IMDEA Software

Iniciativa IMDEA

Inicio > Eventos > Software Seminar Series > 2013 > Efficient provably secure machine code from high-level implementations
Esta página aún no ha sido traducida. A continuación se muestra la página en inglés.

Francois Dupressoir

martes 22 de octubre de 2013

11:00am Meeting room 302 (Mountain View), level 3

Francois Dupressoir, Post-doctoral Researcher, IMDEA Software Institute

Efficient provably secure machine code from high-level implementations

Abstract:

We present a computer-aided framework for proving concrete security bounds for cryptographic machine code implementations. The front-end of the framework is an interactive verification tool that extends the EasyCrypt framework to reason about relational properties of C-like programs extended with idealised probabilistic operations, in the style of code-based security proofs. The framework also incorporates an extension of the CompCert certified compiler to support trusted libraries, providing complex arithmetic calculations, or instantiating idealised components such as sampling operations. This certified compiler allows us to carry to executable code the security guarantees established at the high-level, and is also instrumented to detect when compilation may interfere with side-channel countermeasures deployed in source code.

We demonstrate the applicability of the framework with the RSA-OAEP encryption scheme, as standardized in PKCS#1 v2.1. The outcome is a rigorous analysis of the advantage of an adversary to break the security of assembly implementations of the algorithms specified by the standard. The example also provides two contributions of independent interest: it is the first application of computer-aided cryptographic tools to real-world security, and the first application of CompCert to cryptographic software.