Tim Taubert
December 07, 2016
110

# Formal Verification for Fun and Profit

Cryptol and SAW allow to automatically prove correctness of C/C++/Rust implementations of algorithms. This way you can find bugs in UTF-16 to UTF-8 converters, MPEG decoders, cryptographic algorithms, etc. at development time, and after your implementation proved correct, use the specification to prevent future regressions.

## Tim Taubert

December 07, 2016

## Transcript

1. Tim Taubert
@ttaubert
Formal Veriﬁcation for
Fun and Proﬁt
Finding bugs with Cryptol and SAW
December 2016, Hawaii

2. What is Formal Veriﬁcation?
“[…] Formal veriﬁcation is the act of proving or
disproving the correctness of intended algorithms
[…] using formal methods of mathematics.”

3. Example: f(x) = (x == 0) [Cryptol]
is_zero : [64] -> [1]
is_zero x = if x == 0 then 1 else 0

4. Example: f(x) = (x == 0) [C99]
bool is_zero(uint64_t x) {
return x == 0U;
}

5. Example: f(x) = (x == 0) [C99, maybe const-time]
bool is_zero(uint64_t x) {
bool nz = false;
for (size_t i = 0; i < sizeof(x) * 8; ++i) {
nz |= x >> i & 1;
}
return !nz;
}

6. Example: f(x) = (x == 0) [Rust]
fn is_zero(x: u64) -> bool {
return x == 0;
}
(Compile to LLVM IR)
\$ rustc --emit=llvm-ir -o is_zero.bc is_zero.rs

7. Case Study: UTF-16 to UTF-8 Encoder
1) Compute the length of the target buﬀer.
2) Fill the target buﬀer with UTF-8.

8. Thanks!
Cryptol: http://cryptol.net/
SAW: http://saw.galois.com/