Formally Verifying Everybody's Cryptography
Offered By: Strange Loop Conference via YouTube
Course Description
Overview
Explore formal verification of cryptographic libraries in this conference talk from Strange Loop 2022. Learn how mathematical reasoning can prove code security and bug-free status in real-world cryptographic systems. Discover the application of formal verification to production cryptography, its cost-effectiveness as an assurance tool, and lessons for securing other software systems. Delve into the threat model for cryptographic primitives, understand the challenges and benefits of verifying cryptography, and examine practical examples such as SHA 384 rewrites. Gain insights into cumulative correctness planning and the power of code changes during formal verification processes.
Syllabus
Intro
Aim: formal verification of code
This talk: cryptographic primitives
Who did the proofs, anyway?
We do difficult proofs
Threat model for cryptographic primitives
So, verification is just fancy testing
Result-high confidence of this
Verifying cryptography is easy! (in some ways)
Conservation of difficulty rule
Why is it difficult to verify cryptography?
Verifying cryptography is difficult, as well
Changing the code is very powerful during formal verification!
Rewrites in practice (from SHA 384)
Composition has a cost
Cumulative Correctness planning
Taught by
Strange Loop Conference
Tags
Related Courses
Applied CryptographyUniversity of Virginia via Udacity Cryptography II
Stanford University via Coursera Secure Computation: Part I
NPTEL via Swayam Cryptocurrencies - Trust, Verification, and Privacy - Max Zinkus
White Hat Cal Poly via YouTube Cryptography Do's and Don'ts in 2021
NorthSec via YouTube