The Last Mile: High-Assurance and High-Speed Cryptographic Implementations

dc.contributor.author Barthe,G en
dc.contributor.author Manuel Barbosa en
dc.contributor.author José Bacelar Almeida en
dc.contributor.author Strub,PY en
dc.contributor.author Tiago Filipe Oliveira en
dc.contributor.author Laporte,V en
dc.contributor.author Koutsos,A en
dc.contributor.author Grégoire,B en
dc.contributor.other 5604 en
dc.contributor.other 5598 en
dc.contributor.other 6207 en
dc.date.accessioned 2020-12-22T19:36:43Z
dc.date.available 2020-12-22T19:36:43Z
dc.date.issued 2020 en
dc.description.abstract We develop a new approach for building cryptographic implementations. Our approach goes the last mile and delivers assembly code that is provably functionally correct, protected against side-channels, and as efficient as hand-written assembly. We illustrate our approach using ChaCha20-Poly1305, one of the two ciphersuites recommended in TLS 1.3, and deliver formally verified vectorized implementations which outperform the fastest non-verified code.We realize our approach by combining the Jasmin framework, which offers in a single language features of high-level and low-level programming, and the EasyCrypt proof assistant, which offers a versatile verification infrastructure that supports proofs of functional correctness and equivalence checking. Neither of these tools had been used for functional correctness before. Taken together, these infrastructures empower programmers to develop efficient and verified implementations by "game hopping", starting from reference implementations that are proved functionally correct against a specification, and gradually introducing program optimizations that are proved correct by equivalence checking.We also make several contributions of independent interest, including a new and extensible verified compiler for Jasmin, with a richer memory model and support for vectorized instructions, and a new embedding of Jasmin in EasyCrypt. © 2020 IEEE. en
dc.identifier.uri http://repositorio.inesctec.pt/handle/123456789/11847
dc.identifier.uri http://dx.doi.org/10.1109/sp40000.2020.00028 en
dc.language eng en
dc.rights info:eu-repo/semantics/openAccess en
dc.title The Last Mile: High-Assurance and High-Speed Cryptographic Implementations en
dc.type Publication en
dc.type conferenceObject en
Files
Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
P-00S-Q6M.pdf
Size:
696.11 KB
Format:
Adobe Portable Document Format
Description: