Verification of Implementations of Cryptographic Hash Functions
| Autor: | Jiaguang Sun, Houbing Song, Dexi Wang, Yu Jiang, Fei He, Ming Gu |
|---|---|
| Jazyk: | angličtina |
| Rok vydání: | 2017 |
| Předmět: |
Theoretical computer science
General Computer Science Computer science Model-predictive control Hash function Cryptography 02 engineering and technology urban traffic control SHA-2 emission control smoothening 0202 electrical engineering electronic engineering information engineering Cryptographic hash function General Materials Science Security of cryptographic hash functions Key management gradient-based optimization Secure Hash Algorithm Cryptographic primitive business.industry 020208 electrical & electronic engineering General Engineering Authorization MDC-2 Cryptographic protocol Hash-based message authentication code 020202 computer hardware & architecture Merkle–Damgård construction Hash chain lcsh:Electrical engineering. Electronics. Nuclear engineering business lcsh:TK1-9971 Cryptographic nonce |
| Zdroj: | IEEE Access, Vol 5, Pp 7816-7825 (2017) |
| ISSN: | 2169-3536 |
| Popis: | Cryptographic hash functions have become the basis of modern network computing for identity authorization and secure computing; protocol consistency of cryptographic hash functions is one of the most important properties that affect the security and correctness of cryptographic implementations, and protocol consistency should be well proven before being applied in practice. Software verification has seen substantial application in safety-critical areas and has shown the ability to deliver better quality assurance for modern software; thus, applying software verification to a protocol consistency proof for cryptographic hash functions is a reasonable approach to prove their correctness. Verification of protocol consistency of cryptographic hash functions includes modeling of the cryptographic protocol and program analysis of the cryptographic implementation; these require a dedicated cryptographic implementation model that preserves the semantics of the code, efficient analysis of cryptographic operations on arrays and bits, and the ability to verify large-scale implementations. In this paper, we propose a fully automatic software verification framework, VeriHash, that brings software verification to protocol consistency proofs for cryptographic hash function implementations. It solves the above challenges by introducing a novel cryptographic model design for modeling the semantics of cryptographic hash function implementations, extended array theories for analysis of operations, and compositional verification for scalability. We evaluated our verification framework on two SHA-3 cryptographic hash function implementations: the winner of the NIST SHA-3 competition, Keccack; and an open-source hash program, RHash. We successfully verified the core parts of the two implementations and reproduced a bug in the published edition of RHash. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|