Formal verification of side-channel countermeasures using self-composition

Detalhes bibliográficos
Autor(a) principal: Almeida, José Bacelar
Data de Publicação: 2013
Outros Autores: Barbosa, Manuel, Pinto, Jorge Sousa, Vieira, Bárbara
Tipo de documento: Artigo
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: http://hdl.handle.net/1822/26363
Resumo: Formal verification of cryptographic software implementations poses significant challenges for off-the-shelf tools. This is due to the domain-specific characteristics of the code, involving aggressive optimizations and non-functional security requirements, namely the critical aspect of countermeasures against side-channel attacks. In this paper, we extend previous results supporting the practicality of self-composition proofs of non-interference and generalizations thereof. We tackle the formal verification of high-level security policies adopted in the implementation of the recently proposed NaCl cryptographic library. We formalize these policies and propose a formal verification approach based on self-composition, extending the range of security policies that could previously be handled using this technique. We demonstrate our results by addressing compliance with the NaCl security policies in real-world cryptographic code, highlighting the potential for automation of our techniques.
id RCAP_40c17f3abf179c322c572446cd8e0a56
oai_identifier_str oai:repositorium.sdum.uminho.pt:1822/26363
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str
spelling Formal verification of side-channel countermeasures using self-compositionCryptographic algorithmsProgram verificationProgram equivalenceSelf-compositionSide-channel countermeasuresScience & TechnologyFormal verification of cryptographic software implementations poses significant challenges for off-the-shelf tools. This is due to the domain-specific characteristics of the code, involving aggressive optimizations and non-functional security requirements, namely the critical aspect of countermeasures against side-channel attacks. In this paper, we extend previous results supporting the practicality of self-composition proofs of non-interference and generalizations thereof. We tackle the formal verification of high-level security policies adopted in the implementation of the recently proposed NaCl cryptographic library. We formalize these policies and propose a formal verification approach based on self-composition, extending the range of security policies that could previously be handled using this technique. We demonstrate our results by addressing compliance with the NaCl security policies in real-world cryptographic code, highlighting the potential for automation of our techniques.This work was partially supported by project SMART, funded by ENIAC joint Undertaking (GA 120224).ElsevierUniversidade do MinhoAlmeida, José BacelarBarbosa, ManuelPinto, Jorge SousaVieira, Bárbara20132013-01-01T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttp://hdl.handle.net/1822/26363engJosé Bacelar Almeida, Manuel Barbosa, Jorge Sousa Pinto, Bárbara Vieira: Formal verification of side-channel countermeasures using self-composition. Sci. Comput. Program. 78(7): 796-812 (2013)0167-642310.1016/j.scico.2011.10.008The original publication is available at http://www.sciencedirect.com/info:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-07-21T12:28:29ZPortal AgregadorONG
dc.title.none.fl_str_mv Formal verification of side-channel countermeasures using self-composition
title Formal verification of side-channel countermeasures using self-composition
spellingShingle Formal verification of side-channel countermeasures using self-composition
Almeida, José Bacelar
Cryptographic algorithms
Program verification
Program equivalence
Self-composition
Side-channel countermeasures
Science & Technology
title_short Formal verification of side-channel countermeasures using self-composition
title_full Formal verification of side-channel countermeasures using self-composition
title_fullStr Formal verification of side-channel countermeasures using self-composition
title_full_unstemmed Formal verification of side-channel countermeasures using self-composition
title_sort Formal verification of side-channel countermeasures using self-composition
author Almeida, José Bacelar
author_facet Almeida, José Bacelar
Barbosa, Manuel
Pinto, Jorge Sousa
Vieira, Bárbara
author_role author
author2 Barbosa, Manuel
Pinto, Jorge Sousa
Vieira, Bárbara
author2_role author
author
author
dc.contributor.none.fl_str_mv Universidade do Minho
dc.contributor.author.fl_str_mv Almeida, José Bacelar
Barbosa, Manuel
Pinto, Jorge Sousa
Vieira, Bárbara
dc.subject.por.fl_str_mv Cryptographic algorithms
Program verification
Program equivalence
Self-composition
Side-channel countermeasures
Science & Technology
topic Cryptographic algorithms
Program verification
Program equivalence
Self-composition
Side-channel countermeasures
Science & Technology
description Formal verification of cryptographic software implementations poses significant challenges for off-the-shelf tools. This is due to the domain-specific characteristics of the code, involving aggressive optimizations and non-functional security requirements, namely the critical aspect of countermeasures against side-channel attacks. In this paper, we extend previous results supporting the practicality of self-composition proofs of non-interference and generalizations thereof. We tackle the formal verification of high-level security policies adopted in the implementation of the recently proposed NaCl cryptographic library. We formalize these policies and propose a formal verification approach based on self-composition, extending the range of security policies that could previously be handled using this technique. We demonstrate our results by addressing compliance with the NaCl security policies in real-world cryptographic code, highlighting the potential for automation of our techniques.
publishDate 2013
dc.date.none.fl_str_mv 2013
2013-01-01T00:00:00Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/1822/26363
url http://hdl.handle.net/1822/26363
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv José Bacelar Almeida, Manuel Barbosa, Jorge Sousa Pinto, Bárbara Vieira: Formal verification of side-channel countermeasures using self-composition. Sci. Comput. Program. 78(7): 796-812 (2013)
0167-6423
10.1016/j.scico.2011.10.008
The original publication is available at http://www.sciencedirect.com/
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv Elsevier
publisher.none.fl_str_mv Elsevier
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv
repository.mail.fl_str_mv
_version_ 1777303766702227456

Registros relacionados