Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

The Essence of Cryptol: A Denotational Cryptol Interpreter in Coq for Foundational Assurances for Quantum Resistant Cryptosystems

Technical Report ·
DOI:https://doi.org/10.2172/2480164· OSTI ID:2480164
 [1];  [1];  [1]
  1. Sandia National Laboratories (SNL-CA), Livermore, CA (United States)
+ Show Author Affiliations

Systems of the utmost consequence need a means to establish authenticity of software and data. Cryptosystems implement authentication, but can be vulnerable to cryptographic and implementation attacks. With the threat of quantum cryptographic attacks, “post-quantum” cryptosystems (PQCs) must be henceforth used in these systems. However, the new cryptography needs new ways to, rigorously and machine-checkably, prove systems free of vulnerabilities. We propose a retargetable capability to rapidly instantiate proven correct postquantum cryptosystems through novel proof-carrying synthesis and proof-automation technique, extending those proven successful on existing systems. This capability is crucial to meeting the cryptographic requirements for future high-consequence systems. Since specifications for high consequence cryptography are presently captured in a domain specific language known as Cryptol. While this can enable convenient fully automated reasoning about Cryptol specificaitons and implementations via the Software Analysis Workbench (SAW), Cryptol has expressivity gaps, so that cryptosystems with probabilistic programming features like Falcon cannot be fully expressed in the language. Moreover, SAW’s automation fails for programs and specificaitons with inductive and recursive structure, as in the Sphincs+ PQC. Finally, Cryptol and SAW together represent some 200,000 lines of unverified Haskell, so that the any guarantees about high consequence cryptography are presently contingent on a large, unverified, yet trusted computing base. The first step of the larger project of agile, assured crpytography is therefore to provide a formal, mechanized semantics for Cryptol, so that the specifications expressed by cryptographers in Cryptol can be reasoned about and compiled into performant implementations with a foundational, machine checkable certificate of correctness. This report describes our work on this first step, culminating in the design of a certified denotational interpreter, in Coq, for core Cryptol.

Research Organization:
Sandia National Laboratories (SNL-CA), Livermore, CA (United States)
Sponsoring Organization:
USDOE National Nuclear Security Administration (NNSA); USDOE Laboratory Directed Research and Development (LDRD) Program
DOE Contract Number:
NA0003525
OSTI ID:
2480164
Report Number(s):
SAND--2024-13620
Country of Publication:
United States
Language:
English

Similar Records

A Little Something on the Side: Exploration of Power Side-channels in Embedded Cryptography
Conference · Thu Aug 08 00:00:00 EDT 2019 · OSTI ID:1545531
Status report on knapsack-based public key cryptosystems
Technical Report · Mon Jan 31 23:00:00 EST 1983 · OSTI ID:6180916
A Formalization of Core Why3 in Coq
Journal Article · Thu Jan 04 23:00:00 EST 2024 · Proceedings of the ACM on Programming Languages · OSTI ID:2311377

Related Subjects

97 MATHEMATICS AND COMPUTING