5,855 research outputs found
Formal Verification of Arithmetic Circuits by Function Extraction
The paper presents an algebraic approach to functional verification of gate-level, integer arithmetic circuits. It is based on extracting a unique bit-level polynomial function computed by the circuit directly from its gate-level implementation. The method can be used to verify the arithmetic function computed by the circuit against its known specification, or to extract an arithmetic function implemented by the circuit. Experiments were performed on arithmetic circuits synthesized and mapped onto standard cells using ABC system. The results demonstrate scalability of the method to large arithmetic circuits, such as multipliers, multiply-accumulate, and other elements of arithmetic datapaths with up to 512-bit operands and over 2 million gates. The results show that our approach wins over the state-of-the-art SAT/SMT solvers by several orders of magnitude of CPU time. The procedure has linear runtime and memory complexity, measured by the number of logic gates
Recommended from our members
Formal Analysis of Arithmetic Circuits using Computer Algebra - Verification, Abstraction and Reverse Engineering
Despite a considerable progress in verification and abstraction of random and control logic, advances in formal verification of arithmetic designs have been lagging. This can be attributed mostly to the difficulty in an efficient modeling of arithmetic circuits and datapaths without resorting to computationally expensive Boolean methods, such as Binary Decision Diagrams (BDDs) and Boolean Satisfiability (SAT), that require “bit blasting”, i.e., flattening the design to a bit-level netlist. Approaches that rely on computer algebra and Satisfiability Modulo Theories (SMT) methods are either too abstract to handle the bit-level nature of arithmetic designs or require solving computationally expensive decision or satisfiability problems. The work proposed in this thesis aims at overcoming the limitations of analyzing arithmetic circuits, specifically at the post-synthesized phase. It addresses the verification, abstraction and reverse engineering problems of arithmetic circuits at an algebraic level, treating an arithmetic circuit and its specification as a properly constructed algebraic system. The proposed technique solves these problems by function extraction, i.e., by deriving arithmetic function computed by the circuit from its low-level circuit implementation using computer algebraic rewriting technique. The proposed techniques work on large integer arithmetic circuits and finite field arithmetic circuits, up to 512-bit wide containing millions of logic gates
Computer-aided proofs for multiparty computation with active security
Secure multi-party computation (MPC) is a general cryptographic technique
that allows distrusting parties to compute a function of their individual
inputs, while only revealing the output of the function. It has found
applications in areas such as auctioning, email filtering, and secure
teleconference. Given its importance, it is crucial that the protocols are
specified and implemented correctly. In the programming language community it
has become good practice to use computer proof assistants to verify correctness
proofs. In the field of cryptography, EasyCrypt is the state of the art proof
assistant. It provides an embedded language for probabilistic programming,
together with a specialized logic, embedded into an ambient general purpose
higher-order logic. It allows us to conveniently express cryptographic
properties. EasyCrypt has been used successfully on many applications,
including public-key encryption, signatures, garbled circuits and differential
privacy. Here we show for the first time that it can also be used to prove
security of MPC against a malicious adversary. We formalize additive and
replicated secret sharing schemes and apply them to Maurer's MPC protocol for
secure addition and multiplication. Our method extends to general polynomial
functions. We follow the insights from EasyCrypt that security proofs can be
often be reduced to proofs about program equivalence, a topic that is well
understood in the verification of programming languages. In particular, we show
that in the passive case the non-interference-based definition is equivalent to
a standard game-based security definition. For the active case we provide a new
NI definition, which we call input independence
Modeling Algorithms in SystemC and ACL2
We describe the formal language MASC, based on a subset of SystemC and
intended for modeling algorithms to be implemented in hardware. By means of a
special-purpose parser, an algorithm coded in SystemC is converted to a MASC
model for the purpose of documentation, which in turn is translated to ACL2 for
formal verification. The parser also generates a SystemC variant that is
suitable as input to a high-level synthesis tool. As an illustration of this
methodology, we describe a proof of correctness of a simple 32-bit radix-4
multiplier.Comment: In Proceedings ACL2 2014, arXiv:1406.123
Formal Proofs for Nonlinear Optimization
We present a formally verified global optimization framework. Given a
semialgebraic or transcendental function and a compact semialgebraic domain
, we use the nonlinear maxplus template approximation algorithm to provide a
certified lower bound of over . This method allows to bound in a modular
way some of the constituents of by suprema of quadratic forms with a well
chosen curvature. Thus, we reduce the initial goal to a hierarchy of
semialgebraic optimization problems, solved by sums of squares relaxations. Our
implementation tool interleaves semialgebraic approximations with sums of
squares witnesses to form certificates. It is interfaced with Coq and thus
benefits from the trusted arithmetic available inside the proof assistant. This
feature is used to produce, from the certificates, both valid underestimators
and lower bounds for each approximated constituent. The application range for
such a tool is widespread; for instance Hales' proof of Kepler's conjecture
yields thousands of multivariate transcendental inequalities. We illustrate the
performance of our formal framework on some of these inequalities as well as on
examples from the global optimization literature.Comment: 24 pages, 2 figures, 3 table
- …