17 research outputs found
MedleySolver: Online SMT Algorithm Selection
Satisfiability modulo theories (SMT) solvers implement a wide range of optimizations that are often tailored to a particular class of problems, and that differ significantly between solvers. As a result, one solver may solve a query quickly while another might be flummoxed completely. Predicting the performance of a given solver is difficult for users of SMT-driven applications, particularly when the problems they have to solve do not fall neatly into a well-understood category. In this paper, we propose an online algorithm selection framework for SMT called MedleySolver that predicts the relative performances of a set of SMT solvers on a given query, distributes time amongst the solvers, and deploys the solvers in sequence until a solution is obtained. We evaluate MedleySolver against the best available alternative, an offline learning technique, in terms of pure performance and practical usability for a typical SMT user. We find that with no prior training, MedleySolver solves 93.9% of the queries solved by the virtual best solver selector achieving 59.8% of the par-2 score of the most successful individual solver, which solves 87.3%. For comparison, the best available alternative takes longer to train than MedleySolver takes to solve our entire set of 2000 queries
Partitioning Strategies for Distributed SMT Solving
For many users of Satisfiability Modulo Theories (SMT) solvers, the solver's
performance is the main bottleneck in their application. One promising approach
for improving performance is to leverage the increasing availability of
parallel and cloud computing. However, despite many efforts, the best parallel
approach to date consists of running a portfolio of solvers, meaning that
performance is still limited by the best possible sequential performance. In
this paper, we revisit divide-and-conquer approaches to parallel SMT, in which
a challenging problem is partitioned into several subproblems. We introduce
several new partitioning strategies and evaluate their performance, both alone
as well as within portfolios, on a large set of difficult SMT benchmarks. We
show that hybrid portfolios that include our new strategies can significantly
outperform traditional portfolios for parallel SMT.Comment: Submitted to FMCAD 202
Sydr-Fuzz: Continuous Hybrid Fuzzing and Dynamic Analysis for Security Development Lifecycle
Nowadays automated dynamic analysis frameworks for continuous testing are in
high demand to ensure software safety and satisfy the security development
lifecycle~(SDL) requirements. The security bug hunting efficiency of
cutting-edge hybrid fuzzing techniques outperforms widely utilized
coverage-guided fuzzing. We propose an enhanced dynamic analysis pipeline to
leverage productivity of automated bug detection based on hybrid fuzzing. We
implement the proposed pipeline in the continuous fuzzing toolset Sydr-Fuzz
which is powered by hybrid fuzzing orchestrator, integrating our DSE tool Sydr
with libFuzzer and AFL++. Sydr-Fuzz also incorporates security predicate
checkers, crash triaging tool Casr, and utilities for corpus minimization and
coverage gathering. The benchmarking of our hybrid fuzzer against alternative
state-of-the-art solutions demonstrates its superiority over coverage-guided
fuzzers while remaining on the same level with advanced hybrid fuzzers.
Furthermore, we approve the relevance of our approach by discovering 85 new
real-world software flaws within the OSS-Sydr-Fuzz project. Finally, we open
Casr source code to the community to facilitate examination of the existing
crashes
Satisfiability Modulo Finite Fields
We study satisfiability modulo the theory of finite fields and
give a decision procedure for this theory. We implement our procedure
for prime fields inside the cvc5 SMT solver. Using this theory, we con-
struct SMT queries that encode translation validation for various zero
knowledge proof compilers applied to Boolean computations. We evalu-
ate our procedure on these benchmarks. Our experiments show that our
implementation is superior to previous approaches (which encode field
arithmetic using integers or bit-vectors)
Le jeu de tests VLSAT-3
This report presents VLSAT-3 (an acronym for "Very Large Boolean SATisfiability problems''), the third part of a benchmark suite to be used in scientific experiments and software competitions addressing SAT and SMT (Satisfiability Modulo Theories) solving issues. VLSAT-3 contains 1200 (600 satisfiable and 600 unsatisfiable) quantifier-free first-order logic formulas of increasing complexity, proposed in SMT-LIB format under a permissive Creative Commons license. More than 90% of these benchmarks have been used during the 16th International Satisfiability Modulo Theories Competition (SMT-COMP 2021).VLSAT-3 (acronyme anglais de "très grands problèmes de satisfaisabilité booléenne") est le troisième volet d'une suite de tests destinée aux expérimentations scientifiques et aux compétitions de logiciels pour la résolution de problèmes SAT et SMT (Satisfaisabilité Modulo des Théories). VLSAT-3 contient 1200 formules logiques (600 satisfaisables et 600 insatisfaisables) du premier ordre sans quantificateur, de complexité croissante, fournies en format SMT-LIB sous une licence Creative Commons permissive. Plus de 90% de ces tests ont été utilisés lors de la 16ème Compétition Internationale de Satisfaisabilité Modulo des Théories (SMT-COMP 2021)
The integration of multi-color taint-analysis with dynamic symbolic execution for Java web application security analysis
The view of IT security in today’s software development processes is changing. While IT
security used to be seen mainly as a risk that had to be managed during the operation
of IT systems, a class of security weaknesses is seen today as measurable quality aspects
of IT system implementations, e.g., the number of paths allowing SQL injection attacks.
Current trends, such as DevSecOps pipelines, therefore establish security testing in the
development process aiming to catch these security weaknesses before they make their
way into production systems. At the same time, the analysis works differently than in
functional testing, as security requirements are mostly universal and not project specific.
Further, they measure the quality of the source code and not the function of the system.
As a consequence, established testing strategies such as unit testing or integration testing
are not applicable for security testing. Instead, a new category of tools is required in
the software development process: IT security weakness analyzers. These tools scan
the source code for security weaknesses independent of the functional aspects of the
implementation. In general, such analyzers give stronger guarantees for the presence
or absence of security weaknesses than functional testing strategies. In this thesis, I
present a combination of dynamic symbolic execution and explicit dynamic multi-color
taint analysis for the security analysis of Java web applications. Explicit dynamic
taint analysis is an established monitoring technique that allows the precise detection of
security weaknesses along a single program execution path, if any are present. Multi-color
taint analysis implies that different properties defining diverse security weaknesses can
be expressed at the same time in different taint colors and are analyzed in parallel during
the execution of a program path. Each taint color analyzes its own security weakness
and taint propagation can be tailored in specific sanitization points for this color. The
downside of dynamic taint analysis is the single exploration of one path. Therefore, this
technique requires a path generator component as counterpart that ensures all relevant
paths are explored. Dynamic symbolic execution is appropriate here, as enumerating all
reachable execution paths in a program is its established strength. The Jaint framework
presented here combines these two techniques in a single tool. More specifically, the
thesis looks into SMT meta-solving, extending dynamic symbolic execution on Java
programs with string operations, and the configuration problem of multi-color taint
analysis in greater detail to enable Jaint for the analysis of Java web applications. The
evaluation demonstrates that the resulting framework is the best research tool on the
OWASP Benchmark. One of the two dynamic symbolic execution engines that I worked
on as part of the thesis has won gold in the Java track of SV-COMP 2022. The other
demonstrates that it is possible to lift the implementation design from a research specific
JVM to an industry grade JVM, paving the way for the future scaling of Jaint
On Boomerang Attacks on Quadratic Feistel Ciphers
The recent introduction of the Boomerang Connectivity Table (BCT) at Eurocrypt 2018 revived interest in boomerang cryptanalysis and in the need to correctly build boomerang distinguishers. Several important advances have been made on this matter, with in particular the study of the extension of the BCT theory to multiple rounds and to different types of ciphers.
In this paper, we pursue these investigations by studying the specific case of quadratic Feistel ciphers, motivated by the need to look at two particularly lightweight ciphers, KATAN and Simon. Our analysis shows that their light round function leads to an extreme case, as a one-round boomerang can only have a probability of 0 or 1. We identify six papers presenting boomerang analyses of KATAN or Simon and all use the naive approach to compute the distinguisher’s probability. We are able to prove that several results are theoretically incorrect and we run experiments to check the probability of the others. Many do not have the claimed probability: it fails distinguishing in some cases, but we also identify instances where the experimental probability turns out to be better than the claimed one.
To address this shortfall, we propose an SMT model taking into account the boomerang constraints. We present several experimentally-verified related-key distinguishers obtained with our new technique: on KATAN32 a 151-round boomerang and on Simon-32/64 a 17-round boomerang, a 19-round rotational-xor boomerang and a 15-round rotational-xor-differential boomerang.
Furthermore, we extend our 19-round distinguisher into a 25-round rotational-xor rectangle attack on Simon-32/64. To the best of our knowledge this attack reaches one more round than previously published results
Strong Optimistic Solving for Dynamic Symbolic Execution
Dynamic symbolic execution (DSE) is an effective method for automated program
testing and bug detection. It is increasing the code coverage by the complex
branches exploration during hybrid fuzzing. DSE tools invert the branches along
some execution path and help fuzzer examine previously unavailable program
parts. DSE often faces over- and underconstraint problems. The first one leads
to significant analysis complication while the second one causes inaccurate
symbolic execution.
We propose strong optimistic solving method that eliminates irrelevant path
predicate constraints for target branch inversion. We eliminate such symbolic
constraints that the target branch is not control dependent on. Moreover, we
separately handle symbolic branches that have nested control transfer
instructions that pass control beyond the parent branch scope, e.g. return,
goto, break, etc. We implement the proposed method in our dynamic symbolic
execution tool Sydr.
We evaluate the strong optimistic strategy, the optimistic strategy that
contains only the last constraint negation, and their combination. The results
show that the strategies combination helps increase either the code coverage or
the average number of correctly inverted branches per one minute. It is optimal
to apply both strategies together in contrast with other configurations