
url https://hdl.handle.net/1822/14219
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv 0167-6423
The original publication is available at http://www.sciencedirect.com/science/article/pii/S0167642311001857
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv Elsevier
publisher.none.fl_str_mv Elsevier
dc.source.none.fl_str_mv reponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron:RCAAP
instname_str FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
instacron_str RCAAP
institution RCAAP
reponame_str Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
collection Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)
repository.name.fl_str_mv Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia
repository.mail.fl_str_mv info@rcaap.pt
_version_ 1833595436103892992

Registros relacionados