Papers
Topics
Authors
Recent
Assistant
AI Research Assistant
Well-researched responses based on relevant abstracts and paper content.
Custom Instructions Pro
Preferences or requirements that you'd like Emergent Mind to consider when generating responses.
Gemini 2.5 Flash
Gemini 2.5 Flash 88 tok/s
Gemini 2.5 Pro 59 tok/s Pro
GPT-5 Medium 31 tok/s Pro
GPT-5 High 30 tok/s Pro
GPT-4o 110 tok/s Pro
Kimi K2 210 tok/s Pro
GPT OSS 120B 461 tok/s Pro
Claude Sonnet 4.5 38 tok/s Pro
2000 character limit reached

Protocols to Code: Formal Verification of a Next-Generation Internet Router (2405.06074v1)

Published 9 May 2024 in cs.CR, cs.NI, and cs.PL

Abstract: We present the first formally-verified Internet router, which is part of the SCION Internet architecture. SCION routers run a cryptographic protocol for secure packet forwarding in an adversarial environment. We verify both the protocol's network-wide security properties and low-level properties of its implementation. More precisely, we develop a series of protocol models by refinement in Isabelle/HOL and we use an automated program verifier to prove that the router's Go code satisfies memory safety, crash freedom, freedom from data races, and adheres to the protocol model. Both verification efforts are soundly linked together. Our work demonstrates the feasibility of coherently verifying a critical network component from high-level protocol models down to performance-optimized production code, developed by an independent team. In the process, we uncovered critical bugs in both the protocol and its implementation, which were confirmed by the code developers, and we strengthened the protocol's security properties. This paper explains our approach, summarizes the main results, and distills lessons for the design and implementation of verifiable systems, for the handling of continuous changes, and for the verification techniques and tools employed.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (55)
  1. The existence of refinement mappings. Theor. Comput. Sci., 82(2), 1991.
  2. Deciding knowledge in security protocols under equational theories. Theoretical Computer Science, 367(1):2–32, 2006.
  3. Anapaya Systems. https://www.anapaya.net, 2023.
  4. Deciding security for protocols with recursive tests. In Nikolaj Bjørner and Viorica Sofronie-Stokkermans, editors, Automated Deduction - CADE-23 - 23rd International Conference on Automated Deduction, Wroclaw, Poland, July 31 - August 5, 2011. Proceedings, volume 6803 of Lecture Notes in Computer Science, pages 49–63. Springer, 2011.
  5. Modeling and verifying ad hoc routing protocols. Inf. Comput., 238:30–67, 2014.
  6. A generic methodology for the modular verification of security protocol implementations. In Weizhi Meng, Christian Damsgaard Jensen, Cas Cremers, and Engin Kirda, editors, Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, CCS 2023, Copenhagen, Denmark, November 26-30, 2023, pages 1377–1391. ACM, 2023.
  7. A general approach to network configuration verification. In Proceedings of the Conference of the ACM Special Interest Group on Data Communication, SIGCOMM 2017, pages 155–168. ACM, 2017.
  8. DY*: A modular symbolic verification framework for executable cryptographic protocol code. In IEEE European Symposium on Security and Privacy, EuroS&P 2021, Vienna, Austria, September 6-10, 2021, pages 523–542. IEEE, 2021.
  9. Implementing TLS with verified cryptographic security. In 2013 IEEE Symposium on Security and Privacy, SP 2013, Berkeley, CA, USA, May 19-22, 2013, pages 445–459. IEEE Computer Society, 2013.
  10. Bruno Blanchet. An efficient cryptographic protocol verifier based on Prolog rules. In 14th IEEE Computer Security Foundations Workshop (CSFW-14 2001), 11-13 June 2001, Cape Breton, Nova Scotia, Canada, pages 82–96. IEEE Computer Society, 2001.
  11. Bruno Blanchet. Automatic verification of security protocols in the symbolic model: The verifier ProVerif. In Alessandro Aldini, Javier López, and Fabio Martinelli, editors, Foundations of Security Analysis and Design VII - FOSAD 2012/2013 Tutorial Lectures, volume 8604 of Lecture Notes in Computer Science, pages 54–87. Springer, 2013.
  12. John Boyland. Checking interference with fractional permissions. In Radhia Cousot, editor, Static Analysis, 10th International Symposium, SAS 2003, San Diego, CA, USA, June 11-13, 2003, Proceedings, volume 2694 of Lecture Notes in Computer Science, pages 55–72. Springer, 2003.
  13. A program logic for verifying secure routing protocols. Logical Methods in Computer Science, 11(4), 2015.
  14. The Complete Guide to SCION. Springer, 2022.
  15. Cas J. F. Cremers. On the protocol composition logic PCL. In Masayuki Abe and Virgil D. Gligor, editors, ASIACCS, pages 66–76. ACM, 2008.
  16. Implementing and proving the TLS 1.3 record layer. In 2017 IEEE Symposium on Security and Privacy, SP 2017, San Jose, CA, USA, May 22-26, 2017, pages 463–482. IEEE Computer Society, 2017.
  17. A security model and fully verified implementation for the IETF QUIC record layer. In 42nd IEEE Symposium on Security and Privacy, SP 2021, San Francisco, CA, USA, 24-27 May 2021, pages 1162–1178. IEEE, 2021.
  18. On the security of public key protocols. IEEE Trans. Information Theory, 29(2), 1983.
  19. Folding variant narrowing and optimal variant termination. The Journal of Logic and Algebraic Programming, 81(7):898–928, 2012.
  20. CertiKOS: An extensible architecture for building certified concurrent OS kernels. In Kimberly Keeton and Timothy Roscoe, editors, 12th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2016, Savannah, GA, USA, November 2-4, 2016, pages 653–669. USENIX Association, 2016.
  21. Ironfleet: proving practical distributed systems correct. In Ethan L. Miller and Steven Hand, editors, Proceedings of the 25th Symposium on Operating Systems Principles, SOSP 2015, Monterey, CA, USA, October 4-7, 2015. ACM, 2015.
  22. The Rust programming language. No Starch Press, 2023.
  23. seL4: formal verification of an OS kernel. In Jeanna Neefe Matthews and Thomas E. Anderson, editors, Symposium on Operating Systems Principles (SOSP). ACM, 2009.
  24. IsaNet: Formalization of a verification framework for secure data plane protocols. Archive of Formal Proofs, June 2022. https://isa-afp.org/entries/IsaNet.html, Formal proof development.
  25. Formal verification of secure forwarding protocols. In 2021 IEEE 34rd Computer Security Foundations Symposium (CSF). IEEE, 2021.
  26. IsaNet: A framework for verifying secure data plane protocols. Journal of Computer Security, 2022.
  27. Dexter Kozen. NetKAT – A formal system for the verification of networks. In Programming Languages and Systems - 12th Asian Symposium, APLAS 2014, pages 1–18, 2014.
  28. CakeML: a verified implementation of ML. In Suresh Jagannathan and Peter Sewell, editors, The 41st Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL ’14, San Diego, CA, USA, January 20-21, 2014, pages 179–192. ACM, 2014.
  29. EPIC: Every packet is checked in the data plane of a path-aware internet. In 29th USENIX Security Symposium (USENIX Security), pages 541–558. USENIX Association, August 2020.
  30. K. Rustan M. Leino. Dafny: An automatic program verifier for functional correctness. In Edmund M. Clarke and Andrei Voronkov, editors, Logic for Programming, Artificial Intelligence, and Reasoning (LPAR), volume 6355. Springer, 2010.
  31. Xavier Leroy. Formal verification of a realistic compiler. Commun. ACM, 52(7):107–115, 2009.
  32. Chapar: certified causally consistent distributed key-value stores. In Rastislav Bodík and Rupak Majumdar, editors, Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2016, St. Petersburg, FL, USA, January 20 - 22, 2016. ACM, 2016.
  33. A secure and formally verified linux KVM hypervisor. In 42nd IEEE Symposium on Security and Privacy, SP 2021, San Francisco, CA, USA, 24-27 May 2021, pages 1782–1799. IEEE, 2021.
  34. p4v: practical verification for programmable data planes. In Sergey Gorinsky and János Tapolcai, editors, Proceedings of the 2018 Conference of the ACM Special Interest Group on Data Communication, SIGCOMM 2018, Budapest, Hungary, August 20-25, 2018, pages 490–503. ACM, 2018.
  35. Forward and backward simulations: I. untimed systems. Inf. Comput., 121(2), 1995.
  36. The TAMARIN prover for the symbolic analysis of security protocols. In Natasha Sharygina and Helmut Veith, editors, Computer Aided Verification - 25th International Conference, CAV 2013, Saint Petersburg, Russia, July 13-19, 2013. Proceedings, volume 8044 of Lecture Notes in Computer Science, pages 696–701. Springer, 2013.
  37. Isabelle/HOL - A Proof Assistant for Higher-Order Logic, volume 2283. Springer, 2002.
  38. Local reasoning about programs that alter data structures. In CSL, volume 2142 of Lecture Notes in Computer Science, pages 1–19. Springer, 2001.
  39. Sound, modular and compositional verification of the input/output behavior of programs. In Jan Vitek, editor, Programming Languages and Systems - 24th European Symposium on Programming, ESOP 2015, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2015, London, UK, April 11-18, 2015. Proceedings, volume 9032. Springer, 2015.
  40. SCION: A Secure Internet Architecture. Springer, 2017.
  41. EverCrypt: A fast, verified, cross-platform cryptographic provider. In 2020 IEEE Symposium on Security and Privacy, SP 2020, San Francisco, CA, USA, May 18-21, 2020, pages 983–1002. IEEE, 2020.
  42. Verified low-level programming embedded in F. PACMPL, 1(ICFP), 2017.
  43. Velisarios: Byzantine fault-tolerant protocols powered by coq. In Amal Ahmed, editor, Programming Languages and Systems - 27th European Symposium on Programming, ESOP 2018, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2018, Thessaloniki, Greece, April 14-20, 2018, Proceedings, volume 10801. Springer, 2018.
  44. John C. Reynolds. Separation logic: A logic for shared mutable data structures. In LICS, pages 55–74. IEEE Computer Society, 2002.
  45. Automated analysis of Diffie-Hellman protocols and advanced security properties. In Stephen Chong, editor, 25th IEEE Computer Security Foundations Symposium, CSF 2012, Cambridge, MA, USA, June 25-27, 2012, pages 78–94. IEEE Computer Society, 2012.
  46. SCION Association. https://www.scion.org, 2023.
  47. SIX. Secure Swiss Finance Network. https://www.six-group.com/en/products-services/banking-services/ssfn.html.
  48. Implicit dynamic frames: Combining dynamic frames and separation logic. In ECOOP, volume 5653 of Lecture Notes in Computer Science, pages 148–172. Springer, 2009.
  49. Igloo: soundly linking compositional refinement and separation logic for distributed system verification. Proc. ACM Program. Lang., 4(OOPSLA):152:1–152:31, 2020.
  50. Scalable verification of border gateway protocol configurations with an SMT solver. In Proc. ACM Program. Lang., OOPSLA 2016, page 765–780, New York, NY, USA, 2016. Association for Computing Machinery.
  51. Verdi: a framework for implementing and formally verifying distributed systems. In David Grove and Steve Blackburn, editors, Proceedings of the 36th ACM SIGPLAN Conference on Programming Language Design and Implementation, Portland, OR, USA, June 15-17, 2015. ACM, 2015.
  52. Gobra: Modular specification and verification of go programs. In CAV (1), volume 12759 of Lecture Notes in Computer Science, pages 367–379. Springer, 2021.
  53. Planning for change in a formal verification of the Raft consensus protocol. In Jeremy Avigad and Adam Chlipala, editors, Proceedings of the 5th ACM SIGPLAN Conference on Certified Programs and Proofs, Saint Petersburg, FL, USA, January 20-22, 2016. ACM, 2016.
  54. Mechanized network origin and path authenticity proofs. In Gail-Joon Ahn, Moti Yung, and Ninghui Li, editors, Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, AZ, USA, November 3-7, 2014, pages 346–357. ACM, 2014.
  55. HACL*: A verified modern cryptographic library. In Bhavani M. Thuraisingham, David Evans, Tal Malkin, and Dongyan Xu, editors, Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, October 30 - November 03, 2017, pages 1789–1806. ACM, 2017.
Citations (2)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
Lightbulb Streamline Icon: https://streamlinehq.com

Continue Learning

We haven't generated follow-up questions for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now
List To Do Tasks Checklist Streamline Icon: https://streamlinehq.com

Collections

Sign up for free to add this paper to one or more collections.

User Circle Single Streamline Icon: https://streamlinehq.com Sign Up
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets

This paper has been mentioned in 1 post and received 0 likes.

User Circle Single Streamline Icon: https://streamlinehq.com Sign Up to View