Cryptology ePrint Archive: Report 2009/322

Certifying Assembly with Formal Cryptographic Proofs: the Case of BBS

Reynald Affeldt, David Nowak and Kiyoshi Yamada

Abstract: With today's dissemination of embedded systems manipulating sensitive data, it has become important to equip low-level programs with strong security guarantees. Unfortunately, security proofs as done by cryptographers are about algorithms, not about concrete implementations running on hardware. In this paper, we show how to extend security proofs to guarantee the security of assembly implementations of cryptographic primitives. Our approach is based on a framework in the Coq proof-assistant that integrates correctness proofs of assembly programs with game-playing proofs of provable security. We demonstrate the usability of our approach using the Blum-Blum-Shub (BBS) pseudorandom number generator, for which a MIPS implementation for smartcards is shown cryptographically secure.

Category / Keywords: foundations / Hoare logic, SmartMIPS, Coq, PRNG, provable security, game playing

Publication Info: An updated version appears in Automated Verification of Critical Systems 2009, volume 23 of Electronic Communications of the EASST

Date: received 1 Jul 2009, last revised 13 May 2010

Contact author: david nowak at aist go jp

Available format(s): PDF | BibTeX Citation

Version: 20100513:102119 (All versions of this report)

Short URL: ia.cr/2009/322

Discussion forum: Show discussion | Start new discussion