| dc.contributor.author | Athalye, Anish | |
| dc.contributor.author | Corrigan-Gibbs, Henry | |
| dc.contributor.author | Kaashoek, Frans | |
| dc.contributor.author | Tassarotti, Joseph | |
| dc.contributor.author | Zeldovich, Nickolai | |
| dc.date.accessioned | 2024-12-16T14:48:39Z | |
| dc.date.available | 2024-12-16T14:48:39Z | |
| dc.date.issued | 2024-11-04 | |
| dc.identifier.isbn | 979-8-4007-1251-7 | |
| dc.identifier.uri | https://hdl.handle.net/1721.1/157857 | |
| dc.description | SOSP ’24, November 4–6, 2024, Austin, TX | en_US |
| dc.description.abstract | Parfait is a framework for proving that an implementation of a hardware security module (HSM) leaks nothing more than what is mandated by an application specification. Parfait proofs cover the software and the hardware of an HSM, which catches bugs above the cycle-level digital circuit abstraction, including timing side channels. Parfait's contribution is a scalable approach to proving security and non-leakage by using intermediate levels of abstraction and relating them with transitive information-preserving refinement. This enables Parfait to use different techniques to verify the implementation at different levels of abstraction, reuse existing verified components such as CompCert, and automate parts of the proof, while still providing end-to-end guarantees. We use Parfait to verify four HSMs, including an ECDSA certificate-signing HSM and a password-hashing HSM, on top of the OpenTitan Ibex and PicoRV32 processors. Parfait provides strong guarantees for these HSMs: for instance, it proves that the ECDSA-on-Ibex HSM implementation---2,300 lines of code and 13,500 lines of Verilog---leaks nothing more than what is allowed by a 40-line specification of its behavior. | en_US |
| dc.publisher | ACM|ACM SIGOPS 30th Symposium on Operating Systems Principles | en_US |
| dc.relation.isversionof | https://doi.org/10.1145/3694715.3695956 | en_US |
| dc.rights | Creative Commons Attribution | en_US |
| dc.rights.uri | https://creativecommons.org/licenses/by/4.0/ | en_US |
| dc.source | Association for Computing Machinery | en_US |
| dc.title | Modular Verification of Secure and Leakage-Free Systems: From Application Specification to Circuit-Level Implementation | en_US |
| dc.type | Article | en_US |
| dc.identifier.citation | Athalye, Anish, Corrigan-Gibbs, Henry, Kaashoek, Frans, Tassarotti, Joseph and Zeldovich, Nickolai. 2024. "Modular Verification of Secure and Leakage-Free Systems: From Application Specification to Circuit-Level Implementation." | |
| dc.contributor.department | Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory | en_US |
| dc.identifier.mitlicense | PUBLISHER_CC | |
| dc.eprint.version | Final published version | en_US |
| dc.type.uri | http://purl.org/eprint/type/ConferencePaper | en_US |
| eprint.status | http://purl.org/eprint/status/NonPeerReviewed | en_US |
| dc.date.updated | 2024-12-01T08:53:20Z | |
| dc.language.rfc3066 | en | |
| dc.rights.holder | The author(s) | |
| dspace.date.submission | 2024-12-01T08:53:20Z | |
| mit.license | PUBLISHER_CC | |
| mit.metadata.status | Authority Work and Publication Information Needed | en_US |
