Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Formal Verification for Fun and Profit

Tim Taubert
December 07, 2016

Formal Verification for Fun and Profit

Cryptol and SAW allow to automatically prove correctness of C/C++/Rust implementations of algorithms. This way you can find bugs in UTF-16 to UTF-8 converters, MPEG decoders, cryptographic algorithms, etc. at development time, and after your implementation proved correct, use the specification to prevent future regressions.

Tim Taubert

December 07, 2016
Tweet

More Decks by Tim Taubert

Other Decks in Programming

Transcript

  1. Tim Taubert @ttaubert Formal Verification for Fun and Profit Finding

    bugs with Cryptol and SAW December 2016, Hawaii
  2. What is Formal Verification? “[…] Formal verification is the act

    of proving or disproving the correctness of intended algorithms […] using formal methods of mathematics.”
  3. Example: f(x) = (x == 0) [Cryptol] is_zero : [64]

    -> [1] is_zero x = if x == 0 then 1 else 0
  4. Example: f(x) = (x == 0) [C99, maybe const-time] bool

    is_zero(uint64_t x) { bool nz = false; for (size_t i = 0; i < sizeof(x) * 8; ++i) { nz |= x >> i & 1; } return !nz; }
  5. Example: f(x) = (x == 0) [Rust] fn is_zero(x: u64)

    -> bool { return x == 0; } (Compile to LLVM IR) $ rustc --emit=llvm-ir -o is_zero.bc is_zero.rs
  6. Case Study: UTF-16 to UTF-8 Encoder 1) Compute the length

    of the target buffer. 2) Fill the target buffer with UTF-8.