Formal Models and Verified Protocols for Group Messaging: Attacks and Proofs for IETF MLS

Group conversations are supported by most modern messaging applications, but the security guarantees they offer are significantly weaker than those for two-party protocols like Signal. The problem is that mechanisms that are efficient for two parties do not scale well to large dynamic groups where members may be regularly added and removed. Further, group messaging introduces subtle new security requirements that require new solutions. The IETF Messaging Layer Security (MLS) working group is standardizing a new asynchronous group messaging protocol that aims to achieve strong guarantees like forward secrecy and post-compromise security for large dynamic groups. In this paper, we define a formal framework for group messaging in the F language and use it to compare the security and performance of several candidate MLS protocols up to draft 7. We present a succinct, executable, formal specification and symbolic security proof for TreeKEMB, the group key establishment protocol in MLS draft 7. Our analysis finds new attacks and we propose verified fixes, which are now being incorporated into MLS. Ours is the first mechanically checked proof for MLS, and our analysis technique is of independent interest, since it accounts for groups of unbounded size, stateful recursive data structures, and fine-grained compromise

TreeSync: Authenticated Group Management for Messaging Layer Security

Messaging Layer Security (MLS), currently undergoing standardization at the IETF, is an asynchronous group messaging protocol that aims to be efficient for large dynamic groups, while providing strong guarantees like forward secrecy (FS) and post-compromise security (PCS). While prior work on MLS has extensively studied its group key establishment component (called TreeKEM), many flaws in early designs of MLS have stemmed from its group integrity and authentication mechanisms that are not as well-understood. In this work, we identify and formalize TreeSync: a sub-protocol of MLS that specifies the shared group state, defines group management operations, and ensures consistency, integrity, and authentication for the group state across all members. We present a precise, executable, machine-checked formal specification of TreeSync, and show how it can be composed with other components to implement the full MLS protocol. Our specification is written in F* and serves as a reference implementation of MLS; it passes the RFC test vectors and is interoperable with other MLS implementations. Using the DY* symbolic protocol analysis framework, we formalize and prove the integrity and authentication guarantees of TreeSync, under minimal security assumptions on the rest of MLS. Our analysis identifies a new attack and we propose several changes that have been incorporated in the latest MLS draft. Ours is the first testable, machine-checked, formal specification for MLS, and should be of interest to both developers and researchers interested in this upcoming standard

Formally Verified Cryptographic Web Applications in WebAssembly

International audienceAfter suffering decades of high-profile attacks, the need for formal verification of security-critical software has never been clearer. Verification-oriented programming languages like F * are now being used to build high-assurance cryptographic libraries and implementations of standard protocols like TLS. In this paper, we seek to apply these verification techniques to modern Web applications, like WhatsApp, that embed sophisticated custom cryptographic components. The problem is that these components are often implemented in JavaScript, a language that is both hostile to cryptographic code and hard to reason about. So we instead target WebAssembly, a new instruction set that is supported by all major JavaScript runtimes. We present a new toolchain that compiles Low * , a low-level subset of the F * programming language, into WebAssembly. Unlike other WebAssembly compilers like Emscripten, our compilation pipeline is focused on compactness and auditability: we formalize the full translation rules in the paper and implement it in a few thousand lines of OCaml. Using this toolchain, we present two case studies. First, we build WHACL * , a WebAssembly version of the existing, verified HACL * cryptographic library. Then, we present LibSignal*, a brand new, verified implementation of the Signal protocol in WebAssembly, that can be readily used by messaging applications like WhatsApp, Skype, and Signal

HACL * : A Verified Modern Cryptographic Library

International audienceHACL* is a verified portable C cryptographic library that implements modern cryptographic primitives such as the ChaCha20 and Salsa20 encryption algorithms, Poly1305 and HMAC message authentication, SHA-256 and SHA-512 hash functions, the Curve25519 elliptic curve, and Ed25519 signatures. HACL* is written in the F* programming language and then compiled to readable C code. The F* source code for each cryptographic primitive is verified for memory safety, mitigations against timing side-channels, and functional correctness with respect to a succinct high-level specification of the primitive derived from its published standard. The translation from F* to C preserves these properties and the generated C code can itself be compiled via the CompCert verified C compiler or mainstream compilers like GCC or CLANG. When compiled with GCC on 64-bit platforms, our primitives are as fast as the fastest pure C implementations in OpenSSL and Libsodium, significantly faster than the reference C code in TweetNaCl, and between 1.1x-5.7x slower than the fastest hand-optimized vectorized assembly code in SUPERCOP. HACL* implements the NaCl cryptographic API and can be used as a drop-in replacement for NaCl libraries like Libsodium and TweetNaCl. HACL * provides the cryptographic components for a new mandatory ciphersuite in TLS 1.3 and is being developed as the main cryptographic provider for the miTLS verified implementation. Primitives from HACL* are also being integrated within Mozilla's NSS cryptographic library. Our results show that writing fast, verified, and usable C cryptographic libraries is now practical

A Messy State of the Union: Taming the Composite State Machines of TLS

To appearInternational audienceImplementations of the Transport Layer Security (TLS) protocol must handle a variety of protocol versions and extensions, authentication modes, and key exchange methods. Confusingly, each combination may prescribe a different message sequence between the client and the server. We address the problem of designing a robust composite state machine that correctly multiplexes between these different protocol modes. We systematically test popular open-source TLS implementations for state machine bugs and discover several critical security vulnerabilities that have lain hidden in these libraries for years, and have now finally been patched due to our disclosures. Several of these vulnerabilities, including the recently publicized FREAK flaw, enable a network attacker to break into TLS connections between authenticated clients and servers. We argue that state machine bugs stem from incorrect compositions of individually correct state machines. We present the first verified implementation of a composite TLS state machine in C that can be embedded into OpenSSL and accounts for all its supported ciphersuites. Our attacks expose the need for the formal verifica- tion of core components in cryptographic protocol libraries; our implementation demonstrates that such mechanized proofs are within reach, even for mainstream TLS implementations

EverCrypt: A Fast, Verified, Cross-Platform Cryptographic Provider

We present EverCrypt: a comprehensive collection of verified, high-performance cryptographic functionalities available via a carefully designed API. The API provably supports agility (choosing between multiple algorithms for the same functionality) and multiplexing (choosing between multiple implementations of the same algorithm). Through abstraction and zero-cost generic programming, we show how agility can simplify verification without sacrificing performance, and we demonstrate how C and assembly can be composed and verified against shared specifications. We substantiate the effectiveness of these techniques with new verified implementations (including hashes, Curve25519, and AES-GCM) whose performance matches or exceeds the best unverified implementations. We validate the API design with two high-performance verified case studies built atop EverCrypt, resulting in line-rate performance for a secure network protocol and a Merkle-tree library, used in a production blockchain, that supports 2.7 million insertions/sec. Altogether, EverCrypt consists of over 124K verified lines of specs, code, and proofs, and it produces over 29K lines of C and 14K lines of assembly code

Vérification formelle de logiciels de sécurité à haute assurance en FStar: Application aux protocoles de communication et aux primitives cryptographiques

The security of the modern Internet relies on cryptographic protocols such as TLS or Signal. However, the design and implementations of these protocols can have serious bugs which break their expected security guarantees. In this thesis, we will describe a novel class of statemachine attacks on TLS implementations which was hidden for years. The discovery of these attacks resulted in updates to all major web browsers and TLS implementations, but there are many other vulnerabilities which remain to be discovered. The central question we ask in this thesis is whether it is possible to design and implement cryptographic protocols in a way that is provably secure. Following a long line prior work, we advocate the use of formal verification to build high-assurance cryptographic software that systematically prevents such attacks. Existing methodologies include the analysis of high-level protocol models and verification of their reference implementations. However, there is a significant gap between existing verified code and efficient implementations. In this work, we propose to close this gap by developing verified cryptographic software in F* and compiling it to C. We develop reusable verified libraries that can be used by any project to build cryptographic software. We present HACL*, the first formally verified library providing a large panel of modern and performant cryptographic primitives in C. HACL* provides implementations of primitives that are proven memory-safe, functionally correct with respect to a formal specification, and offer protection against timing side-channels. We leverage our experience with HACL* to design LibSignal*, a verified implementation of Signal in WebAssembly. We relate LibSignal* to a model written in ProVerif through a weak syntacticargument in order to show that our implementation inherits security from the symbolic proof. Finally, we present the first formally verified specification and security proof in the Dolev-Yao model of TreeKEM, a new Tree-based Group Key Agreement used as part of the Messaging Layer Security (MLS) protocol at the IETF. HACL* is currently used within Mozilla Firefox,at Microsoft and in many other products, and our work on MLS has been instrumental in the IETF documents which we are co-authoring.La sécurité de l'Internet moderne se fonde sur des protocoles cryptographiques tels que Transport Layer Security (TLS). Laconception et les implémentations de tels protocoles sont cependant complexes et peuvent présenter de sérieux bugs qui détruisent leurs garanties de sécurité. Dans cette thèse, nous commençons, par exemple, par décrire une nouvelle classe d'attaques qui est restée cachée dans les implémentations de TLS pendant des années. La découverte de ces attaques aengendré une mise à jour majeure des navigateurs Web et des implémentations de TLS. Il est, malheureusement, certain que d'autres vulnérabilités restent à découvrir dans ces implémentations. Nous poursuivons une longue ligne de travaux qui encouragent l'utilisation de la vérification formelle pour prévenir ces attaques. Les méthodologies existantes incluent les analyses de modèles de protocoles ou la vérification formelle d'implémentations de référence. Il reste cependant un large fossé entre le code vérifié existant et des implémentations performantes. Par ces travaux, nous proposons de réduire cet espace en développant des composants cryptographiques en F* et en les compilant vers du code C. Nous développonsdes bibliothèques vérifiées en F* qui peuvent être utilisables pour construire de nombreux composants logiciels pour la cryptographie. Nous présentons HACL*, la première bibliothèque cryptographique performante contenant un large panel de primitives vérifiées en C. HACL* fourni du code garantissant sureté mémoire, correction fonctionnelle vis-à-vis d'une spécification formelle et un degré de résistance contre certaines attaques par canaux auxiliaires. En utilisant l'expérience acquise pendant le développement de HACL*, nous avons conçu LibSignal*, une implémentation formellement vérifiée du protocole Signal écrite en F* et synthétisant du WebAssembly. Nous relions LibSignal* avec un modèle ProVerif de Signal à l'aide d'un argument syntaxique informel pour montrer que notre implementation hérite de la preuve de sécurité symbolique fournie par ProVerif. De plus, nous présentons une formalisation en F* d'un ensemble de de mécanismes d'établissement de clé basés sur une structure en arbre binaire que nous appelons des "Tree-based Group Key Agreement" (TGKA). Pourfinir, nous proposons la première formalisation du protocole de communication de groupe, sécurisé, Messaging Layer Security (MLS) développé à l'IETF. HACL* est actuellement utilisé dans de nombreux produits, y compris le navigateur Web Mozilla Firefox. Notre travail sur MLS a quant à lui été instrumental dans les travaux de l'IETF et nous participons activement à l'écriture du standard

Vérification formelle de logiciels de sécurité à haute assurance en FStar: Application aux protocoles de communication et aux primitives cryptographiques

The security of the modern Internet relies on cryptographic protocols such as TLS or Signal. However, the design and implementations of these protocols can have serious bugs which break their expected security guarantees. In this thesis, we will describe a novel class of statemachine attacks on TLS implementations which was hidden for years. The discovery of these attacks resulted in updates to all major web browsers and TLS implementations, but there are many other vulnerabilities which remain to be discovered. The central question we ask in this thesis is whether it is possible to design and implement cryptographic protocols in a way that is provably secure. Following a long line prior work, we advocate the use of formal verification to build high-assurance cryptographic software that systematically prevents such attacks. Existing methodologies include the analysis of high-level protocol models and verification of their reference implementations. However, there is a significant gap between existing verified code and efficient implementations. In this work, we propose to close this gap by developing verified cryptographic software in F* and compiling it to C. We develop reusable verified libraries that can be used by any project to build cryptographic software. We present HACL*, the first formally verified library providing a large panel of modern and performant cryptographic primitives in C. HACL* provides implementations of primitives that are proven memory-safe, functionally correct with respect to a formal specification, and offer protection against timing side-channels. We leverage our experience with HACL* to design LibSignal*, a verified implementation of Signal in WebAssembly. We relate LibSignal* to a model written in ProVerif through a weak syntacticargument in order to show that our implementation inherits security from the symbolic proof. Finally, we present the first formally verified specification and security proof in the Dolev-Yao model of TreeKEM, a new Tree-based Group Key Agreement used as part of the Messaging Layer Security (MLS) protocol at the IETF. HACL* is currently used within Mozilla Firefox,at Microsoft and in many other products, and our work on MLS has been instrumental in the IETF documents which we are co-authoring.La sécurité de l'Internet moderne se fonde sur des protocoles cryptographiques tels que Transport Layer Security (TLS). Laconception et les implémentations de tels protocoles sont cependant complexes et peuvent présenter de sérieux bugs qui détruisent leurs garanties de sécurité. Dans cette thèse, nous commençons, par exemple, par décrire une nouvelle classe d'attaques qui est restée cachée dans les implémentations de TLS pendant des années. La découverte de ces attaques aengendré une mise à jour majeure des navigateurs Web et des implémentations de TLS. Il est, malheureusement, certain que d'autres vulnérabilités restent à découvrir dans ces implémentations. Nous poursuivons une longue ligne de travaux qui encouragent l'utilisation de la vérification formelle pour prévenir ces attaques. Les méthodologies existantes incluent les analyses de modèles de protocoles ou la vérification formelle d'implémentations de référence. Il reste cependant un large fossé entre le code vérifié existant et des implémentations performantes. Par ces travaux, nous proposons de réduire cet espace en développant des composants cryptographiques en F* et en les compilant vers du code C. Nous développonsdes bibliothèques vérifiées en F* qui peuvent être utilisables pour construire de nombreux composants logiciels pour la cryptographie. Nous présentons HACL*, la première bibliothèque cryptographique performante contenant un large panel de primitives vérifiées en C. HACL* fourni du code garantissant sureté mémoire, correction fonctionnelle vis-à-vis d'une spécification formelle et un degré de résistance contre certaines attaques par canaux auxiliaires. En utilisant l'expérience acquise pendant le développement de HACL*, nous avons conçu LibSignal*, une implémentation formellement vérifiée du protocole Signal écrite en F* et synthétisant du WebAssembly. Nous relions LibSignal* avec un modèle ProVerif de Signal à l'aide d'un argument syntaxique informel pour montrer que notre implementation hérite de la preuve de sécurité symbolique fournie par ProVerif. De plus, nous présentons une formalisation en F* d'un ensemble de de mécanismes d'établissement de clé basés sur une structure en arbre binaire que nous appelons des "Tree-based Group Key Agreement" (TGKA). Pourfinir, nous proposons la première formalisation du protocole de communication de groupe, sécurisé, Messaging Layer Security (MLS) développé à l'IETF. HACL* est actuellement utilisé dans de nombreux produits, y compris le navigateur Web Mozilla Firefox. Notre travail sur MLS a quant à lui été instrumental dans les travaux de l'IETF et nous participons activement à l'écriture du standard

TreeSync: Authenticated Group Management for Messaging Layer Security

International audienceMessaging Layer Security (MLS), currently undergoing standardization at the IETF, is an asynchronous group messaging protocol that aims to be efficient for large dynamic groups, while providing strong guarantees like forward secrecy (FS) and post-compromise security (PCS). While prior work on MLS has extensively studied its group key establishment component (called TreeKEM), many flaws in early designs of MLS have stemmed from its group integrity and authentication mechanisms that are not as well-understood. In this work, we identify and formalize TreeSync: a sub-protocol of MLS that specifies the shared group state, defines group management operations, and ensures consistency, integrity, and authentication for the group state across all members.We present a precise, executable, machine-checked formal specification of TreeSync, and show how it can be composed with other components to implement the full MLS protocol. Our specification is written in F* and serves as a reference implementation of MLS; it passes the RFC test vectors and is interoperable with other MLS implementations. Using the DY* symbolic protocol analysis framework, we formalize and prove the integrity and authentication guarantees of TreeSync, under minimal security assumptions on the rest of MLS. Our analysis identifies a new attack and we propose several changes that have been incorporated in the latest MLS draft. Ours is the first testable, machine-checked, formal specification for MLS, and should be of interest to both developers and researchers interested in this upcoming standard